Feb 2024 – Oct 2025 · 1 yr 8 mos · Bengaluru · On-site

• ● Managed SOC and maintained SIEM infrastructure for robust threat detection, log management, and continuous monitoring across SIEM, CrowdStrike EDR, Cisco Umbrella, MongoDB, Reblaze WAF, and Izoolabs, ensuring comprehensive technical risk management.
• ● Conducted extensive security assessments, including AppSec such as SAST, DAST, VAPT, and API Security testing, across key applications (Niyo Global, Niyo X, Niyo Bharat, and Niyo Money), identifying and mitigating Mobile App and Web App vulnerabilities to enhance security posture and compliance.
• ● Integrated Secure SDLC best practices into Bitbucket CI/CD pipelines, ensuring adherence to robust security principles across the development lifecycle. Conducted Source Code Reviews with SonarQube, implemented Snyk for Software Composition Analysis (SCA), and utilized Trivy and AWS ECR for effective container security scanning.
• ● Performed manual security code reviews for applications written in Java and Python, identifying security flaws such as insecure coding practices, improper authentication mechanisms, and vulnerabilities to common threats like SQL injection, XSS, and insecure deserialization.
• ● Administered AWS security configurations, utilizing services such as AWS Security Hub, GuardDuty, Secrets Manager, KMS, VPC Flow logs, CloudTrail, AWS Config, CloudWatch, and AWS WAF, to enhance cloud security, mitigate risks, and ensure regulatory compliance.
• ● Managed and optimized Reblaze WAF configurations, including traffic analysis, security rule tuning, false positive mitigation, and domain onboarding.

Aug 2023 – Dec 2023 · 4 mos · Bengaluru, Karnataka, India · Hybrid

• ● Creating and maintaining SIEM correlation rules and decoders.
• ● Conducted targeted searches for Indicators of Compromise (IOCs) using EDR tools like CrowdStrike.
• ● Performed log analysis and correlated security events using SIEM such as Wazuh, and created and maintained SIEM correlation rules and decoders.
• ● Monitored and analyzed threats and vulnerabilities within AWS environments using Amazon GuardDuty.
• ● Configured and integrated Cisco Meraki Firewall events across various regions into the SIEM, ensuring comprehensive visibility and management of network security events.
• ● Performed security assessments with PingSafe, identifying and prioritizing vulnerabilities in cloud infrastructure, automating remediation, and reducing false positives.

Sep 2021 – Aug 2023 · 1 yr 11 mos · Remote

• ● Analyzed security incidents across various computing environments, identifying root causes and aiding in mitigation strategy development.
• ● Managed the full lifecycle of security incidents, from identification and documentation to resolution and stakeholder follow-up.
• ● Researched emerging cyber threats, vulnerabilities, and attack techniques to enhance proactive threat management and incident preparedness.
• ● Conducted advanced security research, digital forensics, and threat hunting using industry-standard tools to address security weaknesses.
• ● Engaged in bug bounty programs, identifying and reporting vulnerabilities to strengthen system defenses and support the security community.

Sep 2021 – Jan 2022 · 4 mos · India

• ● Learned and utilized industry-standard digital forensics tools and techniques to extract, examine, and perform image acquisitions.

Jul 2021 – Jan 2022 · 6 mos · India

• ● Analyzes trending Modus Operandi of cyber-criminals.
• ● Performed hunting for malicious activity across digital assets.

Jun 2021 – Jul 2021 · 1 mo · India

• ● Researched several security incidents and instances of data breaches.
• ● Learned about emerging cyber threats, vulnerabilities, and attack techniques.