Feb 2021 – Nov 2022 · 1 yr 9 mos · Bangalore Urban, Karnataka, India · Remote

• Designed and executed a comprehensive SOC training program, personally developing all training materials and reference guides to build a culture of continuous learning and team development.
• Engineered and implemented new operational playbooks for 24/7 shift operations, aligning the team's day-to-day activities with broader security objectives to ensure swift threat response.
• Led a project to build and scale the SOC's internal knowledge base, authoring detailed documentation and "how-to" guides that enhanced cross-team collaboration and standardized response procedures.
• Built and maintained dedicated testing environments from the ground up, used for validating and fine-tuning SIEM/EDR solutions and new security controls before deployment.
• Spearheaded proactive defense projects using purple and blue team methodologies, which involved designing, testing, and implementing new threat detection use cases.
• Developed and deployed intelligent alerting rules, custom dashboards, and automation scripts, which optimized key SOC workflows and measurably increased the accuracy and efficiency of our threat detection.
• Acted as the technical project lead in strategic client meetings, providing expert-level guidance on SIEM/EDR capabilities and cloud security hardening for AWS, Azure, and GCP.

Feb 2021 – Oct 2022 · 1 yr 8 mos · Bengaluru, Karnataka, India · Remote

• Managed 24/7 security surveillance, leveraging a diverse toolset (SIEM, EDR, network traffic analysis) to conduct deep forensic analysis of logs, alerts, and network traffic to investigate incidents and determine the root cause.
• Spearheaded proactive, intelligence-driven threat hunting initiatives for Indicators of Compromise (IOCs), applying advanced threat intelligence and research to identify and neutralize emerging threats before escalation.
• Integrated automation into security operations to streamline repetitive tasks, report generation, and alert rule creation, significantly boosting team productivity and improving incident response times.
• Led the development and continuous refinement of blue teaming strategies, fostering cross-functional collaboration to ensure effective and timely threat mitigation.

Sep 2018 – Feb 2021 · 2 yrs 5 mos · Bengaluru, Karnataka, India · On-site

• Served in a 24/7 Security Operations Center (SOC), analyzing security log data from diverse devices to ensure proactive threat detection and rapid incident response.
• Managed security escalations and led incident response efforts in high-pressure environments, applying in-depth knowledge of cyberattack methodologies, threat vectors, and risk management.
• Conducted thorough threat and vulnerability assessments, investigating undisclosed software/hardware vulnerabilities and delivering actionable advisories to stakeholders.
• Led the integration of standard and non-standard logs into the SIEM platform, optimizing its capabilities for enhanced threat detection.
• Utilized Windows, Linux, and Unix systems for troubleshooting, system hardening, and resolving security incidents.
• Proactively researched emerging security trends to inform strategic initiatives and enhance the organization's overall security posture.
• Technical Proficiencies:
• Security & Analysis: SIEM, HIPS/NIPS, UBEA, Web Security, AV, SSL, Packet Analysis
• ITSM & Networking: ServiceNow, Remedy, TCP/IP

Sep 2018 – Sep 2020 · 2 yrs · Bengaluru, Karnataka, India · On-site

• Managed Oracle and MS SQL Server database infrastructure, overseeing provisioning, backup monitoring, first-level troubleshooting, and cloning.
• Administered Control-M batch scheduling to ensure seamless orchestration and automation of workflows.
• Managed Unisys OS2200 and A-series Mainframe systems, including vendor collaboration, defining and monitoring jobs, and performance triage.
• Maintained comprehensive documentation for database and mainframe procedures to streamline team collaboration and knowledge sharing.