Bhupender singh Rawat

DevOps Engineer

Noida, Uttar Pradesh, India14 yrs 7 mos experience

Key Highlights

Over 13 years of cybersecurity expertise.
Led teams in incident response and threat hunting.
Passionate mentor for aspiring cybersecurity professionals.

Stackforce AI infers this person is a Cybersecurity expert with extensive experience in risk management and cloud security.

Contact

Skills

Core Skills

Security Information And Event Management (siem)Threat DetectionCloud SecurityNetwork Security Implementation

Other Skills

Azure SentinelCheckpointEDRFirewallsISO 27001IT OperationsIT Service ManagementITILInformation TechnologyLinuxMicrosoft 365 DefenderMicrosoft AzureNetwitnessNetwork SecurityRSA Security

About

Cybersecurity is not just my profession—it's my mission. With over 13 years of cybersecurity, risk management, and cloud security expertise, I have helped organizations strengthen their defenses, drive innovation, and proactively mitigate risks. Strategic Cyber Leader → I have led SOC teams of 20+ analysts, driving incident response, threat hunting, and security automation Cloud & Zero Trust Security → I design and implement Zero Trust architectures, SIEM frameworks (Sentinel, Defender, Splunk), and compliance-driven security policies (NIST, ISO 27001, SOC 2). Cybersecurity Evangelist & Mentor → Passionate about mentoring aspiring cybersecurity professionals, sharing knowledge, and enabling businesses to align security strategies with growth.

Experience

Nagarro

Associate Principal Engineer

Jun 2025 – Present · 9 mos · Gurugram, Haryana, India · Remote

Druvstar

Technical Lead

Dec 2023 – Jun 2025 · 1 yr 6 mos · Noida, Uttar Pradesh, India · Remote

Leading a 20+ member cybersecurity team, driving incident response, threat hunting, and security automation with tools like Microsoft Defender, Azure Sentinel, Sentinel One, and RSA Net Witness.
Optimizing security monitoring and threat detection by configuring and managing Azure Sentinel connectors, workbooks, playbooks, and KQL queries for threat detection, and incident response.
Integrated Microsoft Defender for Endpoint, Office 365, Identity, Cloud Apps with Azure Sentinel for centralized threat response, with automated remediation.
Designing and implementing SIEM dashboards on Splunk, Azure Sentinel, Netwitness to provide real-time monitoring, incident tracking, reduce manual effort, and improve operational efficiency.
Leveraging External threat intelligence feeds such as MISP, ThreatConnect, and FireEye to enhance Threat Hunting accuracy and proactive defence strategies.
Developing and fine-tuning SIEM detection logic and refining analytics rules and correlation strategies to minimize false positives, enhance threat detection and improve response efficiency.
Driving continuous security improvements by reviewing and optimizing analytics rules, playbooks, and workbooks quarterly, boosting SOC performance by 15%.
Automated high-fidelity alert containment using Azure Logic Apps, reducing response time by 30%.

Threat DetectionVulnerability ManagementSecurity Information and Event Management (SIEM)Microsoft 365 DefenderAzure SentinelRSA Security+2

Ontinue, the mdr division of open systems

Cyber security advisor

Sep 2021 – Oct 2023 · 2 yrs 1 mo · Noida, Uttar Pradesh, India · Remote

Led the onboarding process for 20+ customers in the Microsoft security suite, ensuring seamless integration and optimized security configurations.
Collaborated with the SOC team to improve SIEM detection logic, refining correlation rules and use cases, resulted in a 20% reduction in false positives.
Conducted proactive threat hunting and leveraged threat intelligence feeds, identifying and mitigating emerging vulnerabilities and risks.
Prepared and presented SOC metrics, risk assessments, and compliance reports to stakeholders, driving a 20% improvement in risk mitigation strategies

ISO 27001EDRCloud SecurityMicrosoft AzureMicrosoft 365 DefenderSecurity Information and Event Management (SIEM)+1

Bt

2 roles

Security Operations Specialist

Promoted

Sep 2018 – Sep 2021 · 3 yrs · Gurugram, Haryana, India · On-site

Managed security solutions, deploying and monitoring firewalls and proxy (Checkpoint, Palo Alto, Cisco ASA, Zscaler) for global network security.
Conducted root cause analysis for security incidents and recommended risk mitigation measures.
Monitored customer network traffic and logs from various sources (e.g., firewalls, IDS/IPS, cloud platforms) to detect and mitigate potential threats.

SecurityNetwork Security ImplementationCheckpointFirewallsVirtual Private Network (VPN)proxy

Network Security Specialist

Apr 2016 – Oct 2016 · 6 mos · Gurgaon, Haryana, India

Compucom

Information Security Engineer

Oct 2016 – Sep 2018 · 1 yr 11 mos · Pune, Maharashtra, India · On-site

Designing and implementing SIEM dashboards on Splunk, Azure Sentinel, and Netwitness to provide real-time monitoring, and incident tracking, reduce manual effort, and improve operational efficiency.
Leveraging External threat intelligence feeds such as MISP, ThreatConnect, and FireEye to enhance threat-hunting accuracy and proactive defence strategies.

SecurityInformation TechnologyThreat Detection