HEMANT KUNDRA — Security Engineer

Driving Cyber Resilience Through Advanced Security Operations | SOC Analyst | SIEM | SOAR | XDR | Threat Intelligence Cybersecurity professional with 5+ years of experience in Security Operations Center (SOC) environments, specializing in cloud and on-premises security for global enterprises. Proven expertise in SIEM, SOAR, XDR, EDR, NDR, and threat intelligence platforms, delivering proactive threat detection, incident response, and security automation. Core Strengths & Keywords for Recruiters: SIEM Platforms:- Azure Sentinel, IBM QRadar, ArcSight, LogRhythm, Devo SIEM SOAR Automation:- Google Chronicle SOAR, Devo SOAR XDR & EDR:- Microsoft Defender XDR (MDE 365, MDE for Cloud), SentinelOne, CrowdStrike Falcon NDR & Email Security:- Darktrace, Proofpoint, KnowBe4 Incident Response & Threat Hunting:- MITRE ATT&CK, malware analysis, phishing detection Scripting & Automation:- PowerShell, Bash, VBS for alert tuning and false positive reduction Zero Trust & Endpoint Security:- Zscaler, Intune, GYTPOL, Microsoft 365 Defender Access Management:- Active Directory, Azure AD, ServiceNow, Opsgenie, JIRA I excel in purple team exercises, attack simulations, vulnerability management, and policy hardening to strengthen enterprise security posture. Certified in CompTIA Security+, CEH v13, SC-200, AZ-500, and other Microsoft security credentials. Passionate about safeguarding digital ecosystems against evolving threats and leveraging automation to enhance SOC efficiency. Let’s connect to collaborate on innovative cybersecurity solutions.

Stackforce AI infers this person is a Cybersecurity professional specializing in Security Operations and Threat Intelligence.

Location: North Delhi, Delhi, India

Experience: 2 yrs 2 mos

Skills

Endpoint Security
Vulnerability Management
Threat Detection
Incident Response

Career Highlights

5+ years of experience in cybersecurity.
Expertise in SIEM, SOAR, and threat intelligence.
Certified in multiple security credentials.

Work Experience

GSPANN Technologies, Inc

Security Engineer L2 (10 mos)

HCLTech

SOC engineer L2 (3 yrs 9 mos)

Adhunik Automation India

Help Desk Support Engineer (1 yr 4 mos)

Education

Postgraduate Degree at Indira Gandhi National Open University (IGNOU)

Master of Business Administration at Institute of Management Technology, Ghaziabad

Bachelor of Technology at Guru Gobind Singh Indraprastha University (GGSIPU), Delhi

12 th HSC at Central Board of Secondary Education

10 th SSC at Central Board of Secondary Education

HEMANT KUNDRA

Security Engineer

North Delhi, Delhi, India2 yrs 2 mos experience

Key Highlights

5+ years of experience in cybersecurity.
Expertise in SIEM, SOAR, and threat intelligence.
Certified in multiple security credentials.

Stackforce AI infers this person is a Cybersecurity professional specializing in Security Operations and Threat Intelligence.

Contact

Skills

Core Skills

Endpoint SecurityVulnerability ManagementThreat DetectionIncident Response

Other Skills

Microsoft Defender for EndpointGYTPOLSafeBreachQualysM365Azure SentinelCEHAzure ADGoogle SecOpsDevo SOARSentinelOneDarktraceProofpointKnowBe4QRadar

About

Experience

2 yrs 2 mos

Total Experience

1 yr 3 mos

Average Tenure

10 mos

Current Experience

Gspann technologies, inc

Security Engineer L2

Jun 2025 – Present · 10 mos · Gurugram, Haryana, India · On-site

L2 Security Engineer | Endpoint Security | Vulnerability Management | Threat Hunting
As an L2 Security Engineer, I’ve managed security operations for enterprise clients, including high-priority government accounts, ensuring robust protection and compliance. My role spans client management, endpoint security, vulnerability remediation, and incident response, leveraging cutting-edge tools and frameworks.
✅ Client Management & Operations: Led strategic security reviews, validated L1 reports, and improved endpoint visibility across enterprise infrastructure.
✅ Endpoint Security & Policy Management: Implemented onboarding and hardening processes using Microsoft Intune, GYTPOL, and Microsoft Defender for Endpoint, aligning policies for privileged assets.
✅ Vulnerability Management & Attack Simulation: Conducted proactive attack simulations via SafeBreach BAS, analyzed Qualys reports, and delivered actionable remediation strategies to stakeholders.
✅ Threat Hunting & Incident Response: Utilized SentinelOne EDR for alert validation, deep visibility queries, malware investigations, and RCA. Executed containment actions and tuned detection rules to reduce false positives.
✅ Leadership & BOT Transition: Directed knowledge transfer sessions, designed L1 task frameworks, and optimized workflows for operational excellence.
Key Skills: Microsoft Defender for Endpoint | GYTPOL | SafeBreach | Qualys | M365 | Azure Sentinel | CEH
Passionate about strengthening enterprise security posture through proactive defense, policy alignment, and continuous improvement. Always eager to collaborate on innovative security solutions and share insights with the community.

Microsoft Defender for EndpointGYTPOLSafeBreachQualysM365Azure Sentinel+3

Hcltech

SOC engineer L2

Jul 2021 – Apr 2025 · 3 yrs 9 mos · Noida, Uttar Pradesh, India · Hybrid

Cybersecurity Professional | SOC Analyst L2 | Threat Detection & Response
I am a dedicated Security Analyst with hands-on experience in safeguarding digital ecosystems and strengthening enterprise security posture. Over the past 3+ years, I’ve operated in 24x7 Global SOC environments, delivering proactive monitoring, incident response, and vulnerability management for diverse clients.
Current Role (Jan 2022 – Apr 2025):
As part of an MSSP G-SOC, I specialize in alert analysis and incident response using advanced tools:
SIEM: Azure Sentinel, QRadar
SOAR: Google SecOps (formerly Chronicle), Devo SOAR
EDR/XDR: SentinelOne, Microsoft Defender for Endpoint (MDE 365 & Cloud)
NDR: Darktrace (Network & Email)
Phishing Analysis: Proofpoint, KnowBe4, MDE O365
Key responsibilities include:
✔ Crafting advisories, ASRs, and daily security reports
✔ Performing purple team exercises and audits of alerts/incidents
✔ Analyzing phishing emails and malware sandboxing reports
✔ Fine-tuning detection rules and managing closure handovers
✔ Coordinating with AD/Azure AD, ServiceNow, Opsgenie, and JIRA for access and incident workflows
Focused on SOC Knowledge Transfer, mastering MITRE ATT&CK, CVE analysis, playbook workflows, and threat intelligence. Gained expertise in alert analytics, watchlists, and attack scenario simulations.
Internship (Jul 2021 – Jan 2022):-
Completed IT fundamentals training and KT sessions on Linux, SIEM, SOAR, AD, Azure AD, and Microsoft 365 tools. Maintained SOPs and best practices for secure operations.
Core Strengths: Threat Hunting | Incident Response | SIEM/SOAR | Endpoint Security | Vulnerability Management | Phishing Analysis
Passionate about fortifying cyber defenses and driving continuous improvement in security operations. Let’s connect to share insights and explore collaboration opportunities!