Jul 2024 – Sep 2024 · 2 mos · Dublin, County Dublin, Ireland

• As a University Teaching Assistant at TU Dublin, I provided dedicated guidance and tutoring support to undergraduate engineering students enrolled in Information Security modules. My responsibilities encompassed:
• Student Support:
• One-on-one tutoring sessions: Provided personalized support to students, addressing their individual learning needs and strengthening their understanding of complex information security concepts.
• Facilitated practical Lab exercises and problem-solving sessions: Guided students through hands-on Lab activities, enabling them to apply theoretical knowledge to real-world scenarios.
• Offered constructive feedback on Continous Assessments (CA): Helped students improve their critical thinking, technical writing, and problem-solving skills in the context of information security.
• Developed and delivered recorded video lectures on specific topics within the Information Security module, providing structured lecture content for the TU Dublin Computing Learning Centre enabling students with a valuable resource for independent learning and revision.

Feb 2024 – Mar 2024 · 1 mo · Remote

• Web Application Security | Vulnerability Assessment
• HTML Injection
• Clickjacking
• Cross-site scripting (XSS)
• Insecure Direct Object Reference (IDOR)
• Client Side Request Forgery (CSRF)
• Server Side Request Forgery (SSRF)

Jul 2022 – Aug 2023 · 1 yr 1 mo

• ➢ For the PwC annual threat intelligence report, created a detailed threat landscape analysis specific to the Canada region as part of PwC's CaaS Cyber Threat Intelligence team, providing intelligence to inform and enhance the threat detection process for multiple clients in critical infrastructure sectors including Railways, Energy, Agriculture, and Insurance.
• ➢ Researched adversary techniques, tactics, and procedures(TTPs) and mapped them to MITRE ATT&CK framework with threat intelligence tools to enhance efficiency in understanding potential cyber threats.
• ➢ Formulated comprehensive threat profiles of various threat actor groups including nation-state APTs, hacktivists, and ransomware groups to understand potential attack vectors and their specific attack chains. These threat profiles were used to correlate the threat entities (threat groups, malware families) and events (threat campaigns) to identify the priority level of the threats.
• While leading CTI team on client engagements,
• ➢ Threat Hunting to support technical analysis of a potential breach situation for clients (or their third-party vendors).
• ➢ Investigating DDoS attack attempts against our Canadian clients (critical Canadian organizations) and successfully attributing the targeted attack to a nation-state cybercriminal group during the Russia-Ukraine geopolitical conflict.
• ➢ Analysing various dark web records including Credit/Debit card details and Compromised credentials.
• ➢ Analysing Data Breaches and Marketplace events.
• ➢ Brand monitoring and domain takedown assistance.
• ➢ Evaluating risk in the client's internal application via tracking emerging vulnerabilities and alerting customers accordingly.
• ➢ Creating various threat intelligence advisories and reports on emerging threats with actionable intelligence (Attack chain analysis, MITRE ATT&CK and D3FEND TTP mapping, Security recommendations, YARA rules, and Indicators of compromise (IoCs)).

Sep 2021 – Jul 2022 · 10 mos

• ➢ I was a part of some highly confidential engagements, performed Security Monitoring, delivered quality work and received appreciations from the client and on-shore teams for detecting some critical exploitation attempts
• ➢ Involved in Threat Research, OSINT gathering, Intelligence Analysis
• ➢ Mentored interns/new hires at the firm and helped provide KT to them in my areas of expertise

Mar 2021 – Jun 2021 · 3 mos · Bangalore Urban, Karnataka, India

• During the course of internship, I have worked on
• ➢ Threat modeling with Microsoft's STRIDE framework
• ➢ Attack surface analysis
• ➢ API security
• ➢ DB security
• ➢ Implementing TLS1.2 for remote APIs

Apr 2020 – Jun 2020 · 2 mos · Remote

• During the course of internship, I was engaged in
• ➢ Phishing Attack Analysis
• ➢ Steganography