About me

About me

  • As a Cybersecurity Engineer, I specialize in protecting organizational assets and mitigating risks through advanced security methodologies and tools. With expertise in threat detection, incident response, digital forensics, and security monitoring, I work proactively to enhance security posture and ensure compliance with industry standards. My skill set includes Security Testing, Vulnerability Assessment, and Penetration Testing, with a focus on Web Application, API, and Network Security. I have a proven track record in identifying vulnerabilities, implementing robust defense strategies, and delivering actionable insights. Passionate about staying ahead of emerging threats, I continuously refine my skills to tackle the evolving challenges of the cybersecurity landscape.

Experience

  • Security Engineer

    Fusion Computing,    September 2023 - Present

    • Monitored network traffic using IDS/IPS systems (e.g., Suricata) to identify anomalies and coordinated threat containment with senior analysts.
    • Assisted in managing endpoint protection (Carbon Black, CrowdStrike), achieving 98% endpoint coverage across the organization.
    • Conducted in-depth malware analysis leveraging the MITRE ATT&CK framework to uncover adversarial tactics and techniques.
    • Participated in targeted training programs, reducing successful phishing attempts by 40%.
    • Conducted vulnerability assessments using Nessus, Qualys and Rapid7 InsightVM, addressing over 50 vulnerabilities within three months.
    • Supported the deployment and management of Docker containers for enhanced security tool integration.
    • Worked with various departments to align security initiatives with organizational objectives.

  • SOC Analyst

    ITCODE Infotech,    January 2021 - November 2022

    • Monitored and analysed security alerts from SIEM systems (e.g., Microsoft Sentinel, Qradar), achieving a 25% reduction in incident response times through timely threat identification.
    • Investigated and resolved phishing and malware incidents, reducing recurrence rates by 15% through root cause analysis and targeted remediation.
    • Conducted in-depth threat-hunting activities, uncovering five previously undetected network vulnerabilities, enhancing overall security posture.
    • Utilized tools like Volatility, FTK Imager, Autopsy, Velociraptor and Axiom to perform forensic analysis, identifying root causes and attack vectors in critical incidents.
    • Developed and refined detection rules, enhancing accuracy and reducing false positives by 30%, streamlining security operations.
    • Ensured optimal configuration and uptime for security platforms, supporting uninterrupted threat monitoring and response capabilities.
    • Delivered monthly incident metrics and trend analysis, providing actionable insights to guide strategic decision-making.

Certifications

  • CompTIA Security+ SY0-601
  • (ISC)² CC - Certified in Cybersecurity
  • The SecOps Group - Certified Appsec Practitioner (CAP)
  • TryHackMe SOC Level 1

Skills

  • Security Monitoring & Threat Detection: Proficient in SIEM solutions (QRadar, Microsoft Sentinel, Splunk, ELK/Elastic SIEM, Wazuh), EDR/XDR (CrowdStrike, Carbon Black), IDS/IPS (Snort) and SOAR solutions.
  • Incident Response & Digital Forensics: Skilled in incident investigation, malware analysis, memory forensics (Volatility), disk forensics (FTK Imager, Autopsy) and utilizing Velociraptor and Axiom for endpoint data collection, custom queries, and real-time incident response.
  • Vulnerability Management & Risk Assessment: Experience with vulnerability scanners (Nessus, Nikto, Qualys, Rapid7 InsightVM) and penetration testing tools. Familiar with OWASP Top 10 vulnerabilities, such as injection attacks, broken authentication, sensitive data exposure, and cross-site scripting (XSS).
  • Cloud & Network Security: Understanding of fundamental networking concepts including TCP/IP, DNS, DHCP, ARP, NAT, VLANs, and VPNs. Experience with firewall configurations, Zero Trust security, and network segmentation. Familiar with AWS and Azure security controls, IAM policies, and cloud security monitoring.
  • Authentication & Access Management: Experience with Active Directory (AD) management, least privilege enforcement, and identity governance.
  • Programming & Scripting Languages: C, C++, Java, JavaScript, Python, SQL (MySQL, SQLite), NoSQL (MongoDB), Bash, PowerShell.
  • Security Framworks: MITRE ATT&CK, ISO 27001, NIST, PCI-DSS, GDRP.
  • Additional Skills: Problem Solving, Critical Thinking, Data Structures & Algorithms (DSA), Effective Communication, Team Work, Time Management.
  • Continuous Learning & Community Engagement: Regularly participate in Capture the Flag (CTF) events, develop and publish technical write-ups for CTF tasks, and attend various cybersecurity meet-up events to stay updated on industry trends.

Education

  • Masters in Information Systems Security

    Concordia University, Montreal, Canada

  • Bachelor of Engineering in Information Technology

    L.D. College of Engineering, Ahmedabad, India

Projects

  • SIEM Home Lab with Elastic

    Project details

    • Established an Elastic environment on the Elastic Cloud platform.
    • Installed and configured Elastic Agent on a Linux VM to collect logs and forward them to the SIEM.
    • Simulated security events on a Kali Linux VM endpoint to test monitoring capabilities.
    • Developed queries within the Elastic SIEM to identify and analyze recorded security events.
    • Designed and implemented a custom dashboard in Elastic SIEM to visualize pertinent security event data.
    • Created custom security rules and configured alerts within Elastic SIEM to proactively notify stakeholders of critical security incidents, ensuring prompt response and mitigation.

  • Vulnerability Assessment with Tenable Nessus on Metasploitable

    • Conducted a vulnerability assessment using Tenable Nessus on a Metasploitable VM to identify potential security weaknesses.
    • Ran comprehensive Nessus scans to identify known vulnerabilities, including misconfigurations, missing security patches, and outdated software versions on the system, targeting common security flaws.
    • Analyzed the scan results to prioritize critical vulnerabilities and simulated exploits using various tools such as Metasplit, BurpSuite to evaluate impact.
    • Generated detailed vulnerability reports, documenting each identified issue, risk level, and specific remediation recommendations to mitigate security risks.

  • Docker container vulnerabilities and defense applications

    • Developed and implemented a comprehensive approach to identify, exploit, and mitigate Docker container vulnerabilities, focusing on security best practices and defense applications to enhance protection in containerized environments.

  • Wireless Network Security Assessment

    • Conducted a Wireless Network Security Assessment, performing attacks such as De-authentication attacks on WLAN, password recovery, DNS spoofing via Man-in-the-Middle (MITM) attacks, and the creation of Fake Access Points to evaluate vulnerabilities and improve network security measures.

Contact Details