A Bit About Me...

Cybersecurity professional with expertise in Elasticsearch SIEM, Logpoint SIEM, and Fortigate Firewall. Successfully reduced cyber threats, optimised security infrastructure, and led migration initiatives. Holder of MSC in Computer Forensics & Cybersecurity.

🔧 Technical Skills Link to heading

Security:
Elasticsearch SIEM LogPoint SIEM Defender EDR Wireshark PCAP Analysis Vulnerability Assessment and Penetration Testing(VAPT) BloodHound KQL Basic Network Monitoring & Analysis Scripting:
Python Basic Bash
Network:
TCP/IP OSI HTTP SSH DHCP Fortigate Firewall IDS/IPS Cisco Basic
Cloud:
AWS Azure Entra ID Microsoft 365
System Administration:
Windows IIS MSSQL Server Exchange Online Active Directory(AD) VMWare Ubuntu
Compliance:
ISO 27001 NIST PCI DSS Cyber Essential

💼 Experience Link to heading

SECURITY ENGINEER Link to heading

University of Winchester, UK | Apr 2024 - Present

  • Investigate and triage 100+ monthly alerts in Logpoint SIEM and Microsoft Defender XDR, improving threat detection and response accuracy.
  • Reduced false positives by 30% and improved response time by 40% by fine-tuning SIEM rules and developing 15+ SOAR playbooks.
  • Handled weekly phishing incidents, performing root cause analysis(RCA) and correlating data across email, SIEM, and endpoint logs.
  • Uploaded and enriched 200+ IOCs in OpenCTI, identifying and tracking malicious IPs, domains, and file hashes.
  • Conducted monthly BloodHound AD reviews, helping remediate 10+ privilege escalation paths and reduce attack surface.
  • Ran bi-weekly Tenable scans and coordinated patching to close 50+ vulnerabilities, enhancing internal and external security.
  • Collaborated with IT/network teams to block threats, update firewall policies, and enforce mitigation steps during active incidents.
  • Created use cases mapped to the MITRE ATT&CK framework and automated agent deployment across 100+ systems using Ansible.
  • Authored detailed documentation and monthly reports to track improvements in threat coverage and reduce organizational risk.

SOC ANALYST Link to heading

CyberTalos, India | Mar 2022 - Aug 2023

  • Proactively monitored and analysed security logs for clients, leveraging Microsoft Defender, ELK (SIEM), Grafana, and Zabbix to identify and mitigate potential threats. Achieved a 25% reduction in attacks on clients and 20% improvement in overall network infrastructure.
  • Collaborated on incident response efforts, demonstrating a keen understanding of the business and efficiently containing security incidents within the Virtual Private Cloud (VPC) environment.
  • Led successful migration initiatives, transitioning clients from on-premises infrastructure to CyberTalos’ cloud services. Resulted in a significant 50% cost reduction for infrastructure and security maintenance.
  • Provided valuable insights into tuning and optimising Security Information and Event Management (SIEM) rules tailored to VPC environments. Contributed to a 15% improvement in the efficiency of client’s security operations.

IT SYSTEM ADMINISTRATOR Link to heading

ECS Corporation, India | Oct 2021 - Mar 2022

  • Offering 1st and 2nd level IT support to a substantial customer base of 200+ clients, troubleshooting and resolving a wide range of technical problems, including Desktop PC, Server, Network, hardware, software, and application issues.
  • Demonstrated expertise Fortinet FortiGate and SonicWALL firewalls to ensure secure network operations, crafting comprehensive security policies, DOS policies, and managed access policies to safeguard against cyber threats and maintain network integrity.
  • Managed Citrix Xen and VMware ESXi virtualization environments, utilising PRTG, Nagios, and Cacti to gain comprehensive network visibility and maintain optimal performance, resulting in 50% cost reduction of client security expenses.

📜 Certifications Link to heading

CompTIA Security+ eJPTv2 AZ-900 AWS Cloud Foundations SC-200 (In Progress)

🚀 Projects Link to heading

IT Security Operations Lab (ELK + GNS3) Link to heading

  • Designed a small enterprise network to monitor 24x7 IT infrastructure and practice threat detection. Utilised GNS3 tool, ELK Stack, Ubuntu server to simulate small enterprise network.
  • Simulated 3 use cases: DOS attack prevented with Fortigate firewall, malware detected with ELK SIEM and endpoint protection, directory traversal attack detected on Apache using ELK SIEM.
  • Strengthened network security and incident response capabilities, enhancing overall cybersecurity posture.

Active Directory Automation Link to heading

  • Configured Windows Server 2019 as Domain Controller(DC) for nmunagar.com, implemented NAT services and DHCP for seamless communication in a VirtualBox Environment.
  • Created user accounts, groups, and organisational units for streamlined access control. Established an admin-privileged user and automated the creation of 1000 users using PowerShell scripting and Successfully integrated Windows client machines with the AD domain.

🎓 Education Link to heading

MSc Computer Forensics & Cybersecurity
University of Greenwich, London, UK | 2022-2023
Cybersecurity • Audit and Security • System administration & Security • Network Technology Design • Penetration Testing

B.Tech Computer Science
Ganpat University, India | 2017-2021

📄 Download PDF Resume