Who I am:I am a cybersecurity professional specializing in Digital Forensics, I----------- Response, Threat Hunting, and Malware Analysis, with hands-on expertise across a wide spectrum of security technologies and complex intrusion scenarios. Over the past several years, I have led and supported high-impact investigations across financial institutions, global enterprises, cloud environments, and critical infrastructure.
I also bring extensive experience in developing and reviewing i----------- response documentation, including IR playbooks, i----------- response plans (IRPs), standard operating procedures (SOPs), and security process workflows. I have facilitated and designed tabletop exercises for technical teams, helping organizations validate response capabilities, identify gaps, and strengthen operational readiness.
I am also a participant in bug bounty programs on HackerOne and YesWeHack, performing vulnerability discovery, exploitation analysis, and responsible disclosure.
What I do:
I----------- Response and Digital Forensics Highlights:
• Led end-to-end forensic analysis of a malware i-----------, isolating compromised endpoints, removing attacker persistence, and restoring secure business operations.• Identified leaked privileged credentials on the dark web, validated exposure, and enforced MFA policies with ongoing monitoring to prevent future account compromise.• Conducted threat actor mapping using OSINT pivots to identify threat actor command-and-control domains.• Uncovered unauthorized insider threat privileged account use by correlating Active Directory logs with endpoint artifacts and implemented RBAC controls and continuous monitoring.• Investigated an AWS S3 misconfiguration involving IAM role misuse, remediated permissions, enforced encryption, and deployed real-time monitoring policies.• Led response to a large-scale phishing/BEC campaign, conducting O365 forensics, removing attacker persistence, and implementing MFA and conditional access.• Analysed active exploitation of an unpatched vulnerability, confirmed privilege escalation, contained lateral movement, and led emergency patching and network segmentation.
Technical Expertise:I bring years of experience across:EDR/XDR:• Carbon Black• Cybereason• CounterTack• CrowdStrike• Rapid7• Tanium• MS Sentinel• Cortex XDR
SIEM Technologies:• Splunk• QRadar• LogRhythm• MS Sentinel• SumoLogic
Security Infrastructure and Network:Hands-on experience designing, operating, and investigating across:• IDS/IPS• WAF• DLP• Endpoint Detection & Response (EDR)• Linux-based security controls
Vulnerability Management and Pentest Tools:• Caido• Burpsuite• Qualys• Tenable
Cloud Technologies:• AWS• Azure
Other Technologies:• SecurityScoreCard
Has Experience Supporting Compliance:• SOC2• ISO27001• HIPAA• FedRAMP
