About
Highly skilled Cybersecurity Professional with a proven track record in securing enterprise systems, detecting and responding to complex threats, and ensuring robust compliance. Expertise spans SIEM, EDR, IAM, and cloud security, leveraging advanced tools and frameworks like MITRE ATT&CK and NIST CSF to drive significant improvements in security posture and operational efficiency. Adept at integrating security into CI/CD pipelines, automating threat detection, and leading compliance initiatives to protect critical assets.
Work
Lewisville, TX, US
→
Summary
Currently leading advanced security operations, conducting penetration testing, and fortifying application security across enterprise systems to ensure robust defense and compliance.
Highlights
Led comprehensive penetration testing, vulnerability scans, and secure code reviews utilizing Burp Suite, SAST, and DAST tools to proactively identify critical security flaws.
Partnered with development teams to remediate OWASP Top 10 issues, integrating robust security practices into CI/CD pipelines and authoring audit-ready policies for HIPAA, GDPR, and PCI DSS compliance.
Delivered company-wide security awareness training programs, significantly strengthening identity protection and mitigating insider threat defenses.
Enhanced threat visibility by integrating application security tools into SIEM dashboards and WAF monitoring, improving detection capabilities and response times.
Fremont, CA, US
→
Summary
Provided 24/7 SOC monitoring and incident response for healthcare IoT environments, enhancing threat detection, and automating security operations.
Highlights
Delivered 24/7 SOC monitoring leveraging SIEM (Splunk), EDR (CrowdStrike, Microsoft Defender ATP), and NSM solutions to detect, triage, and respond to threats in healthcare IoT environments.
Created custom SIEM dashboards and correlation rules, increasing visibility into anomalies and MITRE ATT&CK-mapped TTPs, proactively identifying APT operations.
Coordinated incident containment and remediation efforts across SOC, engineering, and compliance teams, and performed vulnerability scans (Nessus, Qualys) with risk-based alerting for critical flaws in connected CGM devices.
Automated alert enrichment using Python scripts and RegEx parsing, cutting false positives by 20% and improving MTTD/MTTR, while reducing phishing click rates by 15% through campaigns.
Woodcliff Lake, NJ, US
→
Summary
Conducted in-depth security analysis and simulated breach investigations, developing strategic recommendations for GRC, IAM, and Incident Response frameworks.
Highlights
Conducted risk analysis on the Target data breach, pinpointing strategic deficiencies and advising enhancements in GRC, IAM, and Incident Response frameworks, crafting NIST CSF-based security policies.
Achieved a 25% enhancement in threat detection indices through active threat-hunting and vulnerability management, executing Red Team-style engagements.
Utilized Splunk queries, RegEx patterns, and IOC lookups to investigate simulated breaches, mapping results to MITRE ATT&CK for comprehensive analysis.
Executed security audit exercises for simulated systems, capturing 90% of prospective security loopholes and delivering detailed documentation to stakeholders.
Bengaluru, Karnataka, India
→
Summary
Ensured the security and compliance of Cerner's EHR systems through rigorous testing, SME support, and process improvements, achieving significant reductions in system weaknesses.
Highlights
Conducted thorough security tests (Regression, Domain, Uptime, User Acceptance Testing) to certify Cerner's electronic health record (EHR) systems as secure, HIPAA compliant, and fully protected.
Troubleshot build issues and critical code vulnerabilities using SQL in Cerner's EHR systems, attaining a 98% build quality score through stringent security testing.
Provided go-live and post-deployment security support, resolving 90% of issues within the first 24 hours.
Achieved a 40% reduction in system weaknesses by enforcing patch and configuration management policies.
Bengaluru, Karnataka, India
→
Summary
Developed and optimized web applications, including a chatbot, integrating APIs, and performing comprehensive testing to enhance system performance and user experience.
Highlights
Designed and implemented a chatbot for the company website, integrating RESTful APIs to automate FAQs and support workflows, resulting in a 35% reduction in resolution time.
Performed end-to-end testing, including regression, unit, and user acceptance testing (UAT), ensuring stable releases and minimizing post-deployment issues.
Created comprehensive technical documentation for chatbot workflows, API endpoints, and UI components, facilitating future maintenance and onboarding.
Debugged and optimized web applications, resolving performance bottlenecks and reducing error rates across modules.
Education
Certificates
Skills
Technical Foundations
Linux, Python, MySQL, Cloud Computing, Agile, Git, Network Troubleshooting, TCP/IP, OSI Model, Terraform, CI/CD, REST APIs, PowerShell, SDLC.
Security Operations & Analysis
Kill Chain, CIA Triad, SIEM, Phishing Analysis, Access Control, TTPs, CVE, Network Security, XDR, Threat Detection, Patch Management, Application Security, Log Analysis, IAM, RBAC, Risk-Based Alerting, RegEx, VAPT, MDR, DFIR, Cloud Security, SOAR, SAST, DAST, DevSecOps.
Security Tools & Platforms
Splunk, Azure Sentinel, Wireshark, Nessus, CrowdStrike, Microsoft Defender, Jira, Nmap, AWS, Vanta, Burp Suite, Rapid7, Virus Total, Autopsy, FTK Imager, Volatility, SentinelOne, STIX/TAXII, OWASP ZAP, Veracode, Snyk, Wiz.
Compliance & Frameworks
NIST CSF, MITRE ATT&CK, OWASP Top 10, CVSS, STRIDE, HIPAA, GDPR, HITRUST, ISO27001, PCI DSS.