About Me
i’ve been interested in computers for much longer than i’ve been working with them. i love security and engineering, and i enjoy learning a lot about both those things.
What I Do
I optimize security monitoring platforms, translating raw intel into actionable use cases that cut through noise and catch real threats. My focus is on reducing critical incidents, improving MTTR, and engineering solutions that directly boost our security posture.
Threat Hunting
I develop custom hunting queries, hypothesis-driven methodologies, and analytical rules to uncover anomalous behaviors and persistent threats before they escalate.
EDR – IR Monitoring
I focus on rapid containment, root cause analysis, and orchestrating comprehensive incident response using advanced forensic techniques
NSM Monitoring & Tuning
I specialize in continuous Network Security Monitoring (NSM), encompassing IDS/IPS, to detect and analyze network-based threats in real-time. My expertise involves fine-tuning detection rules, minimizing false positives, and leveraging network telemetry for advanced threat hunting and incident validation.
Job Experience
2023- Till
Rakuten India
Senior Security Analyst
I specialized in developing and optimizing detection logic and hunting modules within Microsoft Sentinel (KQL, ADX) across a multi-platform security ecosystem. Serving as a production SME, I led troubleshooting and incident escalations, ensuring timely resolution and thorough root cause analysis. My work also included delivering detailed monthly reports and performing gap analysis to enhance overall security posture.
2023-2023
Atos/Eviden
Threat Hunting Analyst
Conducted targeted threat hunting across diverse data models including Firewall, Proxy, IDS, O365, and Okta, to identify and validate security anomalies.
2016-2023
Wipro
Security Analyst
Provided 24×7 SOC production support, leveraging QRadar SIEM for real-time monitoring and L1/L2 triage. Engineered and optimized detection rules to enhance SIEM alert fidelity and threat intelligence, while leading critical P1/P2 incident investigations and remediation via SOAR (Resilient) for rapid containment and root cause analysis