Bengaluru, Karnataka, India
Security Operations Engineer skilled in monitoring, detecting, and responding to threats. Proficient with SIEM, EDR, WAF, and cloud-native tools to monitor and secure cloud and enterprise environments. Experienced in investigating incidents and safeguarding AWS environments. Conducted threat-hunting based on open threat intelligence to ensure security across the organization. Collaborated with enterprise security, application security, IT, DevOps, and other teams to continuously strengthen the organization’s security posture.
Monitored and triaged security alerts across SIEM, XDR, WAF, Cloud, and Firewall using MITRE ATT&CK and log analysis (CloudTrail, VPC Flow, endpoint, network and application logs), ensuring timely resolution within SLAs. Optimized SIEM/XDR/WAF rules and built detections aligned to MITRE ATT&CK and emerging TTPs, improving real-time coverage, reducing false positives, and boosting analyst efficiency. Strengthened AWS cloud by protecting workloads against malware, data exfiltration, and unauthorized access. Conducted threat hunting via XDR and SIEM using behavioral and analytical indicators, enabling real-time detection and prevention of malicious activity. Managed DLP and email security controls to prevent data leakage, mitigate phishing campaigns, and reduce social engineering risks through driving proactive security awareness and policy enforcement. Collaborated with cross-functional teams to respond to incidents including DDoS, web attacks, malware infections, cryptominer botnets, brute-force compromises, phishing, and supply chain attacks, ensuring minimal to no impact. Played a key role in RCA, ICA, and PCA initiatives to strengthen security posture and prevent recurrence. Managed the health of the security stack, troubleshooting log ingestion failures and agent connectivity issues while maintaining alert accuracy and system uptime. Led the bug bounty program, identifying critical application vulnerabilities and coordinating with development teams to implement fixes and reduce risk. Researched emerging malware and adversary TTPs through threat intelligence feeds (CloudSek, Hacker News, BleepingComputer etc.), supporting proactive detection development and strengthening security posture across cloud and enterprise environments.
Researched, diagnosed, and troubleshoot Network, System and IT issues, collaborating with teams to resolve problems and ensure IT system functionality. Managed high-volume support tickets within SLA, exceeding productivity targets by upto 30%, and reduced recurring issues through effective triage and root-cause analysis, implementing permanent fixes, and documenting solutions to enable faster future resolution.