You can connect with me on:
Security Engineer with 1+ years of specialized experience in Cloud Security Architecture, Application Security(Web, API, and Mobile), Security Operations Engineering, and Penetration Testing within MSSP environments. Google Cloud Professional Architect certified with proven expertise in securing multi-cloud infrastructures (GCP/AWS), engineering SIEM solutions, conducting vulnerability assessments, and implementing security controls across multiple client environments in Banking, Fintech, Oil & Gas, Solar & Energy, and EdTech sectors. Skilled in building automation tools and detection rules that streamline security operations and enhance organizational security posture.
Over the last six years, I have worked in IT, building various web applications to solve real-world problems in sectors such as Education Technology (EdTech), eCommerce, Real Estate, multi-vendor solutions, and Human Resource applications. I enjoy creating solutions that work and help both the business and the customers they serve. Time management is crucial to me, and I ensure all projects are delivered within the agreed timeframe. In the summer of 2024, I began transitioning into cybersecurity with the Google Cybersecurity Certificate program, building on my IT experience. Since then, I have worked on different projects and earned a couple of certificates that make me stand out.
Here are key skills I've developed, showcased through projects I've worked on.
| Skill | Project Link |
|---|---|
| Incident Handling and Reporting | Phishing Incident Response and Alert Ticketing |
| Conducting Security Audit | Controls and Compliance Checklist |
| Incident Report Analysis | Incident Report Analysis |
| Linux File Permissions | File Permissions in Linux |
| SQL Query Optimization and Filtering | Apply Filters to SQL Queries |
| Python Programming and Automation | Algorithm for File Updates in Python |
| SOC Incident Analysis and Response | SOC Hands-On Project - LAB 1 & LAB 2 |
| Malware Analysis and Response | SOC Hands-On Project - LAB 1, Scenario 6 |
| Reverse Shell Detection and Analysis | SOC Hands-On Project - LAB 1, Scenario 9 |
| Data Breach Notification Handling | SOC Hands-On Project - LAB 2, Exercise 1 |
| Phishing Email Response | SOC Hands-On Project - LAB 2, Exercise 2 |
| Ransomware Incident Management | SOC Hands-On Project - LAB 2, Exercise 4 |
| IAM (Identity and Access Management) | IAM |
Here are some of the tools I'm proficient with: I focus on understanding the underlying technologies, which allows me to quickly adapt to new tools and platforms rather than being limited to a specific vendor or solution.
Here are the certifications I've earned, reflecting my commitment to advancing my expertise and staying current in the cybersecurity field.
- Enterprise Identity Management: Implementing SSO for Google Workspace with JumpCloud IdP for Centralized Authentication
- Microsoft 365 to Google Workspace Migration: Complete Email and SharePoint File Migration with Zero Data Loss
- Automated Enterprise Patch Management with Action1 and JumpCloud Integration for Proactive Vulnerability Remediation Achieving ~98% Reduction
- Network-Based Firewall using pfSense
- Simulation of Network Attack, Defense, and Incident Response
- Automated Phishing Campaign Setup with Gophish and Google Cloud (GCP)
- Endpoint Security Monitoring with Wazuh SIEM
- Configuring and Deploying SentinelOne for Enterprise Endpoint Protection
- Endpoint Security Monitoring: Integrating Wazuh SIEM with SentinelOne EDR for Windows Systems
- Deploying Keycloak for Identity and Access Management (IAM) for Wazuh
- AutoCTI: Automated Threat Intelligence Summarizer & Slack Notifier using article source, VirusTotal, AbuseIPDB and IDR
- Atlantis Setup in Docker with AWS Lightsail
- Leveraging SpiderFoot for Offensive and Defensive OSINT Operations
- Phishing Incident Response and Alert Ticketing
- Controls and Compliance Checklist
- Incident Report Analysis
- File Permissions in Linux
- Algorithm for File Updates in Python
- Apply Filters to SQL Queries
- Investigating Unauthorized Changes using Wazuh
- Investigating Suspected Command Execution using Wazuh
- Investigating Reconnaissance Activities using Wazuh
- Investigating Unauthorized Access Attempts using Wazuh
- External Attack Against a Webserver using Wazuh
- Malware Detection, Analysis, and Response using Joe Sandbox Cloud
- Researching Suspicious Historical Events using Wazuh
- Investigating Data Exfiltration Activity using Wireshark
- Detection and Analysis of Reverse Shell Traffic using Wireshark
- Exercise 1: Data Breach Notification by an External Party
- Exercise 2: Responding to a Phishing E-mail Storm
- Exercise 3: Client-Side Attack
- Exercise 4: Ransomware Defense and Ransom Payment Decision
- Exercise 5: Responding to a Missing Laptop Incident