Skills & Expertise (4)
Work Experience
Associate Consultant
Ernst & Young (EY)
10-2025 - Present
Administered and optimized SIEM infrastructure (ELK Stack) and integrated TheHive for automated incident response, improving triage and escalation efficiency. Developed Python and PowerShell scripts for log correlation, alert enrichment, and automated reporting - reducing manual analysis effort by 40%. Executed Vulnerability Assessments and Penetration Testing (Web, API, Network) to identify high-risk vulnerabilities and supported mitigation with detailed reports. Performed forensic analysis and incident investigation on endpoint and network logs to identify potential compromise indicators. Enriched IOC data using OSINT sources (VT, AbuseIPDB) and ingested validated indicators into ELK/TheHive workflows. Developed IOC-based and behavior-based detections using Elasticsearch queries. Optimized index lifecycle management (ILM) for performance and cost efficiency. Automated CSV IOC ingestion and alert validation workflows. Monitored and analyzed security alerts from firewalls, endpoints, and servers, triaging and escalating incidents as per SOC playbooks. Conducted threat detection tuning using MITRE ATT&CK mapping to improve behavioral detection coverage across monitored environments.
Senior Analyst
Ernst & Young (EY)
07-2024 - 09-2025
Conducted web and network penetration testing following OWASP Top 10 and industry best practices. Identified and exploited vulnerabilities such as SQLi, XSS, CSRF, IDOR, misconfigurations. Performed manual and automated testing using tools like Burp Suite, Nmap, and scanners. Authored professional VAPT reports with severity ratings and technical proof-of-concepts. Designed and maintained ELK-based SIEM pipelines for ingesting logs from multiple sources. Built custom Logstash parsers and Grok patterns for structured security logs. Created Kibana dashboards and visualizations for SOC use cases and executive reporting. Managed SIEM operations across IT/OT environments, monitoring logs and alerts from endpoints, servers, and applications. Conducted deep log analysis to identify adversary behaviors such as persistence, lateral movement, brute-force attacks, and DNS tunneling. Detected credential access and lateral movement using Kerberos, NTLM, and abnormal authentication patterns. Built Python automation scripts to streamline IOC parsing, threat enrichment, and reporting workflows. Mapped MITRE ATT&CK techniques to detection logic to enhance SOC visibility and detection coverage. Provided threat intelligence support for incidents by correlating logs, IOCs, and TTPs with known threat groups. Utilized Bash scripting for crontab automation, system log management, and continuous monitoring tasks in hybrid Linux environments.
Cyber-Security Intern
Remote
04-2022 - 06-2022
Assisted in web and network penetration testing engagements under senior security analysts. Performed vulnerability assessments aligned with OWASP Top 10 and industry best practices. Conducted manual testing using Burp Suite and automated scanning. Assisted in network reconnaissance and enumeration using Nmap, Nessus and Metasploit.
Summer Intern
Ernst & Young (EY)
01-2024 - 07-2024
Supported SOC operations through log analysis, alert triage, and incident documentation. Assisted in VAPT and security testing of Web, API, and Android applications to identify security gaps. Solved PortSwigger Web Security Academy labs covering real-world web application vulnerabilities. Practiced manual exploitation techniques using Burp Suite (Proxy, Repeater, Intruder). Helped in SIEM use case development, aligning detection logic with MITRE ATT&CK techniques. Supported compliance-aligned detection use cases.
Education
Bachelor of Engineering
2020 - 2024 · India
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Current Company
Other
Visa Status
No Visa
Relocation
Open to Relocation
