About
Security Analyst with hands-on experience in threat hunting, detection engineering, and large-scale signal analysis across enterprise, production, and cloud environments. Investigates high-volume telemetry (500+ daily alerts, 3K+ monthly incidents) using SQL, KQL, and Python automation. Strong background in malware analysis, IOC enrichment, and MITRE ATT&CK driven investigations, with a focus on reducing analyst toil and improving detection fidelity.
Skills & Expertise (20)
Work Experience
Security Analyst
Brillio
12-2024 - Present
• Analyze aggregated security signals across firewall, DNS, proxy, endpoint, and authentication telemetry, triaging ∼500 daily SIEM alerts. • Investigate incidents using SQL/KQL to validate detection hypotheses, perform long-tail analysis, and correlate activity across large datasets. • Conduct malware and indicator analysis identifying C2 beaconing, lateral movement, and credential abuse mapped to ATT&CK techniques (T1071.001, T1110). • Perform proactive threat hunting using anomaly-based and TTP-driven hypotheses; generate investigation timelines and evidence chains. • Develop Python automation for IOC extraction, OSINT enrichment (VirusTotal, AbuseIPDB), and log normalization, reducing manual investigation time by ∼65%. • Tune detection logic and reduce false positives to improve signal quality and analyst efficiency. • Lead response and closure of low-severity incidents, ensuring accurate classification and audit-ready documentation.
Security Analyst
Brillio
11-2025 - Present
Analyze aggregated security signals across firewall, DNS, proxy, endpoint, and authentication telemetry, triaging 500 daily SIEM alerts. Investigate incidents using SQL/KQL to validate detection hypotheses, perform long-tail analysis, and correlate activity across large datasets. Conduct malware and indicator analysis identifying C2 beaconing, lateral movement, and credential abuse mapped to ATT&CK techniques (T1071.001, T1110). Perform proactive threat hunting using anomaly-based and TTP-driven hypotheses; generate investigation timelines and evidence chains. Develop Python automation for IOC extraction, OSINT enrichment (VirusTotal, AbuseIPDB), and log normalization, reducing manual investigation time by 65%. Tune detection logic and reduce false positives to improve signal quality and analyst efficiency. Lead response and closure of low-severity incidents, ensuring accurate classification and audit-ready documentation.
Education
Bachelor of Engineering
2020 - 2024 · India
B.E. Computer Science
2020 - 2024 · India
Certifications
ServiceNow Certified System Administrator (CSA)
ServiceNow · 2025
Certified Admin
ServiceNow Certified System Administrator (CSA)
ServiceNow · 2025
Certified Admin
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Current Company
Other
Relocation
Open to Relocation
