Experience & Education

Nearly two years of enterprise security operations in a SEBI- and RBI-regulated financial services environment — first owning Data Loss Prevention and Privileged Access Management operations, then moving into the CSIRT for SIEM monitoring, incident response, and threat hunting.

Master of Science in Cybersecurity

Lewis University · Romeoville, IL
Completed May 2026 · GPA 3.88
Relevant coursework: Governance & Compliance (HIPAA, NIST, ISO 27001), Network Forensics, Digital Forensics, Encryption & Authentication, Legal & Ethical Issues in Cybersecurity

Bachelor of Computer Applications

Vels University · Chennai, India
Completed May 2022 · GPA 8.04/10 · Graduated with Honors
Relevant coursework: Major in Information Security · Minor in Cloud Technology

Cyber Security Analyst — Monitoring & Incident Response (CSIRT)

Computer Age Management Services, Ltd. · Chennai, India
September 2023 – July 2024

SIEM Monitoring & Incident Response

  • Monitored and triaged security alerts in real time across QRadar SIEM, SentinelOne EDR, Darktrace NDR, FortiAnalyzer, McAfee IDS/IPS, and WAF — processing 150+ weekly events for severity, confidence, and business impact.
  • Investigated incidents across the full lifecycle (investigation, containment, eradication, recovery, post-incident review) — including malware execution, unauthorized access, anomalous data transfers, phishing, and lateral movement over RDP, SSH, and SMB.
  • Provided SIEM tuning recommendations that reduced false-positive alert volume by over 30% and improved MTTD/MTTR to a ~6-hour average for low/medium-severity events.

Threat Hunting, Playbooks & Threat Intelligence

  • Hunted proactively across EDR telemetry, SIEM alerts, and network traffic — identified Lenovo endpoints exposing unsecured wireless hotspots, mapped findings to MITRE ATT&CK, and drove an organization-wide GPO remediation.
  • Prepared and maintained incident response playbooks and runbooks covering malware, unauthorized access, phishing, lateral movement, and anomalous data transfers; participated in tabletop exercises (TTX).
  • Monitored threat intelligence from CERT-In, SEBI, and RBI advisories plus CloudSEK XVigil and VirusTotal, coordinating IOC distribution to security devices across the infrastructure.
  • Administered the SentinelOne EDR platform (USB device monitoring, allow/block lists, business-unit segmentation) and WAF (application onboarding, certificate management, log investigation for injection patterns).

Cyber Security Analyst — Security Operations (DLP & PAM)

Computer Age Management Services, Ltd. · Chennai, India
October 2022 – September 2023

Privileged Access Management (PAM) Operations

  • Owned CyberArk PAM operations organization-wide — 312 user licenses across the full access lifecycle: provisioning, session monitoring, MFA enforcement, keystroke logging, and de-provisioning — as part of a 3-member IAM team.
  • Led the CyberArk Centralized Password Manager (CPM) implementation end to end, from business case through production deployment, presenting outcomes to C-suite leadership (CISO, CTO, CCO, CPO).
  • Designed and deployed a load-balanced jump server architecture routing sessions by server utilization; onboarded additional PSM servers and integrated thick clients including PL/SQL and pgAdmin.
  • Automated stale privileged account removal (inactive 7+ days) with PowerShell to reduce attack surface and optimize licensing; automated security log migration to a dedicated NAS.

DLP Operations, Compliance & Governance

  • Overhauled Symantec DLP policy architecture — replaced broad business-unit groupings with granular sender/recipient profiles and strict transfer thresholds, closing gaps that had allowed unauthorized data movement to go undetected across email, USB, and network upload channels.
  • Led the SEBI compliance audit representing PAM and DLP functions across the full audit lifecycle — evidence gathering, control mapping, findings documentation, and presentation to C-suite leadership.
  • Achieved a 12-minute data center to disaster recovery (DC–DR) switchover with complete data replication — the fastest on record — validating continuity controls through live testing.
  • Processed daily security approvals (access requests, SFTP, firewall rule changes, shared folder permissions) and performed daily health checks across 24+ servers spanning primary DC, near-DR, and far-DR environments.
CompTIA Security+Certified Ethical Hacker (CEH)Cisco CCNAITIL 4 FoundationsIn progress: Splunk Core Certified Power User · SC-900 · SC-300 · SC-200

Formally recognized by the CISO with a certificate of appreciation for contributions to cybersecurity operations and the firm's security awareness program.

Earned recognition from C-suite leadership (CISO, CTO, CCO, CPO) for leading the SEBI compliance audit representing PAM and DLP functions.

Selected as one of 22 organization-wide ambassadors for the Great Place to Work initiative (May 2023 – July 2024).

TryHackMe Top 5% global ranking through ongoing hands-on offensive and defensive labs.

See the skills in practice — Homelab →