"I don't just detect threats — I document the thinking, map the adversary, and build the artifact that proves it."
I'm a cybersecurity analyst with hands-on experience across SOC operations, external attack surface management, and compliance frameworks. My work sits at the intersection of blue team operations and cyber risk — I'm equally comfortable triaging alerts in QRadar at 2am and writing an executive-level risk narrative for a CISO.
I'm currently targeting roles in Europe — particularly in EASM, threat intelligence, and GRC — and building a portfolio that reflects how EU security teams actually work.
- 🎓 B.Tech, Energy Engineering — North Eastern Hill University (2025)
- 📍 Currently based in India · Open to EU relocation / remote
- 📘 Published author on Amazon KDP: From Alert to Adversaries
- ✍️ Upcoming: Dark Signals: The Blue Team Chronicles
NorthBridge Logistics — EASM Engagement
A full passive OSINT-driven external attack surface assessment against a fictional European logistics company. Includes methodology, 10 findings (3 High), executive summary, threat actor profiles, MITRE ATT&CK mapping, and a remediation roadmap. Built to reflect real EASM consultancy output.
OSINT Shodan DMARC NIS2 MITRE ATT&CK Threat Intelligence Risk Register
Sigma Detection Rules Library (In progress)
20 production-ready Sigma rules covering ransomware precursors, lateral movement, credential dumping, and phishing delivery. Each rule includes MITRE ATT&CK mapping, false positive guidance, and tuning notes.
Sigma SIEM Detection Engineering MITRE ATT&CK QRadar Splunk Wazuh
SOC Incident Response Playbooks (In progress)
Structured IR playbooks for BEC, ransomware, credential stuffing, and phishing — built around NIST 800-61 and real SOC workflow patterns.
Incident Response Playbooks NIST 800-61 SOC
NIS2 Gap Assessment (In progress)
Article 21 compliance gap analysis mapped to a fictional EU logistics company. Shows current state, gaps, obligations, and remediation roadmap. Directly relevant to EU companies navigating NIS2 implementation.
NIS2 Compliance Gap Analysis EU Regulation
DORA Compliance Briefing (In progress)
Two-page briefing on DORA (Digital Operational Resilience Act) obligations for a fictional EU fintech. ICT risk, incident reporting, and third-party risk management.
DORA Fintech ICT Risk EU Regulation
LockBit Threat Intelligence Report — EU Finance Sector (In progress)
Structured threat intel report profiling LockBit affiliate activity targeting European financial institutions. TTP analysis, IOC samples, MITRE mapping, and defensive recommendations aligned to DORA.
CTI Threat Intel LockBit MITRE ATT&CK DORA
SIEM │ IBM QRadar · Splunk · Wazuh
Detection │ Sigma Rules · Correlation Rules · False Positive Tuning
OSINT / EASM │ theHarvester · Maltego · SpiderFoot · Shodan · Censys · crt.sh
Threat Intel │ MITRE ATT&CK · Diamond Model · IOC Mapping · CTI Lifecycle
Malware │ Static & Dynamic Analysis · Flare-VM · Any.Run · VirusTotal
GRC │ NIST CSF · ISO 27001 · PCI-DSS · HIPAA · NIS2 · DORA
Cloud │ AWS GuardDuty · CSPM
Scripting │ Python · PowerShell
| Certification | Issuer | Status |
|---|---|---|
| SOC Analyst | LetsDefend | ✅ Complete |
| SIEM Engineer | LetsDefend | ✅ Complete |
| Detection Engineering | LetsDefend | 🔄 In Progress |
| Cyberdefence Analyst | Cisco | ✅ Complete |
| Jr Cybersecurity Analyst | Cisco | ✅ Complete |
| GRC Analyst | Cybrary | 🔄 In Progress |
📘 From Alert to Adversaries — Amazon KDP Building SOC and CTI Capabilities the Right Way. A practical guide to blue team operations from alert triage to adversary tracking.
✍️ Embracing AI Prompt Engineering: A Cybersecurity Professional's Journey — Medium, 2025 Exploring generative AI integration in SOC workflows and the rise of prompt engineering as a security skill.
📘 Dark Signals: The Blue Team Chronicles — Upcoming A cybersecurity narrative blending storytelling with Blue Team techniques.
All portfolio projects use fictional companies and simulated data. No real-world systems were targeted. Built for educational and skills demonstration purposes.