About Me
I’m a Security Analyst focused on building and testing real-world detection and defense systems. My work spans Zero Trust enforcement, IAM policy simulations, and cloud-based threat monitoring using tools like Splunk, Python, and Elastic. I enjoy creating environments where I can break things safely — then analyze logs, improve resilience, and automate fixes.
Whether it’s detecting Modbus anomalies, setting up AWS honeypots, or automating audit checks, I design projects that blend technical depth with practical use. My goal is to stay hands-on, operationally sharp, and always curious about how systems fail and recover.
I'm passionate about advancing the field of cybersecurity through innovative solutions and research.
Skills & Expertise
- AWS GuardDuty
- System Hardening
- Docker
- Active Directory
- Python
- PowerShell
- KQL, SQL
- API Integrations
- SIEM (Splunk)
- SOAR
- MITRE ATT&CK
- Threat Hunting, EDR
- TCP/IP, DNS, BGP
- IDS/IPS, VPN, IPv4
- NGFW, Firewalls (Palo Alto)
- IAM, MFA, SSO, RBAC, LDAP
Experience
Cybersecurity Researcher
- Implemented IAM protocols and iptables firewall controls for Zero Trust security.
- Developed Python scripts for Nmap scanning, reducing analysis time by 25%.
- Automated Linux user access validation, streamlining audit compliance with Python.
- Simulated ICS/SCADA attacks with Conpot and Wireshark to test vulnerabilities.
- Built Python-based Modbus anomaly detection for real-time SIEM alerts.
- Deployed AWS SSH honeypot with Cowrie, capturing 100+ attacker interactions.
- Built Filebeat-to-Elastic Cloud pipeline for real-time threat logging.
- Analyzed attacker behavior with Kibana visualizations.
Cybersecurity Case Study Participant
- Collaborated on SolarWinds breach analysis, delivering NIST CSF-aligned risk mitigation strategies.
- Conducted privileged access reviews and logging audits in Linux environments using auditd.
- Maintained cyber risk register and mapped findings to NIST and ISO 27001.
- Collaborated on regulatory documentation for simulated audits and cybersecurity governance strategies.
Associate Engineer
- Analyzed connectivity issues, improving ReadyAPI platform security.
- Partnered with engineering and cross-functional teams to resolve escalated connectivity issues.
- Resolved LDAP authentication issues for 50+ clients, enhancing identity management reliability.
- Developed fraud detection insights, strengthening software abuse mitigation.
Projects
PentestPilot- Designed an AI-augmented network scanner that interprets Nmap results using machine learning and natural language prompts for automated reconnaissance.
- Automated scanning workflow integrated Nmap (-sV -O -sC) with dynamic target selection and result parsing via Python (python-nmap, libnmap).
- Converted raw Nmap output into structured JSON for classification and analysis of services, open ports, and potential vulnerabilities.
- Supported user-friendly queries like "List vulnerable hosts" for quick triage.
- Built a modular framework to support future integration with Metasploit, brute-force tools, or SIEM platforms.
Honeypot Threat Intelligence Lab- Deployed a Cowrie honeypot on AWS EC2 to emulate an exposed SSH server and attract brute-force login attempts.
- Configured Filebeat to collect honeypot logs and forward events to Elastic Cloud for centralized analysis.
- Ingested and visualized real-world attack events through Elastic SIEM and Kibana dashboards.
- Simulated controlled attacks from Kali Linux to validate detection and logging accuracy.
- Analyzed attacker metadata including source IPs, login attempts, session durations, and SSH client signatures.
Simulated ICS/SCADA Threat Detection Lab- Deployed a Modbus honeypot using Conpot to simulate industrial PLCs and attract ICS-specific traffic.
- Generated and labeled traffic using modpoll, identifying abnormal behavior based on function codes and TCP flags.
- Developed Python scripts using Scapy and Pyshark to detect unauthorized Modbus commands and malformed requests.
- Applied IP-based access control rules to block rogue clients and simulate firewall enforcement.
- Integrated with Splunk for real-time monitoring, alerting, and dashboarding of ICS network events.
Advanced Ransomware Analysis & Reverse Engineering- Performed static and dynamic analysis on ransomware to uncover its encryption logic, persistence methods, and system impact.
- Identified use of AES-128 CBC with hardcoded public key and randomized key/IV generation for file encryption.
- Analyzed Windows registry manipulation for persistence (e.g., Winlogon autologon) and shadow copy deletion for recovery prevention.
- Traced key Windows API calls like CryptEncrypt and RegSetValueExW to map malware behavior.
- Documented findings in a technical report with screenshots, network traces, and mitigation strategies including EDR and backup recommendations.
Education & Certifications
Education
Master of Science (MS) in Cybersecurity
Pace University, Seidenberg School of Computer Science and Information Systems
New York, NY
May 2025
Bachelor of Engineering (BE) in Computer Engineering
Visvesvaraya Technological University
Bangalore, KA
July 2022
Certifications
Beyond the Screen
Formula 1 Racing
I follow Formula 1 closely — the real-time strategy, telemetry analysis, and team coordination reflect the same high-pressure thinking needed in cybersecurity.
- F1 cars are more aerodynamically efficient than fighter jets.
- Brakes can reach temperatures up to 1,000°C during races.
Chess
I play chess regularly — it sharpens my foresight and helps me think multiple steps ahead, just like when anticipating an attacker’s next move.
- Chess boxing combines rounds of chess and boxing in a single match.
- The longest possible chess game has over 5,000 moves.
Get In Touch
I'm always open to discussing cybersecurity projects, research opportunities, or potential collaborations.