Whoami

Whoami

Security Engineer with touch of detection engineering. Highly inclined towards automation to reduce repitive menial task to uplift team morale.

With over 5 years of experience as Security Operation Center, I have gained experience in developing custom parsers and rules for Wazuh, LogRhythm, LogPoint and Chronicle as well as implementing various other Security Event Monitoring solutions.

Core Skills

  • Defensive technology: SIEM, SOAR and Threat Intelligence
  • SIEM: LogRhythm, LogPoint, Wazuh, Chronicle and FortiSIEM
  • Offensive security tools: Nmap, Metasploit, Burp Suite, Nessus
  • Programming/Scripting: Bash and Python

Professional Accomplishments

  • LogWars Winner
    logwars
    Won the LogWars competition (Team) conducted by LogRhythm for partners in APAC region. The CTF competition contained series of challenges for defensive analyst to identify flags from the series of logs that demonstrates platform hands on experience and analysis capability of an analyst.

  • Employee of the Year
    employee of the year
    Awarded employee of the year for 2020/2021 in CryptoGen Nepal

Certificates

  • Google Cloud SecOps Technical Credential: March 2024
  • LogRhythm Deployment Engineer (LRDE): October 2023
  • LogRhythm Support Engineer (LRSE): September 2023
  • LogRhythm Platform Administrator (LRPA): July 2023
  • LogRhythm Security Analyst (LRSA): July 2023
  • Certified Ethical Hacker (CEH) – Practical: March 2021 – April 2024
  • Certified LogPoint Administrator: January 2021
  • Certified LogPoint User: January 2021
  • Microsoft Certified: Azure Fundamentals: July 2020
  • NSE 1 Network Security Associate: April 2020 – April 2022
  • NSE 2 Network Security Associate: June 2020 – June 2022
  • LogRhythm Sales Learning Plan: March 2020
  • Splunk 7.x Fundamentals Part 1: January 2020
  • Cisco Certified Network Associate Cyber Ops (CCNA Cyber Ops): May 2018

Relevant Experience

L3 Analyst and Security Platform Engineer, StickmanCyber Pty. Ltd.
Sydney, Australia (Remote)
September 2023 - Present (1 Year 5 months)

Accomplishment

  • Migrated 20+ customers from current SIEM technologies to Google Chronicle in a duration of 1 year
  • Led a team with two other engineers to create 400+ use cases in Google Chronicle

Responsibilities

  • Manage Security Operations projects, with a focus on process improvement and strategic technology investments.
  • Develope and approve security alerts, reports, dashboards, and metrics, ensuring their presentation to clients meets high-quality standards.
  • Administrate SIEM solutions, encompassing configuration, installation, migration, updating, and monitoring across diverse platforms.
  • Manage security production issues and incidents, actively participating in problem and change management forums alongside client stakeholders.
  • Communicate the successes and progress of the security operations center to the management team.
  • Support for all SOC-related pre-sales activities, including solution architecting and active participation in customer presentations.

SOC Engineer, CryptoGen Nepal Pvt. Ltd.
Kathmandu, Nepal
November 2019 - September 2023 (3 Years 11 months)

Accomplishment

  • Established Secuity Operation Center ground up in an startup company
  • Delivered pre sales activity and won SOC projects in 2 BFSI, 1 Telecommunication

Responsibilities

  • Customized, configured, and deployed an open-source SIEM product, tailoring it to match the specific use cases and requirements of clients.
  • Explored various products to identify and assist with diverse client needs, ensuring optimal security posture and resilience.
  • Conducted extensive research and development of use cases, implementing both in-house and commercial SIEM solutions such as Wazuh, LogRhythm, LogPoint, and FortiSIEM. This involved the development and fine-tuning of decoders and rules for optimized security monitoring.
  • Deployed and implemented various Security Event Monitoring products to address identified use cases, while actively exploring their functionalities.
  • Conducted and supervised multiple successful proof-of-concepts (PoCs) that demonstrated the value and feasibility of proposed solutions, resulting in their conversion into full-scale projects.
  • Trained new recruits for SOC engineers over a comprehensive 6-month program, equipping them with the necessary skills and knowledge to excel in their roles.
  • Delivered comprehensive reports capturing findings, providing actionable recommendations for managed service clients to improve their security posture.

SOC Consultant, Digital Network Solution (DNS)
Kathmandu, Nepal (Contract)
September 2020 – September 2023 (3 Years)

  • Deployment and configuration of LogRhythm to meet client’s use cases.
  • Parser and advance rule development to identify threats.
  • Modify out-of-the-box SOAR scripts to match specific use cases.
  • Conducted and supervised successful proof-of-concepts (PoCs) that demonstrated the value and feasibility of proposed solutions, resulting in their conversion into full-scale projects.
  • Trained resources for SOC to ensure skill development.
  • Delivered comprehensive reports capturing findings, providing actionable recommendations for managed service clients to improve their security posture.

View more experience in LinkedIn profile