Rahul Shah

Experience

• 

  Vairav Technology

  Sept 2020 - Dec 2020

  Cyber Security Intern

  • Analyzed system logs for suspicious activity, identifying potential threats.• Maintained detailed documentation of cybersecurity incidents and remediation efforts for future reference and analysis.• Collaborated with IT team to identify potential security risks and develop mitigation strategies.

• 

  CryptoGen Nepal

  Apr 2021 - Mar 2023

  Security Engineer

  • Monitored and managed SIEM system performance. (Logpoint, Elastic SIEM, Wazuh, FortiSIEM)• Developed custom SIEM rules to detect threats specific to tenant organizations. • Built SIEM integrations using Python.• Wrote scripts and developed SOAR (Logpoint, Shuffle) playbooks/runbooks to enrich logs and automate responses.• Designed and implemented controls (SIEM, EDR) for effective threat detection. • Monitored logs across multiple tenants, providing analysis and conducting investigations.• Participated in incident response and data acquisition for digital forensics.• Conducted routine threat hunting leveraging security intelligence tailored to tenant environments. Show less

• 

  StickmanCyber

  Jun 2023 - Jul 2024

  Security Engineer

  • Administered and integrated secure email gateways(Proofpoint PPS/TAP/TRAP, Microsoft Defender) significantly reducing email-based threats.• Conducted threat modeling for tenants' critical applications and integrations, identifying risks and recommending mitigations.• Operated as Information Security Officer for tenants, driving security posture improvements reflected in KPIs(Secure score, Exposure score) and audit results(ISO 27001).• Conducted vulnerability assessments on tenant servers and workstations(Manage engine's Vulnerability Manager Plus), prioritized patching, and achieved significant reduction in vulnerabilities count.• Monitored and analyzed security posture with advanced controls (SentinelOne EDR, Crowdstrike, Proofpoint, Rapid7 SIEM, Elastic SIEM, Microsoft Defender, Azure AD, IAM, PAM) ensuring SLA compliance and timely reporting to stakeholders.• Led a team of analysts for incident response and digital forensics procedures, ensuring rapid containment and mitigation of security incidents.• Conducted post incident review for clients, detailing event timelines, root cause analyses, and recommendations for risk mitigation.• Developed and implemented detection signatures(Rapid7, Wazuh) to identify threat tactics and techniques, enhancing overall threat detection.• Generated weekly and monthly cybersecurity reports, presenting key security KPIs and trends for executive reporting.• Created and maintained incident response knowledge bases (JIRA) with detailed procedures for consistent execution during security events. Show less