• Research and evaluate nation-state, hacktivists, and cybercriminal capabilities and activity.• Cyber Threat intelligence research focused on TTPs, IOCs, trend analysis,threat actor profiling.• Monitor cyber threat intelligence feeds, escalation of alerts and Intelligencesharing via approved channels• Distilling and contextualizing disparate data sources and information intoconcise reports and assessments. i.e. Cyber Newsletter and Cyber Threat IntelReports.• Advanced expertise in using cyber tools, defensive toolkits, endpointand network sensors, SIEMs, and threat sharing platforms like MISP,ThreatConnect and Anomali ThreatStream.• Conduct all-encompassing Dark web monitoring and investigation to gather intelligence aroundcountry specific threats, threat actor profiling, vulnerability and exploits.• Monitor chatrooms, marketplaces, hacker forums, RaaS forums for chatter around potential breaches.• Monitor for sensitive assets information, PII, Credentials, IP etc.• Create anonymous covert profiles to establish embedded access and maintain relationships to gatherunique intelligence.• Produce threat intelligence providing situation awareness of cyber threats impacting clientinfrastructure.• Ability to identify trends in cyberspace with regards to adversary tactics, techniques, and procedures,targeting, malware development and implementation• Develop reports and associated briefings and deliver in-depth presentations pertaining to clients.• Leverage government and private organizations to share threat information and best practices toinfluence program outcomes.

• Develop TTP-focused detection analytics to hunt for adversarial activities within the Firm's networks, leveraging a range of telemetry (both raw and aggregated) and enrichment sources.• Perform hunt, triage and analytic tooling through automating investigation processes pivoting across different sources on a proprietary platform.• Investigate threat hunt tickets, document findings, & escalate to IR teams with remediation recommendations• Monitor cyber threat intelligence feeds, escalation of alerts and Intelligence sharing via approved channels.• Cyber Threat intelligence research focused on TTPs, IOCs, trend analysis, threat actor profiling.• Distilling and contextualizing disparate data sources and information into concise reports and assessments. i.e. Cyber Newsletter and Cyber Threat Intel Reports.• Work with the peer teams to identify and build use cases for Cyber Threat intelligence related analytics.• Assist with cyber threat intelligence data feed collection and migration to the Hunt proprietary platform.• Write queries using python for deep-dive investigation and to build POC preventive analytics.

• Produce threat intelligence providing situation awareness of cyber threats impacting client infrastructure.• Proactively research emerging cyber threats to apply analytical understanding of hacker methodologies and tactics, system vulnerabilities and key indicators of attacks and exploits.• Understand and experience in evaluating nation-state, hacktivists, and cybercriminal capabilities and activity.• Ability to identify trends in cyberspace with regards to adversary tactics, techniques, and procedures, targeting, malware development and implementation.• Communicate to client organizations both quantifiable and qualifiable digital risk to their enterprise through operational briefings and threat intelligence reports.• Help to create intelligence reporting methods that communicate effectively to every level of the organization.• Develop briefings and associated materials and deliver in-depth presentations pertaining to clients.• Leverage government and private organizations to share threat information and best practices to influence program outcomes.• Isolate complex and zero-day malware In analysis lab and perform dynamic analysis and reverse engineering using different tools

As part of the Daimler Commercial vehicles connectivity cybersecurity team, played the role of a Solutions Architect in defining and implementing the Threat management process operations to identify and mitigate automotive cyber threats both proactively and reactively based on the various areas of threat management as follows:• Liaise and Interact with various Daimler Truck locations to understand identify the cloud architecture and vehicle connectivity assets to derive Vehicle SOC (Security Operations Centre) use cases for implementation and use by SIEM and SOC monitoring teams for Threat detection and monitoring.• Defined the Threat Intelligence Framework based on the Automotive industry standard and implemented the Threat intelligence operations to identify and mitigate threats targeting the Automotive industry by presenting a Threat Advisory and briefing based on OSINT and Auto-ISAC.• Implemented and built a strong database of Automotive Cyber Threats/Adversaries/IOC's in a Threat Intelligence platform (ThreatConnect) for matured detection and mitigation.• Did a PoC (Proof of Concept) for IOC Pivoting and Enrichment for advanced threats by using DomainTools, VirusTotal, Cisco Investigate etc and documented the task flow for the same in Visio.• Defined and implemented the Incident response process for all incidents targeting the various Truck locations and is the SPOC for all incident management for Global Daimler Truck SOC.• Developed a PoC (Proof of Concept) of Malware Analysis for Sandbox environment to automate and analyze various Malware proactively and reactively to document the results and present them.• Developed a PoC (Proof of Concept) for Threat hunting of undetected and new threats targeting the Truck Connectivity assets and ecosystem.

• As Part of Cyber Threat Intelligence team, Produce threat intelligence providing situation awareness of cyber threats impacting global network infrastructure.• Proactively research emerging cyber threats. Apply analytical understanding of hacker methodologies and tactics, system vulnerabilities and key indicators of attacks and exploits.• Understand and experience in evaluating nation-state, hacktivists, and cybercriminal capabilities and activity.• Ability to identify trends in cyberspace with regards to adversary tactics, techniques, and procedures, targeting, malware development and implementation.• Communicate to team members and senior leadership both quantifiable and qualifiable cyber risk to the enterprise though operational briefings and threat intelligence reports.• Help to create intelligence reporting methods that communicate effectively to every level of the organization.• Develop briefings and associated materials and deliver in-depth presentations to Company leadership• Leverage government and private organizations to share threat information and best practices to influence program outcomes.• Coordinate resources during enterprise incident response efforts, driving incidents to resolution.• Employ advanced forensic tools and techniques for attack reconstruction and intelligence gathering.• Perform network traffic analysis utilizing raw packet data, net flow, IDS, and custom sensor output as it pertains to the cyber security of communications networks.• Utilize understanding of attack signatures, tactics, techniques and procedures associated with advanced threats.

• As part of the Cyber Threat Forensics Team, Played a major role in the mitigation and remediation of threats, in particular, financial/banking threats, advanced malware/threats and exploits.• Performed incident response and malware analysis to investigate incidents and help determine the SOC team the extent of the compromise, attributes of any malware and possible data ex-filtrated.• Isolate complex and zero-day malware In analysis lab and perform dynamic analysis and reverse engineering using different tools• Travelled to US for Tanium Enterprise incident response tool training• Awarded Shared Success Award for quick turnaround in a high priority security incident• Maintain current knowledge of tools and best-practices in advanced persistent threats; tools, techniques, and procedures of attackers; and forensics and incident response