online|~/vraj_
$catabout.md

About Me_

~/vraj/about.mdreading

# Introduction

Cybersecurity professional with a strong foundation in offensive and defensive security, including red and purple team operations. Skilled in vulnerability assessment and remediation, threat intelligence, and strengthening cloud controls.

# What I Do

Experienced in coordinating live incident response, building automation pipelines, and communicating across technical and non-technical teams. Currently working as a Security Analyst at Apphaz, focusing on SOC operations, SOAR automation, threat hunting, and SIEM optimization.

# Key Focus Areas

  • Incident Response & Triage
  • SIEM/SOAR Automation
  • Threat Hunting & Detection Engineering
  • Security Operations Center (SOC)
  • Cloud Security (Azure, AWS)
  • Red & Purple Team Operations
$gitlog --oneline experience
experience/apphaz.logactive

Security Analyst

Apphaz • Remote

January 2024 - Present

  • Lead SOC operations including incident triage, threat hunting, and response coordination, reducing MTTA by 15% and MTTR by 25%
  • Maintain and optimize security procedures, response documentation, and mitigation playbooks ensuring operational consistency

▸ Threat Intelligence Integration Pipeline (Ongoing)

  • Building automated threat intelligence pipeline using n8n workflows to integrate multiple CTI feeds (VirusTotal, AbuseIPDB, AlienVault OTX, OpenCTI, PhishTank, Abuse.ch) with SIEM infrastructure
  • Developing real-time IOC enrichment automation that correlates alerts with threat intelligence feeds, reducing analyst research time by 40%
  • Enhancing alert quality by implementing threat feed normalization and deduplication logic, improving detection accuracy and reducing false positives

▸ Incident Response Automation

  • Designed and deployed SOAR/SIEM playbooks using Wazuh, TheHive, and Shuffle to automate incident triage and containment workflows, reducing escalations by 25% in 3 months
  • Integrated CTI feeds with automated response workflows and tuned correlation rules to enhance Red/Purple Team detection capability by 30%

▸ Security Monitoring & Detection Engineering

  • Developed custom detection rules for MITRE ATT&CK techniques including credential access (T1110), initial access (T1078), and persistence (T1053), improving detection coverage by 22%
  • Engineered log parsing and normalization scripts for application, firewall, and endpoint logs, expanding SIEM visibility across 15+ disparate data sources
  • Implemented use-case driven detection queries for insider threats, privilege escalation, and anomalous authentication patterns, reducing investigation time by 30%
experience/vshwan.logcompleted

Cybersecurity Analyst

Vshwan / Build Formula • Ahmedabad, Gujarat

January 2023 - July 2023

  • Supported Red and Purple Team simulations, improving test detection accuracy and reducing false alerts by 25%
  • Strengthened cloud controls by documenting permission flows and supporting implementation of tighter access controls, lowering unauthorized attempts by 30%
  • Analyzed SIEM event logs and prepared initial incident summaries, improving team response and investigation time by 40%
experience/conestoga-project.logcompleted

Web Application Security Project

Conestoga College • Ontario, Canada

2024 - 2025

  • Conducted vulnerability scans and traffic analysis to identify high-risk findings, improving application security posture by 35% within 6 months
  • Implemented automated spam/phishing detection rules, blocking 2K+ malicious emails and improving email security defense layers
$cateducation.txt
~/vraj/education.txtready

Graduate Certificates, IT-Infrastructure & Computer Engineering

Conestoga College

September 2023 - April 2025 | GPA: 3.2

Bachelor's, Computer Science

Vidush Somany Institute of Technology and Research

July 2019 - July 2023 | GPA: 3.1