Profile photo

SANJEEV SINGH Security Engineer (Threat Hunting)

ABOUT ME

Result-driven & Certified Cyber Security Specialist & Professional with 5+ years of experience, possessing great strength in Threat Hunting & Management, Incident Response, Offensive Security, Red Team, Ethical Hacking, Penetration testing, Vulnerability Assessment, Malware analysis and Security Audits & Assessment.


Always ready to take challenges and adaptable to change. Believe in flawless execution of administrative activities, with high attention to detail, organization, and process, along with exception teamwork skills, and a strong ability to offer suggestions and improvement to process and to work effectively with all personalities, whilst maintaining and respecting a high level of confidentiality, discernment, and judgment, with flexibility in response to changing priorities and needs.


Life Philosophy: “नातिक्रान्तानि शोचेत प्रस्तुतान्यनागतानि चित्यानि ।”

MY SKILLS I am Expert in the area

Knowledge

  • Cyber Security & Ethical Hacking
  • Offensive Security & Red Teaming
  • Threat Management & Hunting
  • Cloud Computing & Cloud Security
  • Digital Forensics & Incident Response
  • Malware Analysis & Reverse Engineering
  • Network Security & Firewalls
  • Machine learning & Deep Learning
  • Artificial Intelligence & Blockchain

Professional skill

99%
Cyber Security & Ethical Hacking
95%
Threat Hunting & Incident Response Management
90%
Adversary Simulation & Red Team Operations
90%
Vulnerability Assessment & Penetration Testing
90%
C#, PYTHON, PHP, MYSQL, JAVA, POWERSHELL, JAVASCRIPT

Work Experience 5+ Year Work Experience

May 2023 to Continue

One97 Communication (PAYTM)

Security Engineer (Threat Hunting)

✔ Spearheading Threat Hunting initiatives, proactively identifying And mitigating threats through advanced threat intelligence and anomaly detection.

✔ Leading swift and effective responses to security incidents, enhancing overall resilience. Made various Automations, resulting in reduced response times and valuable insights.

✔ Conducting comprehensive threat hunting activities across 10+ entities and verticals, encompassing over 200,000 endpoints and assets using a combination of threat intelligence feeds with enrich security event data with contextual information, including IOCs and TTPs, behavioral analytics, and machine learning models to proactively identify and investigate potential security threats.

✔ Developing and executing advanced threat hunting queries and playbooks to detect and respond to sophisticated cyber threats, including APTs and zero-day attacks.

✔ Developing and maintaining custom correlation rules, queries, and dashboards within the SIEM/XDR platform to identify patterns indicative of malicious behavior.

✔ Working with L2-L3 analysts to fine-tune XDR and SIEM detection/correlation rules and signatures to reduce false positives and increase the accuracy of threat detection, leveraging insights gained from incident analysis and threat intelligence.

✔ Participating in red team exercises and simulated cyberattack scenarios to validate the effectiveness of detection and response capabilities and identify areas for improvement.

✔ Assisting in the development and implementation of security policies, procedures, and controls to ensure compliance with industry regulations and standards.

✔ Carrying continuous learning through certifications and courses to maintain a proactive stance against evolving threats, contributing significantly to overall security effectiveness.

HackIT Technology And Advisory Services

Senior Security Analyst

✔ Leading Project Member, Designed and developed multiple tools for Penetration Testing, Security Assessments, and targeted attack simulations, especially in Windows environment.

✔ Automated 18 -20% of operational tasks & activities involved on regular basis.

✔ Built multiple Windows Apps and Tools to assist in Red Teaming & Offensive Security.

✔ Performed and reported Multiple Application Audits, Vulnerability Assessments / Penetration Testing for IT infrastructure including network devices, operating systems, Databases, applications.

✔ Developed multiple PoCs for past vulnerabilities as well newly discovered vulnerabilities & exploits.

✔ Conducted various Red & Blue Teams Operations in Authorized Simulated Environment.

✔ Worked on Multiple Red teaming based advisory TTPs Frameworks, Tested & implemented various APT’s TTP’s, Recent Exploits & Vulnerabilities Re-buildings & Demonstrations with working results & output with their mitigative procedures & solutions.

✔ Performed Server management as well Infra-Structure Security Maintenances.

✔ Dark Web & Forums Monitoring & Analysis of trends & Report Breaches & Incidents to Org.

✔ Conducted penetration testing engagements and simulated Red teaming Ops for org’s clients in various industries, including law enforcements, defense, government, healthcare, and finance sector.

✔ Identified & exploited multiple associated vulnerabilities in OS, web apps, and network infrastructure, then presented findings/recommendations to clients in detailed written and verbal reports.

April 2021 to April 2023
March 2020 to June 2020

Freelance

Cyber Security Consultant

𝐂𝐥𝐢𝐞𝐧𝐭𝐬: Various Law Enforcement Agencies, Defense Personnel, & Academic Institutions⁣.

𝐏𝐫𝐨𝐣𝐞𝐜𝐭𝐬 & 𝐏𝐫𝐨𝐩𝐨𝐬𝐚𝐥𝐬:⁣⁣ (Confidential)

𝟏. Threat Intelligence Report:  Conducted in-depth research & analysis on emerging cyber threats, providing actionable intelligence to inform their cyber security operations⁣⁣.

𝟐. Malware Research & Development: Worked on Malware & C&C Frameworks, exploring TTPs of APT groups into developing Tools to assist in Red Teaming & Offensive Security⁣⁣.

𝟑. Vulnerability Assessments: Conducted vulnerability assessments for various clients, identifying potential weaknesses & providing recommendations to mitigate risks⁣⁣.

𝟒. Penetration Testing: Performed comprehensive penetration testings, identifying vulnerabilities & providing recommendations to enhance their network security⁣⁣.

𝟓. Incident Response Plan:  Developed customized incident response plans, ensuring they were prepared to respond to cyber security incidents effectively⁣⁣.

𝟔. Cyber Security Trainings: Designed & delivered cyber security training programs, focusing on threat hunting, digital forensics, & Incident response⁣⁣.

𝟕. Proposals Writings: ⁣Written multiple proposals for different cyber security projects, highlighting their capabilities & approach to addressing the client's requirements⁣⁣.

𝟖. Compliance Audit: Performed compliance audits for clients, ensuring their cyber security practices aligned with relevant regulations & standards⁣⁣.

𝟗. Security Architecture Design: Designed & implemented secure architecture solutions for clients, incorporating best practices & industry standards⁣.

𝟏𝟎. Cyber Security Strategy: Developed comprehensive cyber security strategies for clients, aligning their security posture with their objectives.

Education My Educational Qualification

Masters of Engineering in Computer Engineering {Specialised in Cyber Security} {GTU-GSET} - Gujarat Technological University

2019-2021

Grade: First Class With Distinction

Subjects Studied:

Mathematical Foundation for Cyber Security, Cyber Crimes/Ethics and Laws, Research Methodology and IPR, Constitution of India, Defense Programming in Python, Digital Forensic, Ethical Hacking, Web and Database Security, Malware Analysis, Operating system and Host Security, Business Analytics, Machine Learning

Bachelors Of Engineering In Computer Engineering {MGITER} - Gujarat Technological University

2015-2019

Grade: First Class With Distinction

Subjects Studied:

Computer Programming and Utilization, Data Structure, Database Management Systems, Operating System, Object Oriented Programming With C++, Computer Organization, Numerical and Statistical Methods for Computer Engineering, Computer Networks, Cyber Security, Design Engineering, Analysis and Design of Algorithms, Object Oriented Programming using JAVA, Microprocessor and Interfacing, System Programming, Software Engineering, Theory of Computation, Advanced Java, Web Technology, Distributed operating system, Compiler Design, Information and Network Security, Mobile Computing and Wireless Communication, Python Programming, Data Mining and Business Intelligence, Artificial Intelligence

Services & Expertise My Professional Service

Offensive Security & Red Teaming

✔ Adversary ATTACK's Simulation wrt TTP’s

✔ Building RedTeaming & Pentesting Related Tools & Frameworks

✔ Specialised in Web Apps & Windows Related

✔ Implementing Prototypes, POCs and Exploits for testing Infra Security

Web Pentesting & Security Assessments

✔ Vulnerabilities Scanning and Assessments

✔ Exploiting & Pentesting Vulnerable Web Apps

✔ Php, JS, json, API, based Web Solution Pentesting & Assessments

✔ Providing mitigation And relevant security measures & solutions

Digital Forensics & Incident Response

✔ Windows & Android Forensics

✔ Systems & Network Forensics

✔ Identify, Preserve, Analyze, Document & Reporting of Digital Evidences/Assets

✔ Advanced Incident Response & Threat Hunting

✔ Evidences/Assets Handling, Risk Analysis & Mitigations

Malware Analysis & Reverse Engineering

✔ Examine, Identify & helping understand nature of Cyber-Threats/Malwares

✔ Analyze & Reversing Malwares Samples Related to Windows, Linux, Android & Web Apps

✔ Researching & Dissecting recent trending malwares

✔ Implementing Detection & Prevention Methodologies

Customized & Specialised CyberSec Trainings & Courses

✔ Getting into Red Teaming
{*for permitted & Ethical Purposes Only}

✔ Offensive Security Concepts & Methodologies

✔ Ethical Hacking & Pentesting

✔ Malware Analysis & Reverse Engineering

✔ Exploring Dark Web & Deep Forums

✔ Enterprise & Industrial levels Customizations

* All Courses & Trainings includes & focuses majorly on Practicals & Live Hands-On Labs/Challenges.
Society Contributions & Community Collabs

✔ Helping folks to dive into ocean of CyberSec

✔ Spreading cybersec awanreness & vigilance and contribute to community for all, enriching their secskills n expertises

✔ Providing dedicated Solutions & Frameworks to Law enforcements entities, Defense personals, Academic Universities & Institutions

Sanjeev's skills and expertise in Cyber Security and dedication to keeping systems and networks secure is truly impressive, and commitment to staying up-to-date on the latest trends and threats in the industry is inspiring.
I have no doubt that any organization would be fortunate to have you on their team, and I am confident that you will excel in any role you take on. I have no doubt that you will continue to make a positive impact in the field of cybersecurity for years to come.
Sanjeev is a very dedicated, self motivated person, highly skilled in development, Offensive Security, Threat Hunting, most likely one of the greatest professionals to work with. He consistently demonstrated a solid work ethic at HackIT Technologies and also a dedication to success.
Sanjeev never refuses you when you ask him for help. Energetic and broad-minded. Sanjeev is a take-charge person who is able to present creative solutions to complex problems and communicate the benefits to the company.
Highly Recommend 🙌🏻
Sanjeev is a good team player. He is having good knowledge of offensive security and different security tools.
Wishing him all the best for the future endeavours.
I have seen him acquiring great knowledge in area of offensive security and threat hunting. I would surely recommend Sanjeev for any company as i am sure he is a great team player and hard worker.
Also his tenacity for getting a job done and working through the details is very appreciable. Dedication and sincerity is a virtue that one gets to learn as one interacts with him.
Wishing him the very best...
Sanjeev is well versed with offensive security and methodology. In college days he had acquired technical skills. He is dedicated, obedient and helping hand.
Wishing him all the best for the future endeavours.