Summary
Overview
Work History
Education
Skills
Certification
Projects And Key Initiatives
Awards
Accomplishments
Languages
Timeline
Generic

Abhiraj Singh

Noida

Summary

Cybersecurity Engineer with over 5 years of expertise in SOC operations, cloud security, and detection engineering. Proficient in developing log pipelines, crafting SIEM rules, and automating threat detection using Python and KQL in hybrid and containerised environments. Created custom parsing logic and OSINT integrations, along with GitHub-hosted detection rules for AWS/Wazuh workflows. Certified GCIH and Security+ with a proven track record in stakeholder collaboration and shift leadership.

Overview

5
5
years of professional experience
1
1
Certification

Work History

Cyber Security Engineer II

Thales India Pvt. Ltd.
Noida
07.2023 - Current
  • Executed proactive threat hunting using custom correlation rules in Wazuh, LogRhythm, and Azure Log Analytics.
  • Developed advanced KQL queries to identify lateral movement, token theft, and anomalous cloud activities.
  • Integrated RSS-based OSINT feed for monitoring threat actor activities, leaked data, and zero-day alerts.
  • Achieved 40% reduction in false positives through rule tuning, log enrichment, and alert optimization.
  • Explored adversarial ML threats, focusing on prompt injection and data poisoning techniques.
  • Led deployment of LogRhythm SIEM, including architecture planning and onboarding of multiple log sources.
  • Engineered cloud log ingestion pipeline from AWS CloudTrail to Wazuh for real-time alerting on compliance drift.
  • Conducted regular vulnerability assessments with Tenable, correlating findings with IOCs and patch management.
  • Worked on technical control mapping and evidence collection aligned with frameworks like NIST 800-53, PCI-DSS, ISO 27001, and CIS Benchmarks.
  • Investigated critical incidents involving PII exposure, partner data leaks, endpoint threats, and cloud misconfigurations; collaborated with CERT and Legal teams for containment and RCA.

SOC Analyst (Level 2)

HCL Technologies
Noida
10.2020 - 07.2023
  • Acted as Shift Lead for a 15-member SOC team, ensuring efficient task allocation and seamless shift handovers.
  • Recognised by the HCL Global SOC Head for exceptional incident resolution and client satisfaction.
  • Monitored client environments with SIEMs and EDR tools to identify real-time threats.
  • Mitigated lateral movement, brute-force attacks, and insider threats effectively.
  • Executed malware triage, phishing detection, and initial incident response tasks.
  • Utilised IBM QRadar, HP ArcSight, Siemplify SOAR, ServiceNow, DarkTrace, and Microsoft Defender.
  • Conducted IOC enrichment using OSINT for comprehensive threat analysis.
  • Directed escalation processes to maintain high response efficiency.

Education

B.E. - Electrical Engineering

Lakshmi Narain College of Technology
Bhopal
08-2020

Class 12 -

Sri Sankara Vidyalaya
Bhilai
04-2015

Class 10 -

Indu IT School
Bhilai
04-2013

Skills

  • Scripting and automation: Python, Bash, Regex
  • Infrastructure as code: Terraform, AWS log pipeline, IAM provisioning
  • SIEM and SOAR platforms: Wazuh, QRadar, LogRhythm, HP ArcSight, Siemplify, PagerDuty
  • Cloud and DevSecOps: AWS, Azure, Azure Defender, GitLab, Prowler, Databricks
  • Endpoint protection: Cisco AMP, Microsoft Defender for Endpoint, DarkTrace
  • Threat intelligence: MITRE ATT&CK, IOC analysis, OSINT feeds
  • Vulnerability management: Tenable, BigFix
  • Dashboards and reporting: SIEM dashboards, Jira
  • Security operations: Threat hunting, Malware analysis, Incident response

Certification

  • GIAC Certified Incident Handler (GCIH)
  • SANS SC504 (Certification)
  • CompTIA Security+
  • Microsoft SC-900
  • Wazuh for Security Engineers
  • AZ-500 & Azure Sentinel KQL (Trained)
  • Chronicle SOAR (CSF, CCSA)
  • DarkTrace Certified Analyst

Projects And Key Initiatives

  • Investigated high-profile breaches (Airbus, Air Canada, STS Aviation, Turkish Airlines) with CERT, legal coordination, and IOC analysis
  • Detected public exposure of Thales documents using OSINT, tracked partner leaks via forums like Breach Forums and XSS
  • Integrated 4+ firewalls into LogRhythm, and resolved Cisco AMP visibility issues on 30+ endpoints
  • Hardened internet-facing firewalls and enforced WAF restrictions, with IP whitelisting
  • Coordinated with product teams on patching vulnerabilities (SharePoint, TeamViewer, Fortinet, etc)
  • Conducted CSOC-led vulnerability testing and built improved L1 workflows from findings
  • Work on LogRhythm/Wazuh SIEM deployment, log source integration, parsing customisation, and alert use case development using regex and MITRE mapping
  • AWS CloudTrail → Wazuh integration: built and documented an end-to-end log forwarding and detection system with S3, IAM, and custom Wazuh rules
  • Developed and published custom detection rules, automation scripts, and regex parsers on GitHub

Awards

  • Twice awarded 'Best Performer' at Thales for excellence in incident response and automation.
  • Fast-tracked to Cyber Security Engineer II within 6 months for high-impact delivery.
  • Entrusted with SOC roster planning, 24x7 shift coverage, monthly reporting, and team training.
  • Acknowledged by HCL Global SOC Head for detecting lateral movement and brute-force attacks.
  • Served as Shift Lead at HCL, managing a 15-member SOC team and escalations.

Accomplishments

  • Cleared AFCAT four times and INAT twice post-graduation, appeared in 10 SSB interviews, with 7 conference outs
  • Represented the school at the national level in karate and the state level in skating

Languages

  • English, Professional Proficiency
  • Hindi, Native Speaker

Timeline

Cyber Security Engineer II

Thales India Pvt. Ltd.
07.2023 - Current

SOC Analyst (Level 2)

HCL Technologies
10.2020 - 07.2023

B.E. - Electrical Engineering

Lakshmi Narain College of Technology

Class 12 -

Sri Sankara Vidyalaya

Class 10 -

Indu IT School

Similar Profiles

CREATE PROFILE
Abhiraj Singh