Amartyo Roy

Purple Team Specialist

• Led purple teaming activities, developing attack simulations and detection rules for HIDS and NIDS.
• Developed ElastAlert and Sigma rules for HIDS and crafted Zeek and Suricata rules for NIDS.
• Utilized a variety of tools for attack simulations, including Metasploit, Atomic Red Team, PowerSploit, and Caldera.
• Strong grasp of Windows and Linux operating systems.
• Skilled in scripting languages: bash, PowerShell, and batch scripting. Proficient in Python.
• Experience with additional languages such as Zeek, Spicy, and a little bit of Ruby.

Critical Infrastructure Security

• Secured critical infrastructures in IT and OT domains through comprehensive attack and detection engineering.
• Conducted adversary emulation and breach and attack simulation to identify vulnerabilities.
• Monitored systems for vulnerabilities and implemented robust security measures to mitigate risks.
• Worked with the ELK stack to regularly configure and utilize efficient data logging, shipping, and visualizations on Kibana dashboards.

AI/ML Detection Model Contributor

• Collaborated with AI/ML teams to develop detection models focused on user behavior analytics.
• Generated and analyzed data patterns in Python to enhance the accuracy and effectiveness of detection models.

Security Onion Developer

• Contributed to the development and deployment of Security Onion, an open-source security monitoring platform.
• Created automation scripts and managed the deployment of multiple modules and Docker containers within Security Onion..

• Collaborated in the research, documentation, and development of multiple intrusion detection and IP geolocation techniques for network security and internet geolocation projects.