Urvesh Thakkar
Bengaluru, Karnataka, India
Work History
R&D Apprentice - Cloud Sec Ops
Informatica
08.2022 - Current
- Alert handling pertaining to SIEM and XDR (ELK & Cortex) to resolve security incidents and develop automations and enhanced rulesets for avoiding false positives
- Performing VM activities pertaining to asset inventory management, leveraging Qualys and adhering to VM lifecycle
- Conduct weekly threat hunt/ log review exercise to asses the infrastructure based on latest intel sources and TTPs
- Development of orchestration and automations in regards to IR to reduce the manual effort spent on alert handling, ticket creation, analysis etc
- Participating in stakeholder calls to gain feedback for improving current processes and working with risk & compliance teams to be in-line with security driven compliance mindset.
Lead Engineer - Freelance
BlackPerl DFIR
10.2023 - Current
- Developing learning content pertaining to blue teaming topics like SIEM, cloud security concepts etc
- Creation of hands-on CTF challenges for platform
Cyber Security Instructor - Freelance
Virtual Cyber Labs
04.2021 - 11.2022
- Developed and designed advanced-level course content in subjects such as SOC operations, digital forensics, and other cybersecurity topics
- Delivered live and interactive cybersecurity training sessions to students, ensuring that complex concepts were explained clearly and effectively
- Facilitated hands-on labs and exercises to provide practical experience in cybersecurity tools and techniques.
Cyber Executive R&D - Freelance
Cyber Crime Helpline LLP
10.2019 - 02.2022
- Handling cyber crime cases pertaining to financial fraud, device hacking, social media frauds and sextortion under proper guidance and abiding to local law enforcement guidelines and constitutional laws
- Conducting forensic analysis on mobile devices and computers
- Performing OSINT and creating in-depth technical reports
- Development of various tools/ scripts that aids during investigation
Senior Coach of Ethical Hacking
Unschool Learning
02.2019 - 02.2022
- In 2021, Unschool was ranked 3rd on LinkedIn's Top Startup List in India and my role as a senior coach for ethical hacking was to deliver and design relevant content for freshers in cyber security
Information Security Trainer - Freelance
SIEM Intelligence
02.2021 - 11.2021
- My role was to assist and consult the clients in suggesting various security solutions based on their needs
- Apart from consulting, my role is to train the clients with hands-on practice on various technologies like IBM QRadar, Splunk, SOAR solutions etc.
Cyber Security Intern
AICTE (All India Council)
08.2020 - 09.2020
- Due to my excellent performance during my previous internship at ISAC, I was provided with an opportunity to work with All India Council of Technical Education - AICTE as a cyber security intern
- My role was to test different websites pertaining to Indian government and Govt Ed Tech platforms and identify the relevant bugs and assist in patching the critical bugs.
Research Associate
ISAC - Information Sharing & Analysis Center
06.2020 - 09.2020
- Creation of vulnerable docker based web application containers that can be used as labs for learning & practice
- Participating in various cyber security related events and assisting the overall cyber team in day to day activities
Security Researcher
MH Cyber - Office of Spl. Inspector General of Police
08.2019 - 09.2019
- Worked closely with state level law enforcement agencies in tracking various cyber crimes
- Actively monitoring social media under the Anti-Phishing Wing
Education
B.E In Computers -
04.2023
GPA: 7.98
Diploma in Cyber Crime Investigation & Forensics -
01.2019
Grade: A
Skills
- Strong hands-on experience in security management tools like IBM QRadar, ELK, Wazuh, Splunk, DataDog Good exposure on cloud based infrastructures, specifically GCP, AWS and Azure
- Proficient in deploying and managing security solutions focusing on threat detection, hunting, and malware intelligence
- Building and orchestrating a Security Operations Center (SOC/ CSOC) from scratch Implemented project named Untangled leading to a 45% reduction in manual alert handling from native SIEM solutions Demonstrated the same to Chronicle engineers during Google Chronicle PoC for organization
- Develop security scope, workflows, KPIs, policies and procedures for various SOC activities
- Practical experience in automating and implementation of tools such as TheHive, Cortex XDR, Qualys Experience with cloud security posture management tools such as Prisma, cloud-native posture management specific to GCP controls
- Exposure to compliance controls and frameworks like MITRE ATT&CK, ISO 27001, PCI DSS
- Highly proficient in threat hunting and intel verticals pertaining to hunting TTPs, creating Emulation plans, adversary simulations, operationalizing TI using open source and paid tools like MISP, OTX, X-Force, CrowdStrike etc
Certification
- CHFI
- CTIA
- ETHPv2
- CND
- CCSE
- ECIH
- DCPLA
- DFIR101 + many other relevant MooC certifications
Awards & Volunteering
- Global Cyber Crime Helpline Awards 2019 - Fortune Hunters of Digital India
- Speaker at VULNCON 2020 International Conference Speaker at SecArmy Village International Conference
- All India President - BeFojji OpSec NGO
- Null Pune Chapter Lead
- Modernised Homoglyph URL Attack by Hackers to Steal User Credentials - International Journal of Innovative Research in Computer and Communication Engineering
Projects
Implementation of Open Source SOC, Security Monitoring and Intelligence - In this project, I explored and implemented various Open Source SOC solutions like ELK, The Hive, Cortex, MISP etc. This project focused on creating an entire SOC workflow, right from log ingestion, visualization and security correlation, alert, triage and automation capabilities
Automation & Orchestration of security alerts from SIEM - Custom SOAR - Informatica - This project was developed to automate alert handling within the IR lifecycle to deal with a huge number of alerts. The aim was to develop a custom SOAR-like solution from scratch based on API and scripts.
Timeline
Lead Engineer - Freelance - BlackPerl DFIR
10.2023 - Current
R&D Apprentice - Cloud Sec Ops - Informatica
08.2022 - Current
Cyber Security Instructor - Freelance - Virtual Cyber Labs
04.2021 - 11.2022
Information Security Trainer - Freelance - SIEM Intelligence
02.2021 - 11.2021
Cyber Security Intern - AICTE (All India Council)
08.2020 - 09.2020
Research Associate - ISAC - Information Sharing & Analysis Center
06.2020 - 09.2020
Cyber Executive R&D - Freelance - Cyber Crime Helpline LLP
10.2019 - 02.2022
Security Researcher - MH Cyber - Office of Spl. Inspector General of Police
08.2019 - 09.2019
Senior Coach of Ethical Hacking - Unschool Learning
02.2019 - 02.2022
Pune University - B.E In Computers,
Cyber Crime Helpline LLP - Diploma in Cyber Crime Investigation & Forensics,
Similar Profiles
MOHAMED MORSYMOHAMED MORSY
Public Sector Lead - UAE at InformaticaPublic Sector Lead - UAE at Informatica
Vasu PatelVasu Patel
Technical Support Engineer at InformaticaTechnical Support Engineer at Informatica
Pallavi Chikkamagalur PrakashPallavi Chikkamagalur Prakash
Lead Customer Success Operations Analyst at InformaticaLead Customer Success Operations Analyst at Informatica
Connor DullaghanConnor Dullaghan
End User Experience Specialist at InformaticaEnd User Experience Specialist at Informatica
Sana SolankiSana Solanki
College Club - Vice President Communications at Jamia Hamdard UniversityCollege Club - Vice President Communications at Jamia Hamdard University