Vasantha Kumar Rajee
Specialist, Cyber Threat Response
Bangalore
Summary
- Dynamic professional with extensive technical and managerial expertise in designing, scaling, and leading enterprise-grade Cyber Security Operations Centers.
- Proven proficiency in SIEM, including cloud-native deployments, log source integration, and the creation of custom use cases and monitoring dashboards.
- Skilled in analyzing and mitigating a wide range of cyber threats, from DDoS attacks to insider threats, while effectively managing enterprise-wide InfoSec initiatives that align with compliance and business objectives.
- Committed to developing robust security policies and delivering comprehensive training programs to enhance organizational security posture and incident response readiness.
Overview
15
15
years of professional experience
6
6
Certifications
1
1
Language
Work History
Specialist, Cyber Threat Response
Standard Chartered GBS Pvt Ltd
01.2022 - Current
- As a Cyber Threat Incident Responder (Situation Manager), is responsible to lead the high-impact incident response and orchestrate Major Incident Management calls during critical cybersecurity breaches, driving rapid containment, stakeholder alignment, and strategic recovery efforts
- Applied the Cyber Threat Incident Response Cycle to detect, contain, eradicate, and recover from complex incidents while strengthening organizational resilience.
- Conducted thorough Root Cause Analysis to identify control failures and mitigate risks across complex cybersecurity incidents.
- Collaborated with cross-functional stakeholders to implement compensating and missing controls, enhancing overall security posture.
- Led continuous improvement initiatives based on lessons learned, elevating incident response capabilities and organizational readiness.
- Conducted root cause analysis and implemented continuous improvements based on lessons learned to elevate incident response and readiness.
- Engineered SIEM frameworks (Splunk, MDE, SentinelOne), enriched SOAR playbooks, and automated response workflows.
- Reduced false positives through parser tuning, alert logic refinement, and use-case optimization.
- Oversaw log source onboarding, playbook enhancements, and case automation across hybrid environments.
- Participated in Table-Top and Red Team exercises to validate detection and incident response readiness.
- Participated in deployment of EDR for forensic collection across cloud/on-prem environments and enforced policy-driven app remediation.
Team Leader – Cybersecurity & SIEM Leadership | Global S Operations
Ocwen Financial Corporation
04.2017 - 12.2022
- Led the Global SOC as the central hub for InfoSec incidents across Ocwen, ensuring SLA compliance and stakeholder satisfaction.
- Developed a multi-tiered cybersecurity framework aligned with global standards and evolving threats.
- Unified IT security strategy, aligning operations with emerging technologies, and risk landscapes.
- Built and managed a cloud-native SIEM from scratch; migrated log sources with zero production impact.
- Integrated critical assets (DCs, DNS/DHCP, WAFs, IPS/IDS, firewalls), and automated incident ticketing via ServiceNow.
- Created custom rules, dashboards, and alarms; prevented over 2,000 intrusions in six months with a 0% breach rate.
- Handled P1/P2 incidents with RCA reporting, and maintained 99.9% uptime.
- Investigated threats from IPS/IDS, antivirus (McAfee ePO, CrowdStrike), and HR-referred violations.
- Conducted phishing and spam analysis using reverse engineering; documented SOPs for consistency.
- Trained Tier 1/2 SOC engineers; authored ISO 27001-aligned SOPs and knowledge base articles.
- Supported audits, policy updates, and compliance assurance across security operations.
- Strategic Oversight and Frameworks
- SIEM Architecture and Automation.
- Incident Response and Threat Management.
- Training and Compliance
- Set performance expectations for the team, monitoring progress towards goals and providing constructive feedback as needed.
Information Security Engineer
[24]7 Inc
06.2012 - 04.2017
- Helped in designed the Security Incident response plan and Log Management Strategies for the newly built SOC team.
- Acting as a SPOC and directly interacting with Service Owners (GEO-IT heads) to integrate complete Inventory with the SIEM.
- Defining and prioritizing Event of Interest (EOI) and SLA for Security Operations Centre.
- Identifying and documenting key templates, procedures, and processes required to support the SOC function.
- Creating Daily, Monthly reports of events and incidents for Executive report.
- Real Time Log monitoring/Packet analysis from different devices such as Firewalls, IPS, Operating Systems like Windows & Linux, Proxy Servers, Windows Servers, System Application, Databases, Web Servers and Networking Devices.
- Performing Real-Time Monitoring, Investigation, Analysis, Reporting and Escalations of Security Events from Multiple log sources.
- Creation of Custom Dashboards, Correlation Policies, File Policy, Intrusion policy on the McAfee SIEM Monitoring tool and the Cisco Firesight Management.
- Notifying internal teams for Security Notifications and Vulnerability from US Cert and reports generated from Vulnerability Scanners (Tenable Nessus)
Education
B.Com. - Associate of Commerce
Karnataka State Open University
Bengaluru, IndiaSkills
Proficient in McAfee ESM, Rapid7 InsightIDR, and Splunk ES
SOAR: Splunk Phantom, ServiceNow ITSM
Network Security (IPS): Cisco FirePower Threat Defense & McAfee NSM
Enterprise Antivirus: McAfee ePO EAV, Tanium, Microsoft Defender for Endpoints, MS Defender for Office, SentinelOne, Crowd Strike NGAV & Symantec AV
Web Security: Cisco Umbrella (Open DNS) & Cisco CSMA (Web Security Appliance)
Email Security: Cisco IronPort (ESA), Proofpoint
Certification
CISSP - Certified Information Systems Security Professional
Interests
Passion: Photography, Travelling, Cooking and Painting
Timeline
Specialist, Cyber Threat Response
Standard Chartered GBS Pvt Ltd
01.2022 - Current
Team Leader – Cybersecurity & SIEM Leadership | Global S Operations
Ocwen Financial Corporation
04.2017 - 12.2022
Information Security Engineer
[24]7 Inc
06.2012 - 04.2017
B.Com. - Associate of Commerce
Karnataka State Open University