Arannya

SUMMARY

• Over 8 years of hands-on experience in cybersecurity, specializing in advanced threat hunting, malware analysis, and detection engineering for global organizations including Microsoft.
• Conducts deep-dive malware research and reverse engineering, uncovering TTPs (Tactics, Techniques, and Procedures) of advanced threat actors across multiple platforms.
• Leads incident response efforts, including digital forensics, threat attribution, and response orchestration for large-scale security breaches and targeted attacks.
• Performs penetration testing and vulnerability assessments, with expertise in exploiting misconfigurations, buffer overflows, privilege escalation, and lateral movement techniques.
• Skilled in cloud security architecture, with experience securing Microsoft Azure environments, integrating native and third-party tools for continuous threat detection.
• Executes purple teaming exercises by aligning offensive and defensive capabilities to enhance detection logic, SIEM use cases, and response workflows.
• Proficient in social engineering, phishing simulation campaigns, and OSINT techniques to assess human and technical vulnerabilities.
• Experienced in ICS/SCADA security research, focusing on threat modeling and securing industrial control systems against OT-specific attack vectors.
• Applies physical security bypass techniques, such as lock picking and RFID spoofing, to test facility-level security controls.
• Designs and tunes detection rules for malware behavior, anomalous activity, and attacker infrastructure using tools like Sigma, YARA, and custom scripts.
• Performs threat intelligence correlation and attribution, mapping adversary behavior to MITRE ATT&CK framework for proactive defense.
• Conducts forensic investigations across disk, memory, and network artifacts using tools like Volatility, Autopsy, and Wireshark.
• Integrates Red and Blue team strategies to simulate real-world attack scenarios and harden defenses through iterative feedback and telemetry analysis.

SKILLS

• Advanced Threat Hunting and Incident Response
• Malware Analysis and Reverse Engineering
• Vulnerability Management and Penetration Testing
• Cloud Security Architecture for Microsoft Azure
• Purple Teaming and Detection Engineering
• Social Engineering and OSINT
• Physical Security Bypass Techniques
• Incident Handling & Digital Forensics
• Red Team and Blue Team Integration

TECHNICAL EXPERTISE