Designed a 24/7 SOC model integrating SIEM, EDR, and threat intelligence to enhance enterprise security monitoring. Simulated LockBit ransomware attack, applying NIST SP 800-61 lifecycle to manage containment, eradication, and recovery while ensuring continuity of critical banking operations.

Reconstructed attack timeline using correlated logs, mapped adversary TTPs with MITRE ATT&CK, and developed response playbooks aligned with PCI DSS and PIPEDA. Strengthened incident visibility, improved response efficiency, and ensured compliance during high-impact ransomware scenarios.

Performed security assessment identifying gaps including lack of MFA, flat network design, and legacy protocols exposing sensitive healthcare data. Designed defense-in-depth architecture aligned with NIST CSF, CIS Controls, HIPAA, and PHIPA to strengthen security posture and reduce ransomware risks.

Implemented Zero Trust segmentation, IAM using Entra ID, and endpoint protection with EDR. Developed DLP policies, secure backup strategy, and cloud migration plan ensuring data protection, compliance, and improved resilience against cyber threats.

Analyzed CIC-IDS2017 dataset with 200K+ records to detect DDoS, Botnet, and Heartbleed attacks. Applied machine learning models including KNN, Naive Bayes, and Decision Trees to classify network traffic and improve detection of malicious activities.

Achieved 99.99% accuracy with optimized models, reduced false positives, and performed feature selection to enhance detection performance. Strengthened intrusion detection capabilities by comparing algorithms and improving model reliability across multiple attack scenarios.

Conducted ransomware simulation in Cyber Range, analyzing Black Basta attack scenario within financial institution environment. Identified Indicators of Compromise, evaluated threat impact, and produced SITREP reports supporting real-time risk assessment and incident response decisions.

Delivered executive briefings with clear risk insights, balancing containment strategies and business operations. Analyzed adversary TTPs and supported risk-informed decisions, improving response coordination and alignment between technical teams and business stakeholders.

Conducted cybersecurity risk assessment using NIST RMF, identifying and prioritizing key risks based on likelihood and impact. Developed risk register outlining threats, vulnerabilities, and mitigation strategies supporting structured and effective risk management.

Provided mitigation recommendations with trade-off analysis, balancing security and operational needs. Delivered executive-level insights translating technical risks into business decisions, improving risk awareness and supporting informed cybersecurity strategy.