sawan kumar

Cyber Security Professional and Red Team Practitioner with hands-on experience in Security Operations Center (SOC), Threat Hunting, Incident Response, Endpoint Detection & Response (EDR), Vulnerability Management, Threat Intelligence, and Security Monitoring. Skilled in identifying, analyzing, and responding to cyber threats across enterprise environments using modern security tools and monitoring platforms. Experienced in handling security incidents related to malware detection, suspicious outbound network communication, phishing attempts, endpoint compromise, unauthorized access attempts, PowerShell abuse, persistence mechanisms, and suspicious process execution. Strong understanding of MITRE ATT&CK techniques, IOC analysis, log correlation, attack investigation, and endpoint telemetry analysis. Hands-on experience with CrowdStrike Falcon and Microsoft Defender for Endpoint (MDE) for incident investigation, alert triage, endpoint isolation, IOC hunting, behavioral analysis, malware analysis coordination, and telemetry monitoring. Worked extensively on analyzing high severity malware detections, suspicious document activity, machine learning detections, custom intelligence alerts, and internal threat-related outbound network activities. Experienced in Threat Hunting activities using KQL (Kusto Query Language), Advanced Hunting, Defender XDR, and endpoint telemetry analysis to identify malicious activities, suspicious user behavior, abnormal PowerShell execution, browser exploitation attempts, persistence techniques, suspicious network connections, and unauthorized software execution. Skilled in creating and reviewing security advisories for critical vulnerabilities, zero-day threats, ransomware campaigns, phishing attacks, browser vulnerabilities, and emerging cyber threats. Coordinated with patch management and infrastructure teams for remediation activities and security hardening. Experience in Vulnerability Management including monitoring vulnerable assets,