About me

I'm a Bachelor of Technology student in Computer Science at SBSSU, obsessed with safeguarding systems and people. I spend most of my time inside student SOC labs, community CTFs, and cloud sandboxes where I can break things safely and document what actually works.

My focus areas span detection engineering, purple teaming, and automation that shortens the time between a finding and a fix. Whether I'm hardening a lab, writing a Lambda function to normalize logs, or walking classmates through threat modeling, I care about clarity, repeatability, and measurable improvements to security posture.

Next role focus

Detection Engineering or SOC Intern

Blending purple-team drills with automation projects so I can contribute to blue teams on day one.

  • SIEM
  • Threat Detection
  • Cloud Guardrails

  • 30+

    Hands-on labs documented

    From ransomware rehearsals to IaC guardrails.

  • 12

    Playbooks & detections

    Sigma rules, automation bots, and tabletop guides.

  • 3

    Student SOC teams led

    Coordinated rotations, comms drills, and after-action notes.

Focus areas in my studies

  • threat detection icon

    Detection engineering labs

    Practicing Sigma rules and telemetry maps to understand how detections evolve from noisy logs.

  • cloud security icon

    Cloud guardrail projects

    Mapping AWS guardrails, IaC baselines, and IAM least-privilege patterns for campus builds.

  • incident response icon

    Incident response drills

    Documenting tabletop-ready guides for phishing, ransomware, and insider drills to learn IR flow.

  • security awareness icon

    Community learning sessions

    Sharing CTF walkthroughs and lessons learned with community cyber clubs as a fellow student.

Foundational practice stack

Weekly reps that keep my fundamentals sharp across networking, OSINT, Linux, encrypted comms, and wireless security.

  • Networking refresh cycles

    Packet Tracer and GNS3 rebuilds of VLANs, ACLs, and site-to-site VPN tunnels until configs feel automatic.

    Every Monday · 90 mins

  • OSINT field notes

    Hunt compromised credentials and attack chatter with Maltego, SpiderFoot, and public breach corpora—fully documented in Obsidian.

    Twice weekly · 60 mins

  • Kali / toolchain scrims

    Rotate through Nmap, Burp Community, and custom Python scripts against local vulnerable VMs to keep muscle memory intact.

    Alt days · 45 mins

  • Surface vs. dark web intel

    Use Tor, OnionBalance mirrors, and RSS collectors to monitor ransomware notes and leak sites—only for defensive intelligence.

    Mid-week · 40 mins

  • Wi-Fi & radio security

    Run aircrack-ng, hcxdumptool, and Kismet captures inside a Faraday bag to test WPA3 settings and rogue AP alerts.

    Weekend · 2 hrs lab

  • Log triage sprints

    Ship Zeek and Suricata data into Elastic/Splunk sandboxes, tag anomalies, and convert useful pivots into Sigma drafts.

    Daily · 20 mins

Certifications & Virtual Experiences

  • Digisuraksha Parhari Foundation

    Digisuraksha Parhari Foundation

    Cybersecurity Internship · Issued Sep 2025 · Coordinated vulnerability assessments and drafted remediation reports for grassroots NGOs.

  • Deloitte

    Deloitte

    Deloitte Cyber Job Simulation · Issued Nov 2025 · Practiced multinational SOC workflows, executive communications, and risk reporting for consulting clients.

  • ANZ Australia

    ANZ Australia

    Cyber Security Management Job Simulation · May 2025 · Modeled incident response metrics and board updates for financial services leadership.

  • AWS APAC

    AWS APAC

    Solutions Architecture Job Simulation · May 2025 · Designed resilient AWS workloads with security guardrails and zero trust references.

  • Clifford Chance

    Clifford Chance

    Cyber Security Job Simulation · May 2025 · Wrote executive briefings on privacy risks, threat actors, and mitigation strategies for legal clients.

  • Mastercard

    Mastercard

    Cybersecurity Job Simulation · May 2025 · Built fraud-detection dashboards and presented data-driven recommendations to business stakeholders.

Digisuraksha Parhari Foundation
quote icon

Digisuraksha Parhari Foundation

Cybersecurity Internship · Issued Sep 2025 · Coordinated vulnerability assessments and drafted remediation reports for grassroots NGOs.

Security Stack & Intel Sources

Daily mix of detection tooling, training sandboxes, and intel feeds I lean on for investigations.

Stack rotates quarterly—below is the current high-usage mix.

  • Threat intel feeds

    MITRE ATT&CK, CISA KEV, Shadowserver, and Malware Traffic Analysis to track active TTPs.

    Intel & Research

  • Detection toolchain

    Splunk, Elastic SIEM, Zeek, and LimaCharlie pipelines for building repeatable detections.

    Blue Team Stack

  • Hands-on training

    Hack The Box, RangeForce, and Immersive Labs cyber ranges keep my offensive and defensive skills sharp.

    Labs & CTFs

  • Community briefings

    SANS NewsBites, The DFIR Report, and Huntress Tuesday Defense for practitioner-focused lessons.

    Community Signals

Resume

Education

  1. Sardar Beant Singh State University (SBSSU)

    Jun 2024 — Jun 2028

    B.Tech Computer Science with Cybersecurity & Tech Society participation. Building SOC labs, capture the flag events, and research on adversary emulation in academia.

  2. Govt. Senior Secondary School, Gurdaspur

    Apr 2022 — Mar 2024

    Completed higher secondary education in Physics, Chemistry, Mathematics, and Informatics Practices with security clubs focused on ethical hacking basics.

  3. Cybersecurity & Tech Society

    Aug 2024 — Present

    Leading threat modeling workshops, blue-team lab nights, and cross-discipline collaborations that align software teams with secure-by-design practices.

Experience

  1. Cybersecurity Intern · Digisuraksha Parhari Foundation

    Sep 2025 — Nov 2025

    Delivered risk assessments for rural NGOs, implemented asset inventories, and drafted response plans that aligned with national cyber hygiene guidance.

  2. Virtual Cybersecurity Analyst · ANZ Australia

    May 2025

    Completed Forage simulation covering incident triage, security metrics for executives, and control uplift recommendations for financial institutions.

  3. Solutions Architecture Fellow · AWS APAC

    May 2025

    Designed secure landing zones, IAM policies, and cost-aware architectures along with attack paths to illustrate business impact.

My skills

  • Threat detection & SIEM
    85%
  • Incident response & DFIR
    80%
  • Cloud security architecture
    75%
  • Python & automation
    70%

Portfolio

Blog

Notebook tracking a ransomware drill

Featured field note

Replaying a full ransomware kill chain before finals week

I hosted a red-blue exercise for our student SOC, forcing teammates to rehearse containment, comms, and recovery in under two hours.

  • Detection debt: Sigma rules that failed in rehearsal became sprint-zero priorities.
  • Stakeholder drills: Practicing executive briefings reduced panic in the comms channel.
  • Automation gaps: We scripted artifact triage the same night and shared the repo below.
Case study 12 min read Updated Nov 30, 2025
Read the debrief

Lab write-ups

24

Hands-on drills, incident captures, and tabletop summaries.

Avg read time

7 min

Short enough for classmates to apply mid-shift.

Newsletter readers

380+

Security students following my lab notes.

Topics I am writing about

  • SOC drills & IR

    Step-by-step debriefs for ransomware, BEC, and insider tabletop scenarios.

    2 posts
  • Automation & bots

    Workflows that turn repeatable responses into buttons or Lambda calls.

    2 posts
  • Cloud guardrails

    Terraform, IAM boundaries, and IaC patterns hardened with every sprint.

    1 post
  • Learning loops

    Consistency rituals for capture-the-flag labs, blue-team drills, and mentorship summaries.

    1 post

Contact

Currently based in

Gurdaspur, Punjab, India

Cybersecurity undergraduate building experience through SOC student teams, detection engineering labs, and purple-team drills.

Time zone

IST (UTC+5:30)

Most responsive between 09:00 and 21:00.

Study mode

Final-year BCA

Balancing coursework with student SOC initiatives and lab write-ups.

Collaboration

Peer learning & internships

Open to joint labs, CTF crews, and internship conversations.

Preferred channels

Pick the lane that matches your request—I usually respond within 24 hours.

Email deep-dives

Detailed walkthroughs, collaboration ideas, or SOC documentation reviews.

Write an email

LinkedIn sync

Quick status updates, internship leads, or campus security meetups.

Message on LinkedIn
  • Student focus: I am currently a cybersecurity student, so I mostly share projects, study notes, and campus initiatives.
  • No paid services: I am not offering consulting or office hours—please reach out for collaborations, internships, or peer learning.
  • Best way to connect: Email for detailed notes, LinkedIn for quick check-ins or campus/community events.

Quick answers

Are you available for internships?
Yes—I'm targeting Summer/Fall 2026 security internships focused on SOC, detection engineering, or purple teaming.
Can we collaborate on research or CTFs?
Absolutely. I regularly join student SOC scrimmages and am happy to co-author write-ups or build detection content.
Do you take freelance or consulting work?
No, I'm focused on learning and internships. I'm happy to share notes or resources though.

Contact Form