hemalchoudhary

Directed red and blue team audits for enterprise cloud (AWS/Azure) and on-prem networks, conducted penetration tests, vulnerability scans, configuration reviews, and SIEM/firewall/IDS/IPS/EDR/XDR/WAF assessments. Audited cloud security controls including IAM, encryption, multi-factor authentication, and compliance with ISO 27001, NIST, CIS Benchmarks, and SOC. Collaborated with DevOps, SecOps, and cloud teams to remediate risks, reduced exploitable attack surfaces by ~30%, and mentored junior auditors in cybersecurity audit for penetration testing, and defensive monitoring. Delivered detailed audit reports with actionable recommendations to C-level leadership, with influenced enterprise security strategy and investments.

Conducted security testing on web, API, mobile, and thick client applications, SCA using OWASP Top 10 and SANS 25. Led VAPT engagements across applications (web, mobile, thick client), infrastructure, and cloud environments, performing VA with Nessus & Qualys (PoCs of both tools to evaluate effectiveness, streamline vulnerability management, and validate remediation), source code reviews, and secure configuration assessments based on OWASP Top 10 and SANS 25. Implemented cloud security controls in CI/CD pipelines, integrated automated scanning and secure coding practices, and integrated CSPM solutions (Prisma Cloud & Wiz via PoCs), strengthened compliance, visibility, and continuous monitoring across multi-cloud environments. Directed risk assessments, RBI/ISO 27001 regulatory audits (CSITE, KRI), and delivered cybersecurity awareness trainings every two weeks to non-technical teams on phishing, malware, secure coding practices etc. reducing human-factor risk.

Directed SOC operations with EDR/XDR (CrowdStrike), SIEM (QRadar), email security and DLP solutions (Trellix), WAF (F5) ensuring proactive threat detection, policy enforcement, and incident containment across endpoints, cloud, and email. Led a team of analysts in threat hunting, DLP incident analysis, and forensic investigations, optimize playbooks, runbooks, and implemented automation workflows to reduce MTTD/MTTR by ~30% through SOAR-enabled playbooks. Managed audit and compliance requirements for RBI, by aligning SOC operations with regulatory frameworks, data protection laws, and security standards (ISO 27001, NIST, PCI DSS).

Monitored SIEM alerts to detect security threats, performed incident triage, malware analysis, and APT investigations for timely containment. Executed EDR tasks including malware removal, patch deployment, host isolation, and endpoint health validation. Implemented and fine-tuned WAF, EDR, and DLP policies, conducted configuration upgrades, and optimized security logs to strengthen detection and response capabilities. Provided 24x7 operational support with proactive incident escalation and resolution, ensuring uninterrupted SOC monitoring and compliance with SLAs.

Performed VAPT on web apps and APIs using automated and manual testing, including OSINT reconnaissance, authenticated and unauthenticated scans, and exploit PoC support. Documented findings with evidence, maintained Excel-based vulnerability trackers, and mapped results to OWASP/CWE/CVSS and supported MITRE ATT&CK technique tagging for each confirmed issue, assisted clients with remediation and post-fix retesting.