• Involved in set up of Managed Detection & Response (MDR) service from 0 to 200+ customers globally.
• Provided subject matter expertise on attack techniques and performed malware analysis.
• Implemented and executed monthly Threat Hunt for existing MDR customers.
• Developed and deployed Python Web App with Azure DevOps, allowing MDR service to scale.
    ○ Assigns alerts and investigations from multiple tenants to on shift analysts on a single pane of glass.
    ○ Implemented playbooks to automatically label alerts based on set criteria.
    ○ Generates reports and slides for customer review, as well as metrics for billing and reporting.
• Led team of developers to optimize Web App and continue feature development.

• Rebuilt Red Team capability by drafting red team strategy, workplan and process documents.
• Conducted red team exercise and security assessments on endpoint and infrastructure.
• Developed custom implants and prepared attack plans for Intel-led threat scenarios.
    ○ Implants included a VBA macro which broke process ancestry by spawning an IE COM object.
• Mentored junior colleague on Red Team fundamentals.

• Performed data acquisition, recovery and forensic analysis of systems.
• Analysed malware compromise, policy violation and data exfiltration cases.
• Conducted Threat Hunting activities as part of feasibility trial.
    ○ Identified internal Red Team activity. Led to setup of permanent Threat Hunt team.
• Performed product evaluation and PoC testing on forensic tools.

• Performed "Assume Breach" black box red team engagements.
• Responsible for entire engagement from enumeration to exfiltration.
• Wrote custom tools and scripts for lateral movement and persistency.
• Researched on emerging red team tools and antivirus evasion techniques.