Open to Cybersecurity Roles

Soumyadipta
Birabar

// SOC & Threat Detection VAPT Cloud Security Red Team Security Engineering

Cybersecurity Engineer with real-world SOC and network security experience, a portfolio of published security tools, and a Grand Finalist finish at IIT Kanpur's HACK IITK 2026. I build things that detect, break, and defend — across cloud infrastructure, web applications, and AI-driven threat pipelines.

Top 1%TryHackMe Global
AIR 7NFAT / 50,000+
10+Published Articles
7.88CGPA / 10
Soumyadipta Birabar
Soumyadipta Birabar
// cybersecurity_engineer
THM
Top 1% Global
NFSU
Gandhinagar
ISC²
CC Certified
eJPT
In Progress

02. Experience

Where I've Worked

Hands-on exposure across government security infrastructure, SOC operations, and enterprise IAM — in production environments.

May 2026 – Jul 2026
Cyber Security Intern
IFSCA — International Financial Services Centres Authority, GIFT City Network Security SIEM / SOAR MITRE ATT&CK
  • Conducted comprehensive security architecture review of enterprise network controls — evaluated firewall segmentation, access zones, and trust boundaries to identify misconfigurations; recommended Zero Trust enforcement across ~200 endpoints; findings mapped to NIST CSF and IFSCA Cybersecurity Framework.
  • Deployed Wazuh SIEM with custom MITRE ATT&CK-aligned detection rules; engineered a SOAR pipeline (n8n + Jira) to automate adversarial alert triage and eliminate manual ticket creation, cutting mean alert triage time by ~40%; assisted in FIM monitoring and DLP procurement/control assessments.
  • Produced security operations reports for technical and non-technical stakeholders; identified compliance gaps against IFSCA regulatory requirements; reduced tool sprawl by ~30% through vendor consolidation and hardening recommendations.
May 2024 – Jul 2024
SOC L1 Analyst Intern
RockLadder Technologies — Security Operations Center SOC Operations FortiSIEM Threat Hunting
  • Performed alert triage, threat hunting, and NOC operations across multi-source log pipelines using FortiSIEM; executed incident response per NIST SP 800-61 with end-to-end documentation from detection through containment to post-incident reporting.
  • Conducted attack-pattern analysis and adversarial simulation triage across network and endpoint telemetry; performed systematic use-case tuning and runbook refinement, reducing false positive rate by ~25% and improving signal quality across enterprise infrastructure.
  • Gained full lifecycle SOC exposure: initial alert triage through escalation to L2 analysts, recurring attack pattern analysis, and real-time correlation of anomalous access patterns against known adversary TTPs.
Jan 2026
Security Analyst — IAM Focus
Tata Consultancy Services Virtual Experience · Forage
  • Mapped user roles and access policies to zero-trust principles and business risk objectives within a consulting simulation.
  • Produced IAM documentation: access control matrices, privilege review findings, and least-privilege enforcement recommendations across enterprise systems.
Dec 2025
Cybersecurity Analyst
Deloitte Australia Virtual Experience · Forage
  • Investigated a simulated client breach by analyzing web server logs; correlated anomalous access patterns and user behaviour to reconstruct the attack timeline and identify affected assets.
  • Documented findings in a structured incident report, applying triage methodology to differentiate malicious activity from false positives, with actionable remediation recommendations.

03. Skills

Technical Arsenal

A broad toolkit forged through internships, security research, and hundreds of hours in the lab.

SOC & Incident Response
WazuhFortiSIEMSplunk ELK StackSuricataSentinelOne Alert TriageThreat Hunting Log AnalysisEDRFIM DLPSOAR (n8n) Digital ForensicsNIST SP 800-61
Offensive Security & VAPT
Web & API PentestingBurp Suite Pro MetasploitSQLMapNmap NessusNiktoGobuster OWASP ZAPKali Linux OWASP Top 10Business Logic Vulnerabilities Black/White Box TestingNetwork VAPT
Red Team & Adversary Simulation
MITRE ATT&CKCyber Kill Chain Priv Esc — Linux/Windows/Cloud Lateral MovementPost-Exploitation Custom Detection LogicPurple Team Ops Adversary EmulationSIEM Validation
Cloud & DevSecOps
AWS IAMCloudTrailGuardDuty S3 / EC2IAM Privilege Escalation Paths WAF BypassFirewall Segmentation Review Zero Trust ArchitectureDocker KubernetesGitHub Actions CI/CD SAST/DASTContainer Security
Programming & Automation
PythonBashPowerShell C / C++JavaJavaScript SQLREST APIsGit LangChainFastAPI Linux AdministrationSecure Coding
Networking & Traffic Analysis
TCP/IP SuiteDNS Architecture WiresharkTraffic Analysis Firewalls & IDS/IPS Network Security Architecture Windows & Linux
Frameworks & GRC
MITRE ATT&CKNIST CSF ISO 27001 / ISMSSOC 2 PCI DSSRBI Cybersecurity Framework CVSSIS Risk Assessments Security Architecture Review Security Policy Drafting Third-Party AssessmentsSecure SDLC
Certifications ISC² CC Fortinet NSE 1, 2, 3 AWS Academy Cloud Graduate C-DAC Windows Forensics Microsoft Cybersecurity Essentials eJPT (INE Security) — In Progress CompTIA Security+ — In Progress
soumyadipta@nfsu:~$ — zsh
whoami
  soumyadipta_birabar  // cybersecurity_engineer
cat current_focus.json
  {
    "primary": "Adversary emulation & purple team automation (Ares)",
    "pursuing": "eJPT (INE Security) + CompTIA Security+",
    "practicing": "HackTheBox Pro Labs · PortSwigger Web Academy",
    "writing": "medium.com/@SudoXploit7 — 10+ articles",
    "open_to": "VAPT · SOC / Threat Detection · Red Team · Cloud Security · Security Engineering · Research"
  }
locate rankings.db
  [✓] TryHackMe — Global Top 1%  |  HackTheBox — Active
  [✓] HACK IITK 2026 — Grand Finalist (Top 48 / 9,000+)

04. Projects

What I've Built

Security tooling at the intersection of offensive research, AI/ML, and defensive operations — every project ships real code.

COMPLETED · HACK IITK 2026 Grand Finalist
QuantumShield

Post-quantum secure OpenID Connect implementation over KEMTLS. Engineered a TLS replacement using ML-KEM-768 (NIST FIPS 203) and ML-DSA-65 (FIPS 204), achieving 21% lower handshake latency and a 30% smaller wire footprint compared to PQ-TLS. Bridges academic PQC research and production-grade deployment readiness for enterprise identity infrastructure.

PythonML-KEM-768ML-DSA-65 NIST FIPS 203/204KEMTLSOpenID ConnectPost-Quantum Crypto
COMPLETED
DefenSight AI

Autonomous Network Defense Copilot — RAG + LLM pipeline ingesting firewall, IDS & network logs to automate SOC triage, correlate IoCs, surface attacker TTPs, and accelerate threat investigation, reducing analyst decision time by ~35%. Multi-format ingestion, 768-dim ChromaDB semantic search, Groq LLaMA 3.3 70B (128k context), interactive SOC chat, executive & technical PDF reports, SMTP email delivery — behind a multi-user Flask/bcrypt auth system.

PythonFlaskRAG ChromaDBGroq LLaMA 3.3 70BSentenceTransformersReportLab
COMPLETED
POLARIS

Policy Offline Lens for Assessment, Risk & Improvement Scoring — fully offline cybersecurity policy gap analysis engine. Evaluates policy documents (TXT/PDF/DOCX) against NIST CSF 2.0, ISO 27001:2022, and SOC 2 using local semantic embeddings. Produces deterministic scores, remediation roadmaps, rich terminal dashboards, JSON exports, and PDF reports — zero external API calls, safe for confidential policy documents. 80%+ test coverage.

PythonSentenceTransformersNIST CSF 2.0 ISO 27001:2022SOC 2Click CLIOllama
IN PROGRESS
Ares — Autonomous Red Team Expert System

Multi-agent red team automation framework built on LangChain. Orchestrates recon, exploitation, and post-exploitation phases autonomously using MITRE ATT&CK-driven reasoning, ChromaDB vector memory, and a FastAPI backend with real-time WebSocket streaming. Simulates multi-stage attack chains — initial access through lateral movement and data exfiltration — fully mapped to ATT&CK TTPs. Enables blue teams to continuously validate SIEM detection coverage, tune alerting rules against realistic adversary behaviour, and measure detection gaps without manual red team engagements. Designed for controlled SOC validation workflows and structured red team / blue team exercises.

PythonLangChainFastAPI ChromaDBWebSocketMITRE ATT&CK Multi-AgentPurple TeamSIEM ValidationAdversary Emulation

05. Recognition

Achievements

Competition finishes, global rankings, published research, and academic milestones.

HACK IITK 2026 — Grand Finalist

Top 48 teams from 9,000+ participants and 1,300+ teams, Critical Infrastructure Security track. Presented on-campus at IIT Kanpur before a jury from MeitY, Ministry of Defence, Zscaler, and Adani Cybersecurity.

TryHackMe — Global Top 1%

Ranked in the top 1% worldwide through consistent performance across CTF challenges, offensive and defensive learning paths — specialising in web exploitation, network penetration, digital forensics, and community contributions.

Security Research & Writing — 10+ Articles

Published 10+ in-depth technical articles on offensive techniques, CVE analysis, threat research, adversarial tradecraft, and AI agent security at medium.com/@SudoXploit7.

NFAT 2022 — AIR 7 / 50,000+  ·  Quiz Winner  ·  SIH Team Leader

All India Rank 7 out of 50,000+ candidates in the NFSU entrance exam. 1st place in the university-level cybersecurity quiz. Team Leader at Smart India Hackathon, directing a cross-functional team under the Ministry of Education.

Education

Academic Background

NATIONAL FORENSIC SCIENCES UNIVERSITY, GANDHINAGAR
B.Tech – M.Tech, Computer Science Engineering (Cybersecurity)
Integrated Five-Year Program  ·  2022 – 2027
Cybersecurity Specialization Security Research Network Forensics
7.88
CGPA / 10.00

06. Contact

Let's Connect

I'm actively looking for cybersecurity roles — VAPT, SOC/threat detection, red team, cloud security, security engineering, and research. If you're a recruiter, hiring manager, or fellow researcher, I'd love to connect. My inbox is always open.

Soumyadipta Birabar
Soumyadipta Birabar
// cybersecurity_engineer