Durgesh Gaurav

Cyber Security Threat Enthusiast

Diligent and results-driven Cyber Threat Intelligence professional with a proven track record of effectively analyzing and mitigating complex cyber threats. Dedicated to providing actionable intelligence that empowers organizations to proactively defend against potential cyber-attacks.

About Me

Objective

Committed to staying ahead of evolving cyber threats and contributing to the enhancement of cybersecurity strategies in a dynamic and ever-changing threat landscape.

Pesonal Project



RESEARCH WORK

Virtual Security Assistant - Automated Security : The purpose of the project is to create a secure cyberspace through cyber security automation. The research focuses on the reverse engineering of the malware and attack techniques for identification and neutralization to maintain a safe cyber environment by creating a better protection technique to automate cyber self defense.

What I Do ?

  • Threat Modeling
  • Threat Research
  • Dark-Web Investigation
  • Threat Hunt
  • Threat Emulation & Simulation
  • Kill Chain & Threat Models
  • Malware Analysis
  • Penetration Testing
  • Host & Network Forensics
  • Cryptography
  • Vulnerability & Risk Assessment
  • Incident Response
  • MITRE ATT&CK
  • MITRE DeTT&CK
  • MITRE D3FEND
  • OWASP
  • Attack & Surface Vectors
  • YARA and Sigma


My Book

Book



Book Titile - "Learn how to defend against cyber crimes, in just one day"

The book covers the basics of cyber security. It is written for all audiences to help them understand how to identify, take precautions and appropriate actions to defend themselves against cyber security threats. The soul purpose of the book is to spread cyber security awareness and create a secure cyberspace for everyone. The book focuses on several techniques, concepts, and tools to perform defensive measures against cyber-threats and cyber-crimes.


Download

download my book

Resume

Professional Experience

  • 2023-Present

    Sr. Security Engineer

    Tesla Responsibilities

    Research and analyze the latest attacker techniques observed via various INTs (OSINT, SMI/SOCMINT, TECHINT) and prescribe actions that resulted in improved security

    Collaborate with cross-functional teams to improve the organization's security posture and implementing countermeasures based on research findings

    Research and take immediate actions on supply chain cyber threats involving internal and external security infrastructure

    Identify potential IOCs, develop hypothesis and hunt for potential threats

    Prepare threat reports and share with the concerned stakeholders on daily, weekly and monthly basis

    Highlighting major threats and vulnerabilities with security recommendations

    Provide detection and response using various security monitoring and automation tools e

    g

    , SIEM, SOAR, EDR, etc

    Work with NOC, IT and various business units to triage and remediate detected security incidents and alerts

    Conduct in-depth investigation of alerts. Perform analysis and correlation of network traffic, OS and application-level events/logs. Threat Hunting activities during the active incidents

    Prioritize threat alerts to conduct investigations based on the threat severity

    Perform Threat Modeling to assess security posture and provide action-based recommendations

    Analyze and extract IOCs to trace threat infrastructure/malicious tool kits

    Signal and alert tuning in collaboration with the Detection and Splunk teams

    Capture malware and perform analysis to identify malware capabilities

    Create new and maintain existing security operation standards, procedures, playbooks to investigate

    Analyze security events, logs and report on threats and incidents across various platforms and environments

    Continuous tuning and improvement of the existing security signals, detection rules and alerts to improve detection and response time to reduce incident impact

    • 2019-2023

      Threat Analyst

      Fortinet Responsibilities

      Researched and developed system(s) to capture active zero-day threats and assess adversary latest TTPs

      Monitored Dark/Deep web for sensitive information, adversary activities and potential threats to infrastructure

      Leveraged MITRE ATT&CK, Diamond, Pyramid of Pain, Cyber Kill Chain, and STRIDE models for threat investigations

      Hunted, investigated, and identified IOCs and IOAs to identify threats/threat actor TTPs in the environment

      Helped improve threat detection by providing latest adversary TTPs to relevant stakeholders

      Leveraged OSINT, SMI/SOCMINT, and TECHINT solutions to obtain/investigate intelligence

      Conducted threat emulation and simulation to identify security gaps and remediated security issues

      Identified infection/attack vectors and assess impact of intrusions

      Performed incident identification, triage and provided response to the incidents

      Developed Digital Forensics, Network Forensics, Incident Response plans and procedures and performed incident investigations

      Identified, collected, and analyzed digital evidences

      Conducted investigations on security incidents

      Performed malware analysis and analyzed threat capabilities

      Analyze malicious traffic and IOCs to perform correlation to attribute threat actors

      Research, analyze, and provide reports on attacker campaigns as required

      Written YARA and Sigma rules

      Manage and consolidate the cyber threat data sources, compile reports and provide regular consultation and threat briefings to stakeholders

      Tested and analyzed vulnerabilities reported in Fortinet products

      Assess the impact of the vulnerabilities

      • 2018-2019

        Information Security Analyst

        Pacific Gas and Electric (Contractor) Responsibilities

        Ensured customer and employee data security against threats

        Conducted SIEM scans and generated dashboard/reports

        Scanned and Identified IOCs and IOAs

        Performed threat analysis using MITRE ATT&CK framework, Pyramid of Pain, and Diamond model

        Assisted Cyber Kill Chain defense against APTs emulations

        Leveraged cyber threat modeling techniques to identify malicious threats and malicious activities

        Analyzed network traffic for malicious and/or abnormal activity for attack vectors

        Identified adversary's TTPs for technical mitigation strategies to prevent, control, and isolate incidents

        Performed malware analysis using various malware analysis methodologies

        Assisted architecture design and review for CCPA integration using data anonymization

        Performed digital forensics to identify suspicious malicious evidence

        Assisted intrusion detection and prevention techniques

        Performed log analysis and identified malicious activities

        Conducted data loss prevention and implemented appropriate measures

        Analyzed potential security violations to identify false positives and policy violations with immediate remediations

        Identified vulnerabilities via penetration tests to report the issues

        Prioritized data loss scan on repositories based on pre-defined criteria and policies

        Created risk matrix as per defined guidelines

      • 2011-2015

        Software Engineer

        Apace technology, Ghaziabad, UP, India Responsibility

        Assisted in gathering requirements, developing and testing software.

        Projects Undertaken

        Created a desktop inventory control and management system application using Java SE and MySQL, for controlling inventory and monitoring resources.

        Developed and delivered a small number of micro-sites using JSP, Hibernate, and MySQL for business support.

Education

  • 2016-2017

    Master of Science, Cyber Security

    Webster University, St. Louis, Missouri
    Course Projects

    Actively engaged in system security analysis, analyzed application's broken file format and rectifying errors. Regenerating evidence using digital forensics for the assigned criminal case.

    Inspecting assigned corporate breaches, identified the possible root cause, and provided solutions based on the investigation. Resulting in an improvised digital security and mitigate against further violations.

    Research Topic

    Reverse engineering impact on security and vulnerability analysis using AI/ machine learning for automated security and advanced cyber protection". The research focuses on the reverse engineering of the malware and attack techniques for identification neutralization, and response to maintain a safe cyber environment by creating a better protection technique or standard against threats and vulnerabilities.

    Personal Project

    "Virtual Security Analyst" In-progress, developing a self-defending network and system application which is capable of making self-decisions to execute protection against suspicious activities or intrusions using AI/ machine learning.

    Cyber Security active engagements

    Actively involved in cyber security groups and conferences i.e, STL Cyber Meetup, Mastercard STL Cybercon, Gateway2cybercity for updated techniques and technologies.

    Volunteer Work

    Secretary, Webster finance and investment club.

  • 2007-2011

    Bachelor of Technology, Eletrocnics and Instrumentation Engineering

    Galgotias College of Engineering & Technology, Greater Noida, U.P. India Course Projects

    Developed a device called 'Talking Hand' to be used as a speaking medium by the people suffering from Aphasia (speaking disability), involving a micro-controller and voice processor as controlling elements.

    Designed a robot which could be controlled and operated by an insect instead of a micro-controller, based on "Biomimetics" and intended for disaster recovery operations to save human lives.

    Developed an electro-mechanical arm, functions to detect and pick up metals for multiple uses.

    Volunteer Work

    President (2010 - 2011), Rotaract Club Society, organizing various health-related events to spread life-saving information.

Expertise

Threat Modeling
Threat Research
Dark-Web Investigation
Threat Emulation & Simulation
Kill Chain & Threat Models
Host & Network Forensics
Malware Analysis
Penetration Testing
Network, File, & Log nalysis
Incident Response
Cryptography
Vulnerability Assessment
Risk Assessment
MITRE ATT&CK, DeTT&CK, & D3FEND
Metasploit
OWASP
Threat & Surface Vectors
YARA and Sigma Rules
Python
SIEM
EDR

Pro-Active

Motivated

Team Player

Dedicate

Posts

I'm available

Hire Me

Get in touch

Send me a message


For any information, questions, or concerns please write me at durgesh@durgeshgaurav.com
Location San Francisco, CA 94105
Home Contact +1-314-260-1577