Durgesh Gaurav

Cyber Security Threat Enthusiast

Diligent and results-driven Cyber Threat Intelligence professional with a proven track record of effectively analyzing and mitigating complex cyber threats. Dedicated to providing actionable intelligence that empowers organizations to proactively defend against potential cyber-attacks.

About Me

Objective

Committed to staying ahead of evolving cyber threats and contributing to the enhancement of cybersecurity strategies in a dynamic and ever-changing threat landscape.

Pesonal Project



RESEARCH WORK

Virtual Security Assistant - Automated Security : The purpose of the project is to create a secure cyberspace through cyber security automation. The research focuses on the reverse engineering of the malware and attack techniques for identification and neutralization to maintain a safe cyber environment by creating a better protection technique to automate cyber self defense.

What I Do ?

  • Threat Modeling
  • Threat Research
  • Dark-Web Investigation
  • Threat Hunt
  • Threat Emulation & Simulation
  • Kill Chain & Threat Models
  • Malware Analysis
  • Penetration Testing
  • Host & Network Forensics
  • Cryptography
  • Vulnerability & Risk Assessment
  • Incident Response
  • MITRE ATT&CK
  • MITRE DeTT&CK
  • MITRE D3FEND
  • OWASP
  • Attack & Surface Vectors
  • YARA and Sigma


My Book

Book



Book Titile - "Learn how to defend against cyber crimes, in just one day"

The book covers the basics of cyber security. It is written for all audiences to help them understand how to identify, take precautions and appropriate actions to defend themselves against cyber security threats. The soul purpose of the book is to spread cyber security awareness and create a secure cyberspace for everyone. The book focuses on several techniques, concepts, and tools to perform defensive measures against cyber-threats and cyber-crimes.


Download

download my book

Resume

Professional Experience

  • 2023-Present

    Sr. SOC Security Engineer

    Tesla Responsibilities

    Research and analyze the latest attacker techniques observed via various INTs (OSINT, SMI/SOCMINT) in the real world and recommend automatic and manual remediation actions.

    Collaborate with cross-functional teams to improve the organization's security posture, implementing countermeasures based on research findings.

    Identify potential IOCs, develop hypothesis and hunt for potential threats.

    Responsible for detection and response using various security monitoring and automation tools e.

    g.

    , SIEM, SOAR, EDR, etc.

    Work with NOC, IT and various business units to triage and remediate detected security incidents and alerts.

    Conduct in-depth investigation of alerts.

    Perform analysis and correlation of network traffic, OS and application-level events/logs.

    Prioritize threat research and investigations based on the information captured.

    Perform Threat Modeling to assess security posture and provide recommendations.

    Analyze phishing emails and extract threat indicators to trace threat infrastructure/tools kits.

    Signal and alert tuning in collaboration with the Detection and Splunk teams.

    Capture malware and perform analysis.

    Create new and maintain existing security operation standards, procedures, playbooks to investigate and identify TTPs.

    Analyze security events/logs and report on threats and incidents across various platforms and environments.

    Threat Hunting activities during the active incidents.

    Continuous tuning and improvement of the existing security signals, rules and alerts to improve detection and response time and reduce impact when an incident occurs.

    • 2019-2023

      Threat Analyst

      Fortinet Responsibilities

      Develop mechanisms to capture active threats/zero-day threats and perform analysis.

      Monitor Dark/Deep web for sensitive information and potential threats.

      Develop threat intelligence and threat hunt platform processes and procedures.

      Leverage MITRE ATT&CK, Diamond, Pyramid of Pain, Cyber Kill Chain, DeTT&CT, and STRIDE models for threat investigations.

      Hunt, investigate, and identify IOCs, IOAs, and IOBs/TTP to identify threats/threat actors/APTs.

      Investigate missing telemetry for threat detection and prevention.

      Leverage OSINT, SMI/SOCMINT, and TECHINT solutions to obtain/investigate intelligence.

      Conduct threat emulation and simulation to identify security gaps and improvement areas.

      Digital Forensics, Network Forensics, and Incident Response plans and procedures development

      and investigations.

      Identify, collect, and analyze digital evidence.

      Conduct investigations on security incidents.

      Perform malware analysis and analyze threat mechanism/capabilities.

      Identify infection/attack vectors and assess impact of intrusions.

      Incident identification, triage and provide response to the incidents.

      Writing YARA and Sigma rules.

      Assess the network and systems to identify weakness.

      Test and analyze vulnerabilities reported in Fortinet products.

      Assess the impact of the vulnerabilities.

      • 2018-2019

        Information Security Analyst

        Pacific Gas and Electric (Contractor) Responsibilities

        Ensuring customer and employee data security against threats.

        Conduct SIEM scans and generating dashboard/reports.

        Scanning and Identify IOCs, IOAs, and IOBs.

        Perform threat analysis using MITRE ATT&CK framework, Pyramid of Pain, and Diamond model.

        Assisted Cyber Kill Chain defense against APT(s) emulations.

        Employing cyber threat modeling techniques to identify malicious threats and activities.

        Analyze network traffic for malicious or abnormal activity for attack vectors.

        Identify adversary's TTPs for technical mitigation strategies for preventing, controlling, and isolating incidents.

        Perform malware analysis using different malware analysis methodologies.

        Perform digital forensics to identify suspicious malicious evidence.

        Assisting intrusion detection and prevention monitoring.

        Perform log analysis and identify malicious activities.

        Conduct data loss prevention with and implementing appropriate measures.

        Analyze potential security violations to identify false positives and policy violations with immediate remediation.

        Identify vulnerabilities via penetration tests to report the issues.

        Prioritize and data loss scan on repositories based on pre-defined criteria and policies.

        Creating risk matrix as per defined criteria.

      • 2011-2015

        Software Engineer

        Apace technology, Ghaziabad, UP, India Responsibility

        Assisted in gathering requirements, developing and testing software.

        Projects Undertaken

        Created a desktop inventory control and management system application using Java SE and MySQL, for controlling inventory and monitoring resources.

        Developed and delivered a small number of micro-sites using JSP, Hibernate, and MySQL for business support.

Education

  • 2016-2017

    Master of Science, Cyber Security

    Webster University, St. Louis, Missouri
    Course Projects

    Actively engaged in system security analysis, analyzed application's broken file format and rectifying errors. Regenerating evidence using digital forensics for the assigned criminal case.

    Inspecting assigned corporate breaches, identified the possible root cause, and provided solutions based on the investigation. Resulting in an improvised digital security and mitigate against further violations.

    Research Topic

    Reverse engineering impact on security and vulnerability analysis using AI/ machine learning for automated security and advanced cyber protection". The research focuses on the reverse engineering of the malware and attack techniques for identification neutralization, and response to maintain a safe cyber environment by creating a better protection technique or standard against threats and vulnerabilities.

    Personal Project

    "Virtual Security Analyst" In-progress, developing a self-defending network and system application which is capable of making self-decisions to execute protection against suspicious activities or intrusions using AI/ machine learning.

    Cyber Security active engagements

    Actively involved in cyber security groups and conferences i.e, STL Cyber Meetup, Mastercard STL Cybercon, Gateway2cybercity for updated techniques and technologies.

    Volunteer Work

    Secretary, Webster finance and investment club.

  • 2007-2011

    Bachelor of Technology, Eletrocnics and Instrumentation Engineering

    Galgotias College of Engineering & Technology, Greater Noida, U.P. India Course Projects

    Developed a device called 'Talking Hand' to be used as a speaking medium by the people suffering from Aphasia (speaking disability), involving a micro-controller and voice processor as controlling elements.

    Designed a robot which could be controlled and operated by an insect instead of a micro-controller, based on "Biomimetics" and intended for disaster recovery operations to save human lives.

    Developed an electro-mechanical arm, functions to detect and pick up metals for multiple uses.

    Volunteer Work

    President (2010 - 2011), Rotaract Club Society, organizing various health-related events to spread life-saving information.

Expertise

Threat Modeling
Threat Research
Dark-Web Investigation
Threat Emulation & Simulation
Kill Chain & Threat Models
Host & Network Forensics
Malware Analysis
Penetration Testing
Network, File, & Log nalysis
Incident Response
Cryptography
Vulnerability Assessment
Risk Assessment
MITRE ATT&CK, DeTT&CK, & D3FEND
Metasploit
OWASP
Threat & Surface Vectors
YARA and Sigma Rules
Python
SIEM
EDR

Pro-Active

Motivated

Team Player

Dedicate

Posts

I'm available

Hire Me

Get in touch

Send me a message


For any information, questions, or concerns please write me at durgesh@durgeshgaurav.com
Location San Francisco, CA 94105
Home Contact +1-314-260-1577