Experience

Trellix

• United States
• Computer and Network Security
• 700 & Above Employee

• Senior Security Analyst

  • Oct 2022 - Present



Mindtree

• India
• Information Technology & Services
• 700 & Above Employee

• Lead Threat Researcher

  • Nov 2019 - Sep 2022

  Mindtree Ltd is a global technology consulting and services company, helping enterprises marry scale with agility to achieve competitive advantage. Providing service as a Threat Researcher and Incident Response Engineer for Endpoint Detection & Response (EDR) and Antivirus. Experienced working on EPP and EDR technology. Responsibilities: • Analyzes EDR alerts from customers and verify if the reported alerts are TP or FP (uses Kusto databases and other Internal tools) • Provides detailed information about the EDR alerts to customers and answer customers inquiries • Creates quick solutions to help remediate reported EDR FP alerts • Creates detections to proactively identify new malware attack techniques for EDR technology which includes simulating MITRE Attack techniques for EDR coverage • Performs Forensic analysis on systems for possible IoC’s (Indication of Compromise) such as MITRE Attack techniques and known Malware Family behaviors • Provides customer with file analysis and malware remediation using reverse engineering, black-box testing and other malware analysis tools; files include binary, scripts, emails, phishing, PDF, Office files • Creates static and heuristic signatures for malware detection for Antivirus Show less



AppEsteem Corporation

• United States
• Software Development
• 1 - 100 Employee

• Security Researcher

  • Nov 2018 - Nov 2019

  AppEsteem mission is to provide the technology and services necessary for the software monetization industry to self-regulate, clean up its act, and thrive. They provide Clean App certification for Apps/Software that have passed their Certification requirements and verified to be safe and clean. They also identify Deceptor Apps/Software which are software products and services that have violated at least one of the AppEsteem Deceptor Requirements, and which they believe include key identifiers of deceptive and risky behavior that could harm consumers. Responsibilities: • Hunts for Deceptor Apps/Software on both Windows OS and MAC OS downloadable in-the-wild and create detailed report about the Apps/Software behavior and properties. • Hunts for Deceptor Download links and Affiliate websites available in-the-wild and create detailed report about the Download links and Affiliate websites behavior and contents. • Review submitted Apps/Software from vendor for AppEsteem Clean App/software certification. Show less



Trend Micro

• Japan
• Software Development
• 700 & Above Employee

• Antivirus Engineer

  • Aug 2004 - May 2012

  TrendMicro Inc. is a multinational cyber security software company. It specializes Cloud Security, Content Security, Mobile Security, Data Security, Server Security, Virtualization Security, and Secure online data storage and synchronization. Projects/Teams - Roles: • Smart Protection Network (SPN) – Senior Threat Engineer • Damage Cleanup Team – Senior Threat Engineer • TrendLabs USA (Texas) – Threat Response Engineer • Pattern/Detection Team – Threat Response Engineer • Spyware Team – Threat Researcher Responsibilities: • Creates quality behavioral rules for SPN feedback to identify malicious and normal files • Helps operation teams to provide full infection analysis by querying SPN feedbacks on a given malware family • Supports customer malware-related queries within the respective service level agreement (SLA/SLO) • Handles clients’ malware-related concerns including, but not limited to, system and network diagnosis and file analysis • Provides in-depth analysis of the files submitted by client and determine whether they are malicious or not • Ensures that the latest malwares threats, submitted by the client, are detected by the latest signatures • Creates malware signatures that will detect specific strains of a malware family • Creates/posts malware description to provide manual removal instructions • Provides solutions on how to remove malware infection from the system and be able to restore the system to its original state • Provides clean-up tool (DCT/Genericlean/fixtool/immunity tool) and instructions for the given malware infection • Provides overall solution to restore infected clients to full operational health • Helps enhances system scanner tools such as SICTOOL, Hijackthis and QuickClean to collect more in-depth infection analysis on client’s compromise systems Show less