Hi, I'm Rakesh I work in cybersecurity — mostly on the defensive side. Over the past few years I've been focused on building detection logic, tightening up cloud environments, and making incident response a bit less chaotic when things actually go wrong. Right now I'm interested in roles that sit at the intersection of Blue Team and cloud security, where the work involves real engineering, not just clicking through dashboards.

What I actually do Detection & monitoring — Writing detection rules for SIEM platforms (Microsoft Sentinel, Splunk). The kind that fire on real threats, not on noise. Cloud security — AWS and Azure: IAM policy audits, misconfiguration hunting, securing workloads before they become problems. Incident response — From triage to containment. I've written runbooks that other people actually use, which I take as a good sign. Log pipelines — Kafka, Python scripting, getting the right data into the right place so analysts aren't flying blind.

Things I'm working on

Detection rules mapped to MITRE ATT&CK — focusing on techniques that get missed in default rule sets Python scripts for automated IAM auditing across AWS and Azure tenants IR playbooks for common scenarios: ransomware, credential stuffing, cloud data exfiltration

Tech I use regularly Microsoft Sentinel Splunk AWS Security Hub Azure Defender Python KQL SPL C# Kafka

Get in touch LinkedIn I'm open to mid-senior Blue Team and Cloud Security roles. If you're working on something interesting in detection engineering or cloud security posture, I'd like to hear about it.