AK monogram

SOC PRE-BOOT

Initiating Akshay Koshti Personal Portfolio

[INIT] SOC telemetry pipeline booting...

Correlating global attack traffic 0%

SOC STATUS: ACTIVE

DEFENSE MODE: AGGRESSIVE

Blue Team | Security Operations Centre | Incident Response

Akshay Koshti Deputy Manager | Security Operations

Leading Blue Team Defense and Security Operations

Experienced Deputy Manager and Security Operations leader focused on threat detection, EDR/SIEM engineering, and incident response at enterprise scale.

Download Resume LinkedIn GitHub

Current Focus: SOC Process Hardening and XDR Enablement

Operating Region: Ahmedabad, Gujarat, India

Contact: akshaykoshti97@gmail.com

Initializing SOC telemetry...

Profile

About Me

With over 4 years of hands-on cybersecurity experience, I work at the intersection of Security Operations, incident response, and enterprise security engineering. I currently serve as a Deputy Manager, leading multi-client security initiatives, SOC process improvements, and blue-team programs designed for faster detection and stronger response.

Across organizations including Colgate, Adani, and TechD Cybersecurity, I have managed end-to-end SOC workflows from alert monitoring and triage to investigation, threat containment, and executive reporting. My practical exposure covers SIEM operations, EDR lifecycle management, phishing simulation infrastructure, cyber drill execution, and continuous security posture enhancement.

I have worked deeply across ArcSight, Splunk, Seceon, and Securonix, and led operational delivery for endpoint platforms such as CrowdStrike, Microsoft Defender, Bitdefender, SentinelOne, and Seqrite. Alongside this, I contribute to threat intelligence and external attack surface programs to support proactive defense, risk reduction, and SOC maturity at enterprise scale.

What I Bring

  • Security Operations leadership with strong ownership of delivery and response outcomes
  • SIEM and EDR engineering experience across enterprise and multi-client environments
  • Incident readiness through phishing simulations, tabletop exercises, and ransomware drills
  • Threat intelligence correlation and external attack surface monitoring for proactive defense
  • Operational governance with SLA-focused reporting, stakeholder communication, and process hardening

Visual Stack

SOC Tool Wall

Microsoft Sentinel logo
Microsoft Sentinel
Splunk logo
Splunk
Securonix logo
Securonix
Seceon logo
Seceon
Gurucul logo
Gurucul
CrowdStrike logo
CrowdStrike
Seqrite logo
Seqrite
Bitdefender logo
Bitdefender
SentinelOne logo
SentinelOne
RAM2 logo
RAM2
Recorded Future logo
Recorded Future
Anomali logo
Anomali
Cyble logo
Cyble
BitSight logo
BitSight
Cycognito logo
Cycognito
Microsoft Defender logo
Microsoft Defender
Harmony by Check Point logo
Harmony by Check Point
Forcepoint logo
Forcepoint
Safetica logo
Safetica
Tool 01 logo
Metasploit
Tool 02 logo
Autopsy
Tool 03 logo
Burp Suite
Tool 04 logo
Maltego
Tool 05 logo
Mobilyzer by Black Bag
Tool 06 logo
Nessus
Tool 07 logo
Nmap
Tool 08 logo
Shodan
Tool 09 logo
Splunk
Tool 10 logo
Wireshark
Tool 11 logo
VirtualBox
Tool 12 logo
VMware
Tool 13 logo
Azure Cloud Services
Tool 14 logo
GCP Cloud Services
Tool 15 logo
Kali Linux OS
Tool 16 logo
Ubuntu OS
Tool 17 logo
Windows OS
macOS logo
Mac OS
Tool 18 logo
C Language
Tool 19 logo
C++ Language
Tool 20 logo
Python
Tool 21 logo
HTML + CSS
PowerShell logo
PowerShell
CMD logo
Command Prompt (CMD)
Office applications logo
Office Applications
Power Automate logo
Power Automate
ServiceNow logo
ServiceNow
BMC Remedy logo
BMC Remedy
iTop logo
iTop

Capabilities

Blue Team Skill Matrix

SIEM & Detection Engineering

  • ArcSight
  • Splunk
  • Seceon
  • Securonix
  • KQL Detection Logic

EDR Operations

  • CrowdStrike Falcon
  • Microsoft Defender ATP
  • Bitdefender
  • SentinelOne
  • Seqrite

SOC & Incident Response

  • Incident triage and containment
  • Threat intelligence integration
  • Phishing simulations with GoPhish
  • IOC handling and blocking
  • SOC workflow improvements

Security Governance & Platforms

  • Prisma Cloud Security
  • O365 and Area1 Mail Security
  • BitSight, SecurityScorecard, Cycognito
  • ServiceNow and BMC ticketing
  • SLA-based operational reporting

Journey

Security Operations Experience

01 May 2025 - Present

Deputy Manager - TechD Cybersecurity Limited

  • Lead Product Support Group for deployment/support projects across major security products.
  • Manage Seceon XDR onboarding, issue triage, troubleshooting, and client success.
  • Conduct cyber drills and table-top exercises aligned with client readiness goals.
  • Drive SOC continuous improvement and future-state operational updates.
  • Run phishing simulation programs through GoPhish to improve employee readiness.
30 Dec 2021 - 21 Apr 2025

Deputy Manager - Adani Enterprise Limited

  • Executed SIEM analysis and log operations using ArcSight.
  • Managed advanced hunting and investigation in Microsoft Defender ATP.
  • Built KQL detections and improved SOC alert quality.
  • Led phishing campaign response and O365 protection recommendations.
  • Performed investigations using CrowdStrike and Recorded Future intelligence context.
19 Jul 2021 - 27 Sep 2021

SOC Analyst - Techdefence Labs Solution Pvt. Limited

  • Monitored and triaged incidents with daily reporting for multiple clients.
  • Prepared threat advisories and built custom Splunk hunts/rules.
11 Jan 2021 - 09 Jul 2021

SOC Analyst Intern - Colgate Palmolive

  • Supported SIEM and OT monitoring operations and use-case improvements.
  • Worked on posture and intelligence initiatives including BitSight and Cycognito.
21 Jun 2018 - 31 Dec 2018

Technical Consultant - RESS GmbH

  • Researched emerging technologies and prepared client-facing workshop material.
01 Jun 2017 - 01 Jul 2017

Cyber Security Intern - Gurugram Cyber Cell

  • Worked on social media crime research and cyber investigation support tasks.

Impact

Key Achievements

  • Led deployment/support operations for Seqrite, SentinelOne, Bitdefender, and CrowdStrike programs.
  • Drove SOC operational enhancements and future-ready updates as an active SOC manager.
  • Implemented phishing simulations using GoPhish to strengthen organization-wide awareness.
  • Improved email and domain defense through IOC handling and suspicious-domain takedown activities.
  • Ran MDATP migration testing and delivered comprehensive EDR coverage reporting.
  • Implemented GLPI-based ticketing workflow to track SLA metrics and response efficiency.
  • Created actionable advisories and client-facing threat communication for SOC consumers.

Credentials

Awards & Certifications

Cloud Security

AZ-900 Certification

Microsoft Azure Fundamentals

Offensive Security

Certified Ethical Hacking

Ethical Hacking & Penetration Testing

Digital Forensics

Autopsy Basics Hands-on

Basis Technology

Mobile Forensics

Certified Mobilyzer Operator

Black Bag Technology

Community Leadership

Microsoft Student Ambassador (Twice)

Microsoft

SIEM / XDR

Seceon Innovation & Certification Days (Q2 2025)

aiSIEM, aiXDR, Security Score360, BI360

View Certificate

SIEM / XDR

Seceon Innovation & Certification Days (Q4 2025)

aiSIEM, aiXDR, Security Score360, BI360

View Certificate

Endpoint Security

Bitdefender Certification

Endpoint Protection Technology

View Certificate

Security Leadership

CCEP: Certified Cybersecurity Educator Professional

Red Team Leaders

View Certificate

Security Operations

CPPS Certification

Professional Cybersecurity Program

View Certificate

Red Team Operations

CRTOM: Certified Red Team Operations Management

Red Team Leaders

View Certificate

Threat Intelligence

Cyber Threat Intelligence 101

arcX Foundation Level Threat Intelligence Analyst

View Certificate

SIEM

Securonix Academy 100: Introduction to SNYPR

Securonix Training

View Certificate

Research & Projects

Cybersecurity and Engineering Work

Connect

Let's Build Resilient Security Programs

This form submits securely and sends an email to my inbox.

Direct Channels

Reach Akshay Instantly

Open for SOC analyst and blue-team operations engagements.