Harsh Sarbahi

• Spearheaded the development of a Cloud Security Architecture Review & Assessment framework under the Cyber Threat Management vertical.

• Led GCP, AWS, and Azure security assessments, ensuring GDPR compliance and conducting SAST/DAST to identify vulnerabilities in application code and runtime environments.

• Architected and implemented proof-of-concept (POC) solutions for cloud environments, improving data security measures and achieving a 30% boost in compliance efficiency.

• Designed an optimized SIEM logging solution, increasing ROI by 30% & conducted multiple Cyber Maturity Assessments(CMA).

• Managed a high-performing 10-member team to deliver Attack Surface Management services for a leading telecommunications client, maintaining zero security breaches and 100% SLA adherence.

• Conducted security risk evaluations, introducing cost-effective preventative measures that saved clients over $500K annually.

• Enhanced compliance scores by 20% by training staff on NIST and ISO 27001 frameworks.

• Automated Managed Detection and Response (MDR) processes, boosting efficiency by 40% and mentoring consultants for collaborative success.

• Developed robust security measures, incident response policies, and emergency procedures, enhancing organizational resilience.

• Deployed threat intelligence tools to proactively identify and mitigate emerging cyber threats.

• Mentored Junior SOC Analysts in real-time incident monitoring and response, reducing average resolution time by 25%, achieving a 15% gain in operational efficiency.

• Streamlined SOC workflows, achieving a 15% increase in operational efficiency.

• Managed ArcSight ESM and associated platforms, including content creation and maintenance.

• Directed remote incident response and collaborated with engineering teams to monitor alerts across SIEM tools and EDR solutions.

• Functioned as a single point of contact for clients, aligning security operations with business needs.

• Fine-tuned use cases for ArcSight ESM, improving threat detection accuracy.

• Conducted malware analysis, threat hunts, and handled incidents using RSA, ForcePoint, and Symantec DLP tools.

• Provided documentation of daily activities and supported audits.