IP
Speed
Loc
Time
BTech Cybersecurity · Poornima University, Jaipur · 2022–2026

Yash Rathore

|

You're probably here to see what I've actually done. Fair enough. Have a look.

0
$ Bounty Won
0
Months SOC Work
0
Hackathons
Scroll to explore
Penetration Testing· Microsoft Sentinel· SIEM / ELK· Sumo Logic· Zero Trust Architecture· SOC Engineering· Threat Detection· AWS GuardDuty· Zendesk· Incident Response· IIT Madras Finalist· MITRE ATT&CK· HackTheBox· PortSwigger· UEBA Analytics· Kubernetes Security· TryHackMe Top 1%· Penetration Testing· Microsoft Sentinel· SIEM / ELK· Sumo Logic· Zero Trust Architecture· SOC Engineering· Threat Detection· AWS GuardDuty· Zendesk· Incident Response· MITRE ATT&CK· HackTheBox· PortSwigger·
01 · Origin Story

Cyber Was
Always First

Class 10 Onwards · Before Everything
Kali Linux, Curiosity, and the Start

Cybersecurity preceded any career consideration. From class 10, I was running Kali Linux, working through tools I did not yet fully understand, and figuring out the mechanics as I went. Early work was squarely in script-kiddie territory: borrowed commands, passive reconnaissance, DoS experiments because they were accessible, the Social Engineering Toolkit because it was genuinely interesting. Not sophisticated — but sustained. That distinction matters more at the start than people admit.

Kali LinuxSocial Engineering ToolkitInfo GatheringSelf-taught
September 2022
Day One · BTech Cybersecurity, Poornima University

When degree selection came up, there was no deliberation. Cybersecurity was already the subject. Poornima University, Jaipur. The coursework provided a serviceable framework; real depth, as expected, required construction outside it. The formal structure confirmed one thing early: everyone on the same track produces the same outcomes. Edge has to be built deliberately.

2023 · Early Structured Practice
TryHackMe, CTFs, and Learning the Craft Properly

2023 was when self-teaching became structured. TryHackMe rooms covering Linux internals, web exploitation, network security, and privilege escalation — worked through methodically, not casually. CTF competitions ran in parallel, which enforced a different cognitive discipline: reasoning through constrained problems rather than executing familiar tool sequences. HackTheBox and PortSwigger's Web Security Academy pushed understanding to the mechanism level — how vulnerabilities are constituted, not merely how to trigger them.

TryHackMeCTF CompetitionsHackTheBoxPortSwigger Web AcademyWeb Exploitation
March 2024
First Hackathon · Udaipur

My first competitive build event, in Udaipur. The pace and intensity of working under a hard deadline with real stakes produced a different quality of learning. One conclusion was immediate: this environment accelerates growth in ways that labs alone cannot replicate.

First competitive build experience
May · June 2024
TryHackMe Top 1% · and a Real Penetration Test

Sustained work on TryHackMe compounded by May 2024 into a top 1% global ranking — the product of consistent, methodical progression through offensive and defensive security challenges rather than volume alone. Concurrently, a friend requested a penetration test for his company. Conducted entirely with free, open-source tools. Delivered a structured professional report. The company's senior engineers reviewed it and acknowledged the quality. That the work was indistinguishable from a constrained commercial engagement, using no paid tooling, was a useful proof of concept.

TryHackMe · Top 1% Global · May–June 2024
Penetration TestingReport WritingOpen-Source ToolsAcknowledged by Senior Engineers
July 2024
Blockchain Hackathon · Jaipur

A two-day blockchain-focused event in Jaipur. Learning the rhythm of competitive builds — where time allocation decisions separate teams that ship from teams that don't.

4–9 August 2024
Hacker House Goa · Selected via Devfolio

Selected through Devfolio by building on the DIAM blockchain. Five days residential in Goa. Late-night debugging sessions, genuine technical collaboration, and working relationships formed under shared pressure. The value was not the event itself but the quality of the people in the room — security builders who thought out loud, challenged assumptions, and operated without pretence. That kind of environment provides an education that no platform or course can replicate.

Hacker House Goa · Selected via Devfolio · 5-Day Residential
September 2024
Gurgaon Hackathon · First Bounty, $400

A Solidity lending platform with security logic embedded at the contract level. Top 10 from 150+ teams. $400 bounty. The sponsor company indicated intent to incorporate the logic into their production platform — which is the kind of validation that carries more weight than the prize figure.

$400 Bounty · Top 10 / 150+ Teams · Logic Adopted by Sponsor
Early December 2024
Bangalore Hackathon · Second Bounty, $350

36-hour event on the Agoric blockchain. Cross-chain lending with automatic conversion via orchestration and minimised gas fees. $350 bounty. Two consecutive wins at separate events removed any question of coincidence from the equation.

$350 Bounty · Cross-Chain Lending · Agoric Orchestration
Late December 2024
0xDay Hackathon · Pondicherry

Three-day residential at a university campus. A concentrated gathering of builders and researchers, with substantive conversations about tools, threat models, and emerging techniques. Industry mentors present throughout. More community than competition — and better for it.

0xDay · Pondicherry · Security-Focused Residential Event
January 2025
Shaastra · IIT Madras · Programming Contest Finalist

Qualified through structured logical reasoning. Competed at IIT Madras as a finalist. What stayed with me from that campus was not the competition but something harder to quantify: the ambient standard of the place. Everyone there read broadly — not only technical literature, but across disciplines. That habit of wide reading, sustained alongside deep specialism, produced a different quality of thinking. Worth noting. Worth adopting.

Finalist · Shaastra Programming Contest · IIT Madras
February 2025 · The Blue Team Shift
Red to Blue · SOC, Sentinel, Detection Engineering

HackTheBox and PortSwigger had built a thorough working knowledge of offensive technique. February 2025 was the deliberate redeployment of that knowledge on the defensive side: SOC operations, Microsoft Sentinel, KQL, SOAR automation, UEBA, cloud security monitoring. The transition was not a departure from offensive security — it was an application of it. Understanding adversarial methodology at a granular level makes detection engineering materially sharper. That principle underpins everything built since.

Microsoft SentinelKQLSIEMSOARDetection EngineeringBlue Team
May 2025 · October 2025
Gardiyan · Full Cybersecurity Immersion

SOC operations, incident playbook development, KQL detection rule authoring, Azure Sentinel and AWS GuardDuty, live ticket triage, night-shift rotations. Built Project Horizon and Project Citadel independently. A full-time offer was extended and declined — not due to the role, but a contractual clause that made acceptance impractical. The offer itself was the relevant data point.

Full-Time Offer Received · 6 Months · Gardiyan
November 2025 · April 2026
Quantix IT Ltd · SOC L1 Analyst (Remote)

Joined Quantix IT Ltd — an early-stage startup — as a remote SOC L1 Analyst. Alert triage and continuous monitoring via Sumo Logic SIEM; incident lifecycle managed through Zendesk ticketing and reporting. Implemented SOAR-based workflow automation for enrichment, correlation, and escalation, reducing manual analyst overhead. Contributed to production-grade client security projects covering detection coverage expansion, runbook documentation, and operational tooling improvements. A compact, high-ownership environment where every contribution was visible.

SOC L1 Analyst · Quantix IT Ltd · Remote · 6 Months
Sumo LogicZendeskSOAR AutomationAlert TriageProduction Client ProjectsRunbook Docs
27 April 2026
Graduated · BTech Cybersecurity · CGPA 7.20

Eight semesters at Poornima University, Jaipur. CGPA 7.20. Four years of formal coursework alongside competitive events, independent builds, penetration testing, and fifteen months of hands-on SOC work across two organisations. The degree was a container. The education was built everywhere else.

CGPA 7.20 · Poornima University · Jaipur
02 · Hackathons

Built Under
Pressure

01
University Hackathon
Udaipur · March 2024

My first. Walked in without a clear sense of the format, left with the clearest direction I had felt in months. Competitive building forces a different kind of clarity.

02
Blockchain Hackathon
Jaipur · July 2024

Two days on blockchain in the home city. Learning where preparation ends and execution discipline begins.

03
Hacker House Goa
Goa · August 4–9, 2024

Five days residential. Selected by building on DIAM. Security builders thinking out loud together — the most technically formative environment I have been in.

04
Gurgaon Hackathon
Cyber City, Gurgaon · Sept 2024

Solidity lending platform with embedded security logic. Top 10 from 150+ teams. Sponsor company adopted the core logic.

$400 Bounty Won
05
Bangalore Hackathon
Bangalore · Early Dec 2024

36 hours on Agoric. Cross-chain lending with automatic conversion and minimised gas overhead. Two wins, two different stacks.

$350 Bounty Won
06
0xDay Hackathon
Pondicherry · Late Dec 2024

Three-day residential security event. Substantive conversations with industry mentors and a concentrated community of serious builders.

Security Community
07
Shaastra · IIT Madras
IIT Madras · January 2025

Finals of the Shaastra Programming Contest. Qualified via logical reasoning. Competed on-campus as a finalist.

IIT Madras Finalist
03 · Technical Arsenal

Tools of
the Trade

SIEM & Detection
Microsoft SentinelSplunkELK StackSumo LogicKQLSigmaYARAZeekDefender XDR
DFIR & EDR
SysmonVelociraptorLimaCharlieVolatilityAutopsyIOC ExtractionLog Analysis
SOAR & Automation
TinesShuffleSentinel PlaybooksTheHiveCortexZendeskAPI Integrations
Cloud Security
AWS GuardDutyAWS Security HubCloudTrailAzure MonitorEntra IDDefender for CloudTerraform
Zero Trust & Identity
KeycloakPomeriumZTNA / SASEOIDCSAMLPKI / TLSMFA
Infrastructure Security
KubernetesK3sDockerFalcoTrivyPrometheusGrafanaHashiCorp Vault
Threat Intel & Frameworks
MITRE ATT&CKNIST 800-53MISPOpenCTIAlienVault OTXUEBAIsolation Forest
Scripting & Languages
PythonBashPowerShellSolidityKQLTerraform
Compliance & GRC
NIST 800-53CIS BenchmarksISO 27001GDPRPCI-DSSDSPMCNAPP
AI in Security
LLM IntegrationAI TriageBehavioral AnalyticsAnomaly DetectionStreamlit
04 · Personal Production Projects

Built to
Understand

Personal Production Project · Independent Build · 2025

Project Horizon

A unified Zero Trust security architecture built entirely on open-source tooling. Five integrated pillars: ZTNA and SASE via Pomerium and Keycloak; automated PII discovery via Apache NiFi and Microsoft Presidio (DSPM); containerised workload security on K3s with Trivy and Falco (CNAPP); a unified XDR pipeline routing Suricata, Wazuh, and Cloud Custodian logs into the ELK Stack; and an insider risk analytics module.

KeycloakPomeriumApache NiFiMicrosoft PresidioSuricataFalcoTrivyELK StackK3sCloud CustodianMinIOPython
Zero Trust Platform
ZTNA & SASE
DSPM
CNAPP
XDR Pipeline
Insider Risk
Personal Production Project · Independent Build · 2025

Project Citadel

A next-generation security analytics and response platform. Wazuh and Elasticsearch monitor Kubernetes clusters. A custom Python and Streamlit UEBA engine applies Isolation Forest models for insider threat detection. An automated SOAR pipeline integrates TheHive, Cortex, MISP, and OpenCTI. Fully mapped to NIST 800-53 and MITRE ATT&CK, validated through live adversary simulations.

WazuhElasticsearchTheHiveCortexMISPOpenCTIKubernetesPrometheusGrafanaHashiCorp VaultPythonStreamlit
SOC Platform
SIEM Ingestion
Custom UEBA
SOAR Engine
NIST 800-53
MITRE ATT&CK
Real-World Engagement · Independent · 2024

Penetration Test · Friend's Company

Full penetration test conducted using only free, open-source tooling. Produced a structured professional report covering findings, risk ratings, and remediation steps. Reviewed by the company's senior engineers, who acknowledged the quality and coverage of the work — no paid tooling involved.

Kali LinuxNmapBurp Suite (Community)NiktoGobusterReport Writing
Real Engagement
Free Tools Only
Senior Praise
Structured Report
Internship Group Project · 2025

Lynis · Feature Extension

Part of an eight-member intern team. Developed eight new features for the open-source Lynis security auditing tool — all in shell scripting, integrated directly into the codebase, with automated tests. 64 new features shipped across the full intern cohort.

Bash / ShellLynisUnix Security AuditingOpen Source Contribution
Open Source
8 Features Built
Team of 8 Interns
64 Total Shipped
Hackathon Build · Gurgaon · September 2024

Blockchain Lending Platform

Smart contract-based lending system in Solidity, with security logic embedded at the contract level. Top 10 of 150+ teams, $400 bounty. Sponsor company indicated intent to incorporate the codebase into their platform.

SoliditySmart ContractsEthereumWeb3.jsSecurity Auditing
Bounty Winner
$400 Prize
Top 10 / 150+
Logic Adopted
05 · Professional Experience

Where I Have
Worked

QUANTIX
Quantix IT Ltd
Early-Stage Startup · Remote
SOC L1 Analyst
Nov 2025 · Apr 2026
Alert Triage & SIEM
Continuous monitoring and alert triage using Sumo Logic SIEM across client environments; managed full incident lifecycle via Zendesk ticketing and reporting.
SOAR Automation
Implemented SOAR-based workflow automation for alert enrichment, correlation, and escalation — reducing manual analyst overhead across recurring incident patterns.
Production Client Projects
Contributed to production-grade client security projects: detection coverage expansion, runbook documentation, and operational tooling improvements shipped to live environments.
Sumo
Logic SIEM
Zendesk
Ticketing
Prod
Client Projects
GARDIYAN
Gardiyan
System Security Technologies · Ankara, Türkiye (Remote)
SOC L1 Analyst Intern
May 2025 · Oct 2025
Alert Triage & Investigation
Investigated and triaged 15–28 alerts per week across endpoints, identity systems, and network telemetry.
Detection Engineering
Tuned 12+ Microsoft Sentinel and other SIEM detection rules. Authored custom KQL queries across DNS, mail, API, and endpoint sources.
Playbook Development
Contributed to 10+ SOC playbooks covering DoS, DNS tunnelling, phishing, credential dumping, Kerberoasting, and malware outbreaks.
SOAR & Automation
Automated triage workflows via Tines and Shuffle. Scripts recovered approximately 10 hours of manual enrichment work per week.
Cloud Security
Hands-on across Azure Sentinel, Defender for Cloud, AWS GuardDuty, and AWS Security Hub. Night-shift rotations included.
Adversary Simulation
Simulations across T1003, T1059, T1078, T1047 to validate detection coverage for lateral movement and credential abuse.
15–28
Weekly Alerts
12+
Rules Tuned
10+
Playbooks
~10h
Saved Weekly
FTE
Offer Received
CYBERSRC
CyberSRC Consultancy
Pvt. Ltd. · Noida, India (Remote)
Cyber Risk Intern
Sept 2024 · Dec 2024
Security Monitoring
Reviewed Wazuh alerts and event data to identify anomalies and validate detection configurations.
Documentation & Compliance
Developed security documentation and prepared audit-ready evidence packages for client engagements.
06 · Credentials & Recognition

Certifications
& Accolades

TryHackMe · Top 1% Global
May–June 2024 · Offensive & Defensive Security
Oracle Cloud Infrastructure Generative AI
Oracle · Certified Professional
CyberOps Associate
Cisco · Certification
Shaastra Programming Contest Finalist
IIT Madras · January 2025
Blockchain Hackathon Bounty Winner
Gurgaon + Bangalore · $750 Total
Penetration Test · Senior Engineers Acknowledged the Work
Real-World Engagement · 2024 · Free Tools Only
RESUME
07 · Resume
Download
My Resume

Cybersecurity since class 10. TryHackMe top 1%. Real penetration test. Fifteen months of hands-on SOC work across two organisations. Two production-grade platforms independently built. Compressed into one document.

08 · Let's Connect

Open to
Opportunities

Not everything stands out.

If you represent a hiring team, a security-focused organisation, or a project where the technical challenge is substantive, the conversation is welcome.

Available for Opportunities

Open to SOC analyst roles, detection engineering positions, cybersecurity engineering, and substantive collaborations in security research or tooling development.

Based in Jaipur, India. Open to relocation and remote-first environments.

Languages
English
Professional
Hindi
Native

09 · Before You Go
On This Website

Yes, this website was built with AI assistance.

I am not a frontend developer. The design concept, structure, narrative, and every content decision were mine. The implementation was AI-assisted. That is not a shortcut — it is an accurate description of effective tool use. I am a cybersecurity professional, not a web developer. This portfolio reflects that honestly.

The build was iterative: structure first, then story, then design refinement, then mobile responsiveness, then copy revision across multiple rounds. Every direction was mine. The final product is a collaboration — the thinking behind it is not.

On the Skills Listed

The list is long. Every entry represents genuine, hands-on contact with the tool or concept — not a job description copy-paste, not a Medium article skimmed. Some were used extensively in production. Some in labs, CTFs, or independent builds. The distinction matters and I can speak to each one if asked. No inflation.

I make mistakes. I learn from them. That is the honest version.

I Also Write

Technical breakdowns, field observations, and the occasional thing that makes a SOC analyst nod — written on Medium. Not personal-brand content. Honest analysis. Starting soon.

medium.com/@pumpcoins0day

Thank you for reading. Whether you are a recruiter, a fellow security professional, or someone who arrived here by accident - I hope the time was worthwhile.

· Yash Rathore