Shashank Malik

Led end-to-end investigations of high-severity cloud security incidents (SEV-level) involving compromised identities, abused cloud resources, phishing infrastructure, crypto-mining workloads, and large-scale tenant abuse across Azure and Microsoft 365. Performed deep forensic analysis using identity logs, audit trails, activity telemetry, and threat intelligence to determine attack vectors, blast radius, and root cause. Executed real-time containment actions including account suspension, credential revocation, workload isolation, and infrastructure lockdown to prevent further lateral movement and abuse. Conducted proactive threat hunting across cloud environments to identify emerging attacker techniques prior to automated detection coverage. Authored clear incident reports and executive-ready postmortems, providing remediation guidance adopted by customers and internal engineering teams. Collaborated with security engineering, abuse prevention, and legal teams to improve platform-level detections and response workflows. Contributed to detection logic and response playbooks, strengthening prevention controls and reducing repeat abuse patterns. Performed log and host-based forensic analysis across Linux and Windows systems.

Excelled in SOC monitoring with analyzing diverse log sources for rapid threat resolution. Skilled in escalating complex issues, proficient in using SOAR and ServiceNow for effective threat response, significantly bolstering security infrastructure resilience with expertise in managing cyber and cloud-based threats. Mastered email threat mitigation, analyzing over 1,000 potentially malicious emails monthly. Implemented innovative strategies for malware analysis and counteracting diverse attack vectors, enhancing email defenses against evolving cyber threats. Led the refinement of 30+ use cases aligned with MITRE attack framework, resulting in a 70% reduction in false positives. Innovated Standard Operating Procedures (SOPs) across multiple scenarios, boosting SOC operational efficiency. Conducted 150+ in-depth investigations and hunts to identify and neutralize threats. Proficient in threat hunting and incident response, underpinned by a comprehensive understanding of Threat Intelligence (TI), fortifying security posture. Promoted effective collaboration with interdisciplinary teams during security incidents, facilitating prompt escalations and efficient threat mitigation. Actively engaged with stakeholders, while consistently maintaining key performance indicators (KPIs) such as Mean Time to Acknowledge (MTTA), Mean Time to Resolve (MTTR), and other critical metrics.

Supported investigations of online cyberfraud's and cybercrimes, collaborating with law enforcement to find patterns and aid in resolving cases under mentorship of Dr. Rakshit Tandon. Developed and delivered public cybersecurity awareness initiatives and aided in cyber incident response, documenting and reporting findings to enhance community knowledge and safety against cyber threats.

Managed 45,000+ enterprise user accounts, resolving 300+ technical/security issues monthly. Administered and secured enterprise infrastructure (Active Directory, Azure, AWS, Exchange, Office 365). Applied ITIL best practices to deliver secure and reliable IT services to a global client base.