om.jadhav@portfolio: ~
Available for security engineering roles

Om Parag Jadhav

I defend organizations by thinking like an attacker and engineering like a defender.

Cybersecurity professional focused on enterprise security, endpoint defense, cloud security, SOC operations, vulnerability management, penetration testing, and AI-enabled security workflows.

Download Resume View Case Files LinkedIn GitHub Contact Me
New York City[email protected]
PROFILE

OPERATOR PROFILE

Cybersecurity analyst focused on enterprise security operations — triaging SOC alerts, defending endpoints, hardening Microsoft 365 and Azure environments, and supporting vulnerability management and penetration testing programs.

I work the full lifecycle: investigate signals across SIEM, EDR, identity, and email; partner with engineering to remediate; and translate technical findings into governance, policy, and executive-ready reporting. I also explore AI-assisted workflows to improve triage, reporting, and analyst efficiency without compromising controls.

SOCEDR / XDRM365 · AzureVuln MgmtPentestGovernanceAI in Security
  • SOC operations & incident response
  • Endpoint defense (Carbon Black · CrowdStrike · Defender)
  • Microsoft 365 & Azure security
  • Vulnerability management
  • Penetration testing support
  • Governance, policy & audit
  • AI-enabled security workflows
INCIDENT LOG

/var/log/career.log

  1. INC-2025-137ACTIVE· 10/2023 — Present· NYC

    Cybersecurity Analyst @ Semperon Systems

    • Triage and investigate SOC alerts across SIEM, EDR, email security, identity, and endpoint platforms.
    • Support enterprise endpoint security operations using Carbon Black, CrowdStrike, and Microsoft Defender for Endpoint.
    • Administer and secure Microsoft 365 and Azure environments, including Entra ID, Conditional Access, email security, and security policy enforcement.
    • Conduct phishing investigations, awareness campaigns, vulnerability assessments, and penetration testing support.
    • Build executive-facing security dashboards and reports that translate technical findings into business risk.
    • Support policy, procedure, compliance questionnaire, and security audit activities for client environments.
    • Explore AI-assisted workflows to improve security operations, reporting, and alert triage efficiency.
  2. INC-2024-274RESOLVED· 06/2023 — 09/2023· NYC

    Independent Security Consultant @ Com-Sec

    • Led Virtual CISO engagements, cutting client cybersecurity incidents by 45%; supported compliance readiness across SOC 2, HITRUST, ISO 27001, HIPAA, and PCI-DSS aligned controls.
    • Guided clients through SOC 2 and HITRUST audits to successful certification.
    • Designed secure AWS architectures with VPC peering, PrivateLink, and Transit Gateway.
    • Automated PCI-DSS, ISO 27001, and HIPAA controls using AWS Config Rules and Lambda.
    • Resolved 75+ findings through pentests on AWS workloads, improving resilience by 30%.
  3. INC-2023-411RESOLVED· 05/2022 — 12/2022· NYC

    Security Engineer Intern @ Lark Health

    • Hardened VPCs, security groups, Route 53, S3, and databases across AWS workloads.
    • Automated vulnerability management via AWS Inspector piped into the SIEM for centralized response.
    • Configured multi-region CloudTrail logging shipped to Splunk for real-time monitoring.
    • Built threat model and launched MDM for Windows fleet; supported HITRUST work on Drata.
    • Revamped OpenBugBounty program, driving a 50% increase in bug submissions.
  4. INC-2022-548RESOLVED· 01/2022 — 05/2023· New York

    MTA Program Assistant @ NYU Tandon Online

    • Supported four prerequisite courses — Linux, Information Security, Python Basics, OT Networks.
    • Moderated discussions, graded assignments, and answered learner questions on course content.
  5. INC-2021-685RESOLVED· 06/2019 — 05/2021· Mumbai

    Consultant — Cyber Risk @ Deloitte

    • Assessed 10+ web and mobile apps for financial sector clients, mitigating critical vulnerabilities.
    • QA'd penetration testing deliverables and evaluated control maturity across global teams.
    • Performed black-box and grey-box tests against CIS, ISO 27001, PCI-DSS, HIPAA, SOX, NIST, GDPR, MITRE ATT&CK.
SOC // SIMULATED

CORE SECURITY WORK

ALERT QUEUE
Healthy
triaged
MTTD TARGET
< 15m
on track
ENDPOINT FLEET
Hybrid
monitored
CONTROL POSTURE
Hardened
audited
CH-01
ARMED

SOC & Incident Response

SIEM alert triagePhishing investigationsRisky sign-insEndpoint detectionsContainment workflows
Monitoring
CH-02
ARMED

Endpoint Security

CrowdStrikeCarbon BlackMicrosoft Defender for EndpointPolicy tuningDetection review
Hardened
CH-03
ARMED

Cloud & M365 Security

Entra IDConditional AccessM365 adminEmail securityIdentity hardening
Validated
CH-04
ARMED

Vulnerability Management

ScanningPrioritizationRemediation trackingReporting
Documented
CH-05
ARMED

Pentesting & Offensive Security

Web testingNetwork testingBurp SuiteNmapMetasploit
Automated
CH-06
ARMED

Security Awareness

Phishing campaignsUser trainingEmail security analysis
Documented
CH-07
ARMED

Compliance & Governance

PoliciesProceduresQuestionnairesControlsExecutive dashboards
Hardened
CH-08
ARMED

AI in Security

AI-assisted triageReporting automationDashboardsWorkflow optimization
Automated
CLASSIFIED

CASE FILES // FIELD REPORTS

SEC-STACK-01

SECURITY STACK

SIEM

IN USE
  • AlienVault
  • Stellar Cyber

EDR / XDR

IN USE
  • Carbon Black
  • CrowdStrike
  • Microsoft Defender for Endpoint

Email Security

IN USE
  • Barracuda
  • Mimecast
  • SPF
  • DKIM
  • DMARC

Cloud / Identity

IN USE
  • Azure
  • Entra ID
  • M365
  • Conditional Access
  • Intune

Vulnerability & Pentest

IN USE
  • Nessus
  • Nmap
  • Burp Suite
  • OWASP ZAP
  • Metasploit

Scripting & Automation

IN USE
  • PowerShell
  • Python
  • Bash

Governance

IN USE
  • Policies
  • Procedures
  • Questionnaires
  • Compliance audits
CRED-VAULT-02

CREDENTIALS VAULT

VERIFIED BADGES6 credentials
CompTIA Network Vulnerability Assessment Professional
CompTIA
ACTIVECREDLY
View Badge
CompTIA Security+ ce Certification
CompTIA
COMPLETEDCREDLYJun 2022
View Badge
CompTIA PenTest+ ce Certification
CompTIA
ACTIVECREDLYSep 2023
View Badge
Microsoft Certified: Azure Fundamentals
Microsoft
ACTIVECREDLYMay 2022
View Badge
Microsoft Certified: Azure Security Engineer Associate
Microsoft
COMPLETEDCREDLYNov 2023
View Badge
LFD121: Developing Secure Software
The Linux Foundation
ACTIVECREDLY
View Badge
UNVERIFIED3 credentials
AWS Security Fundamentals
Amazon Web Services
ACTIVEUNVERIFIEDApr 2023
Security Engineering on AWS
Amazon Web Services
ACTIVEUNVERIFIEDAug 2023
Qualys — Cloud Security Assessment & Response
Qualys
COMPLETEDUNVERIFIEDFeb 2024
IN PROGRESS2 credentials
CISSP
(ISC)²
IN PROGRESSIN PROGRESS
CompTIA SecAI+
CompTIA
IN PROGRESSIN PROGRESS
OP-BG-03

OPERATOR BACKGROUND

verifiedIN PROGRESS

Doctor of Business Administration — IT Management

Westcliff University

Irvine, CA, US

verifiedCOMPLETED

MS Cybersecurity

New York University

New York, NY, US

verifiedCOMPLETED

BTech Computer Engineering

Veermata Jijabai Technological Institute

Mumbai, MH, India

SECURE CHANNEL

CONTACT HANDSHAKE

Preferred contact: email or LinkedIn. Open to security engineering, cloud security, and AI security operations opportunities.

[email protected]SEND ▸LinkedInOAUTH