Open to EU roles · Remote or relocation

Sourajyoti Paul

EASM Analyst SOC · Tier 2 Threat Intelligence GRC · NIS2 · DORA Detection Engineering

Cybersecurity analyst with 1 year real-world experience in SOC operations, SIEM engineering, and OSINT-driven attack surface analysis. Targeting European security teams with a focus on NIS2-aware risk analysis and actionable threat intelligence.

View Portfolio ↓ GitHub Profile LinkedIn

Sourajyoti Paul

CYBERSECURITY ANALYST · EU-FOCUSED

1yr

Real experience

Certifications

Publications

Role tracks

IBM QRadar · Splunk · Wazuh

NIS2 · DORA · ISO 27001

MITRE ATT&CK · Sigma Rules

OSINT · theHarvester · Shodan

Portfolio Projects

🔍 Track 01 · EASM

NorthBridge Logistics — EASM Engagement

Full passive OSINT-driven external attack surface assessment of a fictional European logistics company. 10 findings including exposed RDP, missing DMARC, breached credentials, and unauthenticated API. Includes executive summary, threat actor profiles (Cl0p, LockBit, APT28), and NIS2 compliance mapping.

OSINT Shodan NIS2 MITRE ATT&CK Threat Intel Risk Register DMARC SpiderFoot

✓ Complete →

🛡️ Track 02 · SOC · Detection Engineering

Sigma Detection Rules Library

20 production-ready Sigma rules covering ransomware precursors, lateral movement (PsExec, WMI), credential dumping (LSASS), and phishing delivery. Each rule includes MITRE ATT&CK mapping, false positive guidance, and tuning notes for QRadar and Splunk.

Sigma MITRE ATT&CK QRadar Splunk Wazuh Detection Engineering

↻ Building →

🛡️ Track 02 · SOC · Incident Response

SOC Incident Response Playbooks

Structured IR playbooks for BEC, ransomware, credential stuffing, phishing triage, and data exfiltration. Built around NIST 800-61, with escalation trees, containment actions, and evidence collection checklists.

Incident Response NIST 800-61 BEC Ransomware SOC Workflow

↻ Building →

📋 Track 03 · GRC · NIS2

NIS2 Gap Assessment — Fictional EU Company

Article 21 compliance gap analysis for a fictional EU logistics company. Maps existing security controls to NIS2 obligations, identifies gaps in supply chain security, MFA, incident reporting, and third-party risk. Directly relevant to EU companies implementing NIS2 from October 2024.

NIS2 DORA ISO 27001 Gap Analysis EU Compliance Supply Chain

↻ Building →

🕵️ Track 04 · Threat Intelligence · CTI

LockBit Threat Intel Report — EU Finance Sector

Structured threat intelligence report profiling LockBit affiliate activity targeting European financial institutions. Covers TTP analysis, IOC samples, Diamond Model application, MITRE ATT&CK mapping, and defensive recommendations aligned to DORA ICT risk requirements.

CTI LockBit DORA MITRE ATT&CK Diamond Model IOC

↻ Building →

Publications

BOOK · Amazon KDP

From Alert to Adversaries

Building SOC and CTI Capabilities the Right Way. A practical guide to blue team operations — from alert triage through adversary tracking — written from hands-on SOC experience.

ARTICLE · Medium · 2025

Embracing AI Prompt Engineering: A Cybersecurity Professional's Journey

Exploring the integration of generative AI into SOC workflows and the emergence of prompt engineering as a technical security skill.

UPCOMING · Book

Dark Signals: The Blue Team Chronicles

A cybersecurity narrative blending storytelling with Blue Team techniques — bridging technical depth with accessibility for a wider security audience.

UPCOMING · Medium

Exploiting IDOR: Understanding Insecure Direct Object Reference Vulnerabilities

Technical deep-dive on IDOR vulnerabilities in modern web applications — real-world attack vectors, exploitation methodology, and mitigation strategies.

Sourajyoti Paul

Portfolio Projects

Technical Skills

Certifications

Publications