Bhushan Kshirsagar

I’m a cyber security and security operations professional building resilient detection and response through hands-on SOC work, secure development, and cloud monitoring. My focus is turning security signals into validated incidents using evidence, correlation, and clear documentation.

In my current role as a Security Analyst, I perform 24×7 monitoring, alert triage, and incident escalation across network, endpoint, SIEM, and AWS cloud environments. I investigate firewall and endpoint security events, validate malicious indicators using threat intelligence, and prioritize offenses in IBM QRadar by classifying alerts as true or false positives with supporting logs.

I strengthen cloud visibility with AWS services including GuardDuty, CloudTrail, CloudWatch, Inspector, and Security Hub, and I integrate cloud and on-prem telemetry into SIEM for centralized risk awareness. I apply the MITRE ATT&CK framework and follow incident response lifecycle procedures to escalate validated findings to L2 teams with documented evidence and logs.

I also bring a secure engineering mindset—building and testing applications using Java/JSP/Servlets, databases like MySQL, and API testing with Postman. I’m comfortable using AI/automation tools (e.g., LangChain, OpenAI APIs, and security analytics automation) to support log analysis, intelligent assistance, and repeatable prototype development.