Skip to main content
Himashi KarunathilakeHK
Open to opportunities

Himashi Karunathilake

@himashikarunathilake

Information Security Analyst specializing in SOC operations, detection engineering, and cloud security.

Sri Lanka
Message

What I'm looking for

I’m looking for a cybersecurity role focused on SOC and Security Engineering—detection tuning, automation, and cloud security—where I can reduce false positives, improve platform reliability, and deliver measurable risk reduction.

I’m a results-driven cyber security professional with 5+ years of progressive experience across security operations, security engineering, cloud security, security data science, governance, risk management, and compliance. I focus on detection and response maturity, aligning security strategy with business objectives through data-driven engineering and automation.

In my current role as an Information Security Analyst (SOC and Security Engineering Teams) at Virtusa, I lead incident response from detection to eradication, continuously monitor the environment, and analyze logs to produce conclusive evidence for investigations. I also create runbooks and SOPs for SOC and Security Engineering, own and rebuild the Security Engineering function as a single-person team, and simultaneously support both teams by delivering 100% of responsibilities across both operations.

I administer, upgrade, and optimize core security tooling to improve reliability, visibility, and detection accuracy, including implementing least-privilege access models across security platforms. I’ve tuned alerts across ExtraHop, CrowdStrike, Splunk, and Proofpoint to reduce false positives, led tool integrations and modernizations, built dashboards and monitoring workflows for SOC visibility, and improved detection logic across email, endpoint, and network security platforms.

Earlier at Pearson Lanka, I tuned IPS/IDS and developed SOC automation using Splunk SOAR and Microsoft Power Automate, while also conducting penetration testing and building secure multi-cloud infrastructures and CI/CD security controls. As a trainee in the GRC team, I supported Cyber Essentials, IASME, and ISO 27001 assessments and helped clients achieve GDPR compliance by developing security policies, breach response plans, and privacy impact assessments.

Experience

Work history, roles, and key accomplishments

VL
Current

Information Security Analyst

Virtusa Global Technology (Pvt) Ltd

Oct 2023 - Present (2 years 9 months)

Led incident response and conducted log-based investigations for the SOC and Security Engineering teams, including documentation of findings for stakeholders. Administered and tuned security tooling (e.g., EDR/SIEM/email/network) to improve detection accuracy and reduce false positives.

Education

Degrees, certifications, and relevant coursework

Sri Lanka Institute of Information Technology logoST

Sri Lanka Institute of Information Technology

Master of Science (MSc) in Information Technology (Cyber Security), Information Technology (Cyber Security)

Grade: Distinction

Completed an MSc in Information Technology (Cyber Security) at SLIIT with distinction (2026).

Amazon Web Services (AWS) logoAA

Amazon Web Services (AWS)

AWS Certified AI Practitioner, Artificial Intelligence

Earned the AWS Certified AI Practitioner certification (2026).

Microsoft logoMI

Microsoft

Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900), Security, Compliance, and Identity

Earned the Microsoft Certified: Security, Compliance, and Identity Fundamentals (SC-900) certification (2022).

Microsoft logoMI

Microsoft

Microsoft Certified: Security Operations Analyst Associate (SC-200), Security Operations

Earned the Microsoft Certified: Security Operations Analyst Associate (SC-200) certification (2022).

Amazon Web Services (AWS) logoAA

Amazon Web Services (AWS)

AWS Certified Cloud Practitioner, Cloud Computing

Earned the AWS Certified Cloud Practitioner certification (2022).

Microsoft logoMI

Microsoft

Microsoft Certified: Power Platform Fundamentals (PL-900), Power Platform

Earned the Microsoft Certified: Power Platform Fundamentals (PL-900) certification (2022).

Sri Lanka Institute of Information Technology logoST

Sri Lanka Institute of Information Technology

Higher Diploma in Information Technology, Information Technology (Cyber Security)

2020 - 2021

Completed a Higher Diploma in Information Technology specializing in Cyber Security at SLIIT (2020–2021).

Microsoft logoMI

Microsoft

Microsoft Certified: Azure AI Fundamentals (AI-900), Artificial Intelligence

Earned the Microsoft Certified: Azure AI Fundamentals (AI-900) certification (2021).

Microsoft logoMI

Microsoft

Microsoft Certified: Azure Fundamentals (AZ-900), Cloud Computing

Earned the Microsoft Certified: Azure Fundamentals (AZ-900) certification.

Sri Lanka Institute of Information Technology logoST

Sri Lanka Institute of Information Technology

Postgraduate Diploma (PGDip) in Information Technology (Cyber Security), Information Technology (Cyber Security)

Grade: Distinction

Completed a PGDip in Information Technology (Cyber Security) at SLIIT with distinction (2025).

Microsoft logoMI

Microsoft

Microsoft Certified: Azure Security Engineer Associate (AZ-500), Cloud Security

Earned the Microsoft Certified: Azure Security Engineer Associate (AZ-500) certification (2022).

Sri Lanka Institute of Information Technology logoST

Sri Lanka Institute of Information Technology

Bachelor of Science (Honours) in Information Technology, Information Technology (Cyber Security)

2018 - 2021

Grade: Second Class

Completed a BSc (Hons) in Information Technology specializing in Cyber Security at SLIIT (2018–2021), second class.

Get matched with your dream remote job

Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan