K J

Currently embedded in a specialist cybersecurity consultancy, delivering Detection Engineering and Incident Response with extended responsibilities in Intelligence & behavioural Threat Hunts touching both cloud and OT environments. This position builds on early career infrastructure experience where I developed foundational IT skills managing infrastructure for the financial sector within a high-pressure managed services environment.

Cybersecurity Responder at Jumpsec (2025-05 – Present)

Creating tailored detection and response strategies for FTSE 100 and government entities at a cyber consultancy.

• Developed a framework from scratch to overhaul application detections including the use of anomaly decomposition, dynamic severity automation, dashboard compatibility and design on top of applicable MITRE ATT&CK focused detection principles.
• Built highly enriched contextual detections that produced easy to absorb alert logs and imbedded pivots that considerably improved the time to investigate and verdict accuracy by analysts.
• Performed proactive threat hunting using hypotheses-driven approaches, leveraging threat intelligence and client UBA
• Involved in end-to-end incident response across client environments (namely BEC and compromised NGINX servers), including post-incident reporting.
• Utilised Microsoft Sentinel and Defender to perform detailed log analysis, correlation, and investigation of security alerts
• Collaborated with MDR engineers and Adversary Simulation teams to continuously tune detection pipelines and improve playbook effectiveness.
• Release research blogs platformed on the company site with the latest release revolving around quantifying phishing heuristics using NLP and other centroid based algorithms.

Technical Engineer at T-Tech (2024-08 – 2024-12)

Client centric role providing cloud and on-premise technical services for 20 SME's at an MSP, supporting hedge funds and accountancy firms.

• Triaging ∼50 high severity tickets a week, developing a case for investigation and assisting with root cause analysis ensuring SLAs were met.
• Leveraging KQL in XDR to query events and increase visibility into incidents with consideration for TTP's (MITRE ATT&CK).
• Configured Conditional / Group Access policies on AD, M365 and Azure to ensure authorised access to resources and services.
• Monitored and sandboxed potential malicious emails, on Exchange and Mimecast with social engineering awareness taught to clients.
• Active system behaviour monitoring within AVD infrastructure through Azure and LogicMonitor responding in real-time.

BSc (Hons) in Cyber Security – Coventry University (2019 – 2023)

Extended Diploma in Information Technology – Barking & Dagenham College (2017 – 2019)