Kaushik Tripathi

Senior Security Engineer with 5 years of experience in SIEM/SOAR engineering, cloud security and EDR/XDR operations, specializing in log pipeline architecture, MITRE ATT&CK–aligned detection engineering, automation/AI and cross-platform integrations to improve threat visibility and reduce MTTD/MTTC.

GreyMatter Engineer (Senior Security Engineer) at RELIAQUEST (2025-03 – Present)

Senior Security Engineer specializing in multi-platform SIEM/SOAR/EDR/XDR architecture and optimization

• Worked directly with customers to onboard, migrate, and architect multi-SIEM/SOAR/EDR/XDR platforms, including retention planning and GreyMatter automation/AI implementation.
• Optimized client log source configurations to reduce costs while enhancing visibility and detection fidelity, and deployed MITRE ATT&CK–aligned detections to remediate coverage gaps and validate effectiveness.
• Improved MTTA, MTTD, and MTTC by tuning detections, reducing false positives, implementing response playbooks, and expanding high-value telemetry integrations.
• Review Threat Intel, Threat Hunting and Red Team Reports and translated findings into actionable detections.

Security Engineer at RELIAQUEST (2024-03 – 2025-02)

Security Engineer focused on SIEM/EDR operations and detection engineering

• Led escalations for advanced endpoint security investigations, advanced SIEM/EDR Agents troubleshooting, ensuring platform stability and detection effectiveness.
• Led multi-SIEM operations by onboarding and normalizing log sources, correcting timestamp/parsing issues, and optimizing ingestion, correlation, indexing, and data tiering to improve detection reliability while reducing alert noise and licensing costs.
• Ensured effective SIEM/EDR detection coverage by deploying high-fidelity content, minimizing false positives, and improving triage workflows with SOC teams.

Security Operations Engineer at RELIAQUEST (2023-04 – 2024-02)

Security Operations Engineer managing 24x7 SIEM/EDR/XDR monitoring and alert triage

• Monitored SIEM/EDR/XDR alerts 24x7 including triage, prioritization, investigation, and customer escalation of validated security incidents per SLA guidelines.
• Ensured SIEM/EDR/XDR platform stability by monitoring system health, validating log source ingestion, event pipelines, and licensing, and maintaining dashboards and reports across multiple SIEM environments.
• Assisted detection engineering by tuning correlation rules, reducing false positives, and mapping validated detections to MITRE ATT&CK techniques to improve threat visibility and coverage

Cloud Engineer at YASH TECHNOLOGIES (2021-04 – 2023-03)

Cloud Engineer responsible for AWS/GCP infrastructure design, security, and operations

• Built and managed resilient multi-AZ compute on AWS/GCP using EC2, ASG, ALB/ELB, GCE, and MIGs.
• Designed secure multi-cloud VPC networks with segmentation, private subnets, and controlled egress.
• Enforced IAM least privilege + MFA and implemented encryption using AWS KMS / GCP KMS.
• Improved security posture and threat detection using AWS Security Hub, GuardDuty, AWS Config, and GCP SCC.
• Enabled monitoring and investigations using CloudTrail, CloudWatch, and GCP Logging/Monitoring.
• Optimized cloud costs using Cost Explorer, Budgets, and GCP Billing Reports.

PG-Diploma in IT Infrastructure Systems and Security – CDAC, Pune (2020-01 – 2021-12)

B-Tech in Computer Science – AKTU (formerly UPTU), UP (2014-01 – 2018-12)

Intermediate in General Studies – Career Convent College (2000-01 – 2014-12)