Summary
Overview
Work History
Education
Skills
Certification
Timeline
Languages
Generic

Madhan Kumar

Technical Lead
Mississauga,ON

Summary

Technical Lead – Cyber Security Operations with 8+ years of experience bridging enterprise security operations, risk management, and governance alignment. Experienced in conducting security risk assessments, supporting acquisition-related security evaluations, and partnering with business leaders to align cyber risk to enterprise risk appetite. Strong background in security operations (SIEM/XDR), cloud security (Azure, Microsoft 365), firewall governance, and threat intelligence, combined with practical experience supporting policy alignment to frameworks such as NIST CSF. Proven ability to translate complex technical findings into actionable business risk insights for executive stakeholders.

Amiable Technical Lead ready to rapidly onboard new personnel and kick start new projects. Achieves rapid and exceptional completion metrics through careful utilization of available skills and technical assets. Assembles effective teams by exploiting complementary competencies and collaborative employee relationships.

Overview

9
9
years of professional experience
8
8
Certificates

Work History

Technical Lead, SecOps

Loblaw Companies Limited
08.2023 - Current
  • Lead real-time monitoring and investigation of security events across Cortex XSIAM, Splunk, and Proofpoint platforms.
  • Direct high-severity (P1/P2) incident response, ensuring rapid containment, root cause analysis, and remediation.
  • Conduct host, network, cloud, and email forensics aligned to MITRE ATT&CK.
  • Partner with Risk and Governance teams to align remediation with NIST CSF and enterprise risk appetite.
  • Reduced MTTR by 25% through improved triage workflows and escalation governance.
  • Collaborate with Detection Engineering to optimize use cases, reducing false positives by 30%.
  • Drive playbook standardization, automation initiatives, and KPI tracking to enhance SOC efficiency.
  • Deliver executive briefings and detailed Post-Incident Reports (PIRs) supporting compliance and regulatory needs.

SOC Team Lead

Stickmancyber Consulting
06.2018 - 08.2023
  • Expertise in multiple SIEM/Security Monitoring tools.
  • Experience in handling, maintaining team in SOC from managing shifts to collaborating with team to manage SOC operations and knowledge sharing.
  • Lead development processes and procedures to improve incident analyses, incident response times and overall SOC functions.
  • Experience in managing internal vulnerability scans, investigate scan results and apply remediation's in common security scanning tools such as Qualys, Openvas, and Nessus.
  • Experience in handling Business Email Compromise (BEC) incident by following NIST cybersecurity framework.
  • Monitoring security of critical systems and changes to highly sensitive computer security controls to ensure appropriate system administrative actions, investigate and report on noted irregularities.
  • Performing analysis and providing possible remediation steps for phishing/spam emails by analyzing email header, attachment, and content of email.
  • Experience in handling escalations from level 1 Security Analysts - guide / advise on investigation and handling of incidents.
  • Deployment, Configuration, and troubleshooting of SIEM Components and optimizing solution.
  • Creation of SOPs for the incidents, Plan of Action, Change management, Incident triage & major incident workflow.
  • Good working Knowledge in endpoint tools such as Symantec Endpoint protection, Blackberry Cylance, and Windows defender.
  • Deployment, Configuration of NIDS to monitor traffic to and from all devices on network.
  • Working knowledge on Office365 log ingestion, analysis, and reporting of activities.
  • Identify and use tools and techniques to conduct static analysis of Malware through multiple threat intelligence tools.
  • Good working experience in providing evidence for different Security assessments and Compliance requirements.
  • Experience in reporting of breached domains and emails through Dark web monitoring.
  • Creating Security advisories based on latest zero-day vulnerabilities and breaches, sharing with customers to create awareness.
  • Creating custom report template, generating, and building Daily, weekly, and monthly reports on multiple data sources.
  • Excellent working experience in ticketing tools such as Jira and Vtiger.
  • Monitoring environments for Security vulnerabilities and report to customers for further actions on remediation. Demonstrated respect, friendliness and willingness to help wherever needed.
  • Paid attention to detail while completing assignments.
  • Worked flexible hours across night, weekend and holiday shifts.
  • Demonstrated creativity and resourcefulness through development of innovative solutions.
  • Developed strong communication and organizational skills through working on group projects.
  • Self-motivated, with a strong sense of personal responsibility.
  • Learned and adapted quickly to new technology and software applications.
  • Proven ability to learn quickly and adapt to new situations.

Information Security Analyst

Teaq Technologies Pvt Ltd
08.2017 - 06.2018
  • Monitored computer virus reports to determine when to update virus protection systems.
  • Monitored use of data files and regulated access to protect secure information.
  • Drafted security reports and metrics to track security performance and strategize improvements.
  • Monitoring alerts in McAfee SIEM Tool.
  • Email phishing analysis.
  • Continuous monitoring, analysis security alerts and event.
  • Provide daily summary reports based on security event analysis.
  • Monitor SIEM alerts, Manages & configures security.
  • Examine logs from trends and unusual activity on internal and external network traffic through DDOS Security Tool and Prioritize multiple security alarms.
  • Identifying virus, spam mail and risk activity.
  • Monitored use of data files and regulated access to protect secure information.
  • Administered and monitored firewalls, intrusion detection systems and anti-virus software to detect risks.
  • Educated and trained users on information security policies and procedures.
  • Exposure to using framework and compliance like MITRE - ATT&CK. CIS Critical Controls OWASP etc.
  • Track threat actor and associated tactics technique , and procedures (TTP ).
  • Analyzed network traffic and system logs to detect malicious activities.
  • Running the phishing campaigns and will be giving security awareness to the employees.
  • Hands On experience on Trendmicro XDR and EDR.

Education

Bachelor of Engineering - Electronics And Communications

Dayananda Sagar College of Engineering
Bangalore
06-2016

Skills

Team leader - Excellent

Strategic Planning - Excellent

Technical analysis - Excellent

Incident response - Excellent

Event monitoring - Excellent

IDS - Excellent

Cybersecurity - Excellent

AWS - Good

Security best practices

Certification

AlienVault USM Appliance, USM Anywhere and USM Central self-paced training.

Timeline

Technical Lead, SecOps

Loblaw Companies Limited
08.2023 - Current

SOC Team Lead

Stickmancyber Consulting
06.2018 - 08.2023

Information Security Analyst

Teaq Technologies Pvt Ltd
08.2017 - 06.2018

Bachelor of Engineering - Electronics And Communications

Dayananda Sagar College of Engineering

Languages

English
Full Professional

Similar Profiles

CREATE PROFILE
Madhan KumarTechnical Lead