Ravikiran Bal
Cybersecurity Specialist | Incident Response | Digital Forensics | GCFA | GCIH | GIAC Advisory Board
Toronto
Summary
Highly experienced Cyber Security Digital Forensic & Incident Response Lead with over 5.5 years+ of expertise in digital forensics, incident response (DFIR), threat intelligence, and automation. Holds GCIH and GCFA certifications, with extensive experience in deploying, maintaining, and operating forensic platforms to support enterprise cybersecurity initiatives. Proven ability to oversee evidence collection, forensic analysis, and security investigations to prevent and mitigate cyber threats. Adept at mentoring teams, developing forensic tools, and streamlining IR processes through automation. Strong communicator, capable of articulating complex cybersecurity concepts to diverse audiences.
Overview
6
6
years of professional experience
6
6
years of post-secondary education
7
7
Certifications
1
1
Language
Work History
Incident Response Commander
Bank of Montreal
Toronto, ON
07.2024 - Current
- Led high-profile cyber investigations involving malware, insider threats, and advanced persistent threats (APT).
- Conducted disk and memory forensics using tools like KAPE, Telemetry Analysis, and CrowdStrike.
- Spearheaded automation initiatives, including:
A script that analyzes network logs and detects beaconing traffic.
Automating security metrics generation, reducing reporting time from 3 hours to 30 minutes. - Served as Weekly Operations Lead, presenting daily security briefs to executive leadership.
- Acted as Weekly Investigation Lead, overseeing major security incidents and driving response strategies.
- Mentored junior analysts and provided training on forensic methodologies and IR best practices.
Incident Response Specialist
Bank of Montreal
Toronto, ON
07.2021 - 07.2024
- Conducted thorough investigations into phishing, brute force attacks, malware intrusions, and insider threats
- Acted as a presenter for the company’s Bootcamp series, educating teams about cybersecurity functions and responsibilities
- Developed and deployed a Kaizen event model to enhance team skills and efficiency, leading to measurable performance improvements
- Provided training and mentorship to junior analysts, enhancing their forensic investigation capabilities
Info Sec Consultant
FDM Consultancy
, ON
04.2019 - 07.2021
- Investigated and responded to cybersecurity incidents, including phishing attacks, malware intrusions, and brute force attempts
- Collaborated with cross-functional teams to enhance security posture by identifying and remedying security issues
- Assisted in deploying forensic technologies and security processes to support enterprise-wide initiatives
- Recognized for outstanding performance, leading to a full-time cybersecurity role at BMO
Education
Master’s - Information Systems Security
Concordia University
Montreal, QC, Canada 01.2017 - 12.2018
BTech - Computer Engineering
Punjabi University
Punjab, India 05.2012 - 05.2016
Skills
Digital Forensics & Incident Response (DFIR): Evidence collection, disk & memory forensics, malware analysis, insider threat investigations
Forensic Tools & Technologies:
- KAPE – Triage forensic collection and analysis
- Velociraptor – Endpoint visibility and forensic collection
- Eric Zimmerman's Tools (EZ Tools) – Kroll Artifact Parser (like MFTECmd, PECmd, etc)
- Autopsy / Sleuth Kit – Disk forensic analysis
- Volatility / MemProcFS – Memory forensics
- Plaso (log2timeline) – Timeline analysis
- Wireshark / Zeek (Bro) – Network forensics
- FTK Imager / X-Ways / EnCase – Disk image analysis
- CyberChef – Data transformation and decoding
- Bulk Extractor – Searching disk images for artifacts
- MITRE ATT&CK Navigator – Mapping attack techniques
- Nmap / Netcat – Network scanning & enumeration
- Wireshark / TCPDump – Network packet analysis
- Metasploit – Exploitation framework (to understand attacker methods)
- Sysmon / Windows Event Logs – Host-based attack detection
- YARA – Malware pattern detection
- Burp Suite – Web application attack simulation
Security Operations & Investigation Tools: Splunk, CrowdStrike EDR, Tanium, Exabeam, Proofpoint, Carbon Black EDR , Mandiant tools
Incident Response & Threat Mitigation: Cyber incident containment, forensic analysis, remediation strategies
Automation & Scripting: Python, Power Automate, automated forensic analysis, security workflow optimization
Leadership & Training: Cybersecurity bootcamp presentations, mentorship, insider threat analysis, and security posture improvements
Certification
GIAC Certified Incident Handler (GCIH), 94%, Member of the GIAC Advisory Board
Projects Initiatives
- Enterprise Forensics Deployment: Led the deployment and maintenance of forensic analysis platforms, improving investigation efficiency.
- AI-Driven IR Process Optimization: Integrated Gen-AI in incident response workflows, improving threat detection efficiency.
- Security Automation: Developed scripts to automate security metrics and forensic data analysis, reducing investigation time.
- Bootcamp & Corporate Trainin: Led cybersecurity training sessions for new hires and internal teams, strengthening IR capabilities.
- Kaizen Model Implementation: Designed and implemented a Kaizen approach to enhance IR team capabilities and response effectiveness.
Timeline
GIAC Certified Forensic Analyst (GCFA), Earned the FOR508 Coin in the CTF
06-2025
GIAC Certified Incident Handler (GCIH), 94%, Member of the GIAC Advisory Board
09-2024
Incident Response Commander
Bank of Montreal
07.2024 - Current
Splunk Training Certifications, Using Splunk REST API, Dynamic Dashboards, Developing SOAR Playbooks
05-2024
Tanium Threat Response Analyst
04-2024
Tanium: Working with Tanium Threat Response
04-2024
Google Cloud Platform (GCP) Certifications, Core Fundamentals, Managing Security in Google Cloud, Networking in Google Cloud, Mitigating Security Vulnerabilities in Google Cloud
03-2024
Incident Response Specialist
Bank of Montreal
07.2021 - 07.2024
ITIL (Information Technology Infrastructure Library)
05-2019
Info Sec Consultant
FDM Consultancy
04.2019 - 07.2021
Master’s - Information Systems Security
Concordia University
01.2017 - 12.2018
BTech - Computer Engineering
Punjabi University
05.2012 - 05.2016
Similar Profiles
JOSEPH SILIEZARJOSEPH SILIEZAR
Bank Teller at BANK OF MONTREALBank Teller at BANK OF MONTREAL
PHILIP OSINEYEPHILIP OSINEYE
Assistant Branch Manager at Bank of MontrealAssistant Branch Manager at Bank of Montreal
Alesha ColacoAlesha Colaco
Marketing Manager, Branch Experience Marketing at Bank of MontrealMarketing Manager, Branch Experience Marketing at Bank of Montreal
Richard CharlesRichard Charles
Personal Banker at Bank of MontrealPersonal Banker at Bank of Montreal
Anisha BishnoiAnisha Bishnoi
Cashier at Tyndale University CafeteriaCashier at Tyndale University Cafeteria