JEET A PANDYA
// CYBER SECURITY CONSULTANT //
Initializing secure session...
Cybersecurity Operations  ·  Singapore 🇸🇬

Jeet A Pandya

Cybersecurity Operations Manager
|

10+ years working across security operations, incident response, and threat detection. Currently focused on Security Operations and building AI-driven security tooling at Rajah & Tann Singapore — one of Asia's leading law firms.

CISSP GIAC Advisory Board GCFA GPEN GCIH GCED AWS Security Specialty Splunk Admin CrowdStrike Falcon Hunter
View LinkedIn 🏅 Verify Credentials
0
Years Experience
0
Certifications
0
Organisations
0
GIAC Certs
0
Countries
// 01.  WHO AM I

Profile Summary

I started my career in EY Chennai in 2016, doing threat hunting and Splunk engineering on some fairly complex environments. Over the next decade I moved through Big 4 consulting — incident response, digital forensics, SOC work, compromise assessments — before transitioning in-house. Today I'm Cybersecurity Operations Manager at Rajah & Tann Singapore, reporting directly to the CISO and running day-to-day security operations.

The consulting years gave me exposure that's hard to replicate: ransomware IR on a global BPO one week, IT/OT threat hunting for a natural gas manufacturer the next. That breadth — across finance, legal, telco, manufacturing, and BPO sectors — shapes how I think about risk and prioritisation now that I'm on the in-house side.

Right now I'm spending a lot of time building an AI agent for the security team — exploring how LLM-based automation can meaningfully support alert triage and investigation workflows rather than just adding noise. It's an area I find genuinely interesting, and one I think will define how security operations teams work going forward.

I hold a CISSP, four GIAC certifications, and serve on the GIAC Advisory Board. I stay current because this field moves fast — and that's honestly part of what keeps it engaging.

// 02.  WHERE I'VE WORKED

Professional Experience

Cybersecurity Operations Manager
Rajah & Tann Singapore
2025 – Present
Security Operations AI Security Tooling Vulnerability Management EDR DLP MSSP Management Incident Response Cloud Security
  • Own day-to-day security operations — managing vulnerability management, DLP, and EDR platforms, with direct accountability to the CISO.
  • Service-manage external MSSPs, defining expectations, reviewing alert quality, and driving continuous improvement in triage and escalation processes.
  • Define and enforce secure configuration baselines across Azure, M365, Entra ID, Intune, and on-premises Active Directory.
  • Building an AI security agent using LLM-based automation to support alert triage, investigation workflows, and security reporting.
  • Lead incident response — scoping, containing, and coordinating remediation for phishing, DLP events, and MSSP-escalated alerts.
Assistant Manager → Manager
KPMG Singapore  ·  Cyber Security Advisory
Jun 2023 – 2025
Incident Response Threat Hunting Digital Forensics SOC Assessment Use Case Development Purple Team Cloud Forensics IT/OT Security
  • Led enterprise incident response investigations — ransomware, BEC, and data breach — across Windows, Linux, and cloud environments for multiple clients.
  • Delivered PDPC-compliant data breach investigations for Singapore organisations, including PII scoping and regulatory reporting support.
  • Led IT/OT threat hunting for a natural gas manufacturer, analysing servers, network devices, and DNS infrastructure for indicators of compromise.
  • Conducted SOC maturity assessments for financial services and insurance clients, benchmarking against industry peers and delivering gap analysis.
  • Led blue team operations during purple team cloud exercises, building detection logic mapped to MITRE ATT&CK cloud techniques.
Senior Consultant
Ernst & Young Singapore  ·  Cyber Security
Dec 2021 – Mar 2023
Next-Gen SOC SOC Audit Tabletop Exercises Cyber Due Diligence Insider Threat
  • Designed a Next-Gen SOC target architecture, converting a traditional SOC to a mature operational model, and built a reference demo environment to validate the vision.
  • Led an internal SOC audit for a commercial MSSP — presenting findings across Governance, People, Process, and Technology with prioritised remediation recommendations.
  • Developed and facilitated executive tabletop exercises — building threat scenarios, storyboards, and injects tailored to client stakeholders.
  • Conducted cyber due diligence for a financial services M&A transaction, assessing the target's security governance and strategic posture.
  • Developed insider threat detection use cases for a financial services firm, mapping behavioural scenarios to SIEM detection logic.
Intern → Associate Consultant → Consultant
Ernst & Young Chennai  ·  Cyber Security
Jul 2016 – Apr 2021
Compromise Assessment SIEM Engineering Splunk Architecture MITRE ATT&CK SOC Build & Operations AWS Deployment
  • Led a real-time compromise assessment for a global BPO — deploying Splunk and OSQuery across worldwide data centres, with SPAN mirroring of internet gateway traffic for deep packet analysis.
  • Led threat hunting engagements for manufacturing and telecom firms, mapping TTPs to MITRE ATT&CK and performing log analysis across network and endpoint security devices.
  • Architected and deployed distributed Splunk on AWS using Docker containers — configuring Indexer Clusters, Search Head Clusters, Heavy Forwarders, and Monitoring Console for high availability.
  • Built an in-house SOC for an agricultural organisation end-to-end — SIEM architecture, asset inventory, log onboarding, use case development, dashboards, automated reporting, and analyst training.
  • Crafted MITRE ATT&CK frameworks across ride-hailing, manufacturing, and media clients — identifying detection gaps and building coverage to strengthen security posture.
// 03.  CREDENTIALS

Certifications & Achievements

Expert
CISSP
Certified Information Systems Security Professional
(ISC)²
Board
GIAC
GIAC Advisory Board Member
Global Information Assurance Certification
Advanced
GCFA
GIAC Certified Forensic Analyst
SANS Institute
Advanced
GPEN
GIAC Certified Penetration Tester
SANS Institute
Advanced
GCED
GIAC Certified Enterprise Defender
SANS Institute
Advanced
GCIH
GIAC Certified Incident Handler
SANS Institute
Professional
AWS
AWS Certified Security – Specialty
Amazon Web Services
Professional
CCFH
CrowdStrike Certified Falcon Hunter
CrowdStrike  ·  Threat Hunting
Professional
SCA
Splunk Certified Admin
Splunk Inc.
Professional
SCPU
Splunk Certified Power User
Splunk Inc.
Training
FOR509
Enterprise Cloud Forensics & Incident Response
SANS Institute
Training
13C
Windows Endpoint Investigation
13Cubed  ·  Gold Level
Training
ATT&CK
Foundations of Operationalizing MITRE ATT&CK
AttackIQ
Training
P.TEAM
Foundations of Purple Teaming
AttackIQ

Verify All Credentials on Credly

All certifications are digitally verified and publicly available via Credly.

🏅 Open Credly Profile ↗
// 04.  TECHNICAL ARSENAL

Skills & Expertise

CORE COMPETENCY PROFICIENCY

Incident Response & DFIR
Expert
Threat Hunting
Expert
SIEM Engineering (Splunk · ELK · Sentinel)
Expert
Compromise Assessment
Expert
SOC Design & Assessment
Advanced
Cloud Security (AWS · Azure)
Advanced
Network & Traffic Analysis
Advanced
Penetration Testing & Purple Team
Proficient
Security Automation (Python · Ansible)
Proficient
AI / LLM Security Tooling
Proficient
📡
SIEM & MONITORING
Splunk Enterprise Splunk ES ELK Stack IBM QRadar Azure Sentinel Stellar Cyber Splunk Attack Range Splunk SPL Alert Manager
☁️
CLOUD SECURITY
AWS Security AWS SIEM Azure Security Cloud Forensics Docker CI/CD Security IaaS / PaaS Cloud IR
🔍
THREAT INTEL & HUNTING
MITRE ATT&CK MITRE D3FEND YARA Rules SIGMA Rules OSINT Threat Intelligence TAXII Feeds IOC Analysis TTP Mapping
🛠️
FORENSICS & IR TOOLS
Redline OSQuery Volatility CrowdStrike Falcon Memory Forensics Disk Forensics Network Forensics Email Forensics Artifact Analysis
AUTOMATION & DEVELOPMENT
Python Shell Scripting Ansible Terraform CI/CD Pipelines API Integration Custom Parsers
🌐
NETWORK & INFRASTRUCTURE
TCP/IP OSI Model IDS/IPS Deep Packet Inspection DNS Analysis Firewall Analysis Network Traffic Analysis SPAN Mirroring
// 05.  ACADEMIC BACKGROUND

Education & Foundation

🎓
Master of Technology (M.Tech.)
Cyber Security & Incident Response
National Forensic Sciences University
June 2015 – May 2017
SPECIALIZATION Advanced Forensics · Incident Response · Cybercrime Investigation · Digital Evidence
🖥️
Bachelor of Engineering (B.E.)
Information Technology
Gujarat Technological University
June 2010 – May 2014
FOUNDATION Networking · Systems Architecture · Software Engineering · Database Systems
// 06.  BEYOND THE KEYBOARD

The Person Behind the Profile

Jeet in wetsuit before a scuba dive
Scuba Diving
Bike ride through the Himalayas
Bike Riding
Jeet travelling in Vietnam
Travelling
Jeet on a snow trek adventure
Adventure Sports
Jeet enjoying food
Food Explorer
Jeet doing security research
Security Research

LANGUAGES SPOKEN

English Hindi Gujarati