Summary
Overview
Work History
Education
Skills
Certification
Languages
Custom Section
Personal Information
Timeline
Generic
Ramjan Nadaf

Ramjan Nadaf

Bangalore

Summary

Strategic and results-driven Cybersecurity Operations Leader with 18+ years of experience in IT, including 10+ years in cybersecurity. Proven expertise in building and managing global SOC teams, optimizing threat detection and incident response processes, and aligning security programs with global compliance standards (NIST, ISO 27001). Skilled in SOAR automation, threat intelligence integration, and leadership of 24/7 security operations. CISM-certified, Pursuing CISSP and CySA+ to drive deeper impact at scale. Dynamic leader with a strong background in team mentorship and cross-functional collaboration. Drives operational excellence through effective incident management and performance metrics, enhancing organisational resilience. Committed to fostering a culture of continuous improvement and upskilling within teams. Innovative Cybersecurity Operations Leader dedicated to enhancing security posture across organisations. Spearheads incident response initiatives, ensuring rapid recovery and compliance with regulatory standards. Champions the integration of advanced technologies to streamline operations and mitigate risks effectively.

Overview

19
19
years of professional experience
1
1
Certification

Work History

Sr. SOC Operations Lead

Capgemini
Bangalore
2025.04 - Current
  • Acted as the primary escalation point for critical incidents, coordinating cross-functional teams to resolve issues with minimal impact.
  • Led and mentored a team of 30 SOC analysts, achieving consistent SLA compliance.
  • Managed escalated incidents (DDoS, malware, and insider threats), ensuring rapid containment and compliance with ISO 27001.
  • Initiated mentorship and upskilling programmes for SOC analysts, resulting in increased IR maturity and internal promotion rates.
  • Standardised incident classification schemas, improving prioritisation and consistency in incident handling.
  • Designed & implemented phishing detection systems, reducing attack success rates by 90% through improved email filtering & user training.
  • Configured brute-force protection & lockout policies, minimising unauthorised access attempts by 92%.
  • Directed the entire incident response lifecycle across detection, containment, eradication, and recovery.
  • Prepared detailed root cause analysis and post-incident reports, ensuring continuous threat mitigation.
  • Developed cross-functional incident response playbooks, streamlining escalation workflows and SLAs.
  • Enforced 24/7 SOC shift handovers with zero escalation errors, optimising analyst efficiency.
  • Coordinated with third-party SOC vendors to ensure response consistency and accountability.
  • Conducted ticketing audits and generated SLA breach reports, ensuring KPI alignment and operational resilience.
  • Created daily, weekly, and monthly SOC dashboards tracking incident trends, SLA breaches, and response KPIs.
  • Ensured SOC alignment with business continuity planning, incorporating disaster recovery and backup measures into incident response frameworks for seamless operational recovery.
  • Spearheaded SOAR platform integration, automating alert triage, enrichment, and response, cuttingaverage response time by 60%.
  • Evaluated and deployed new SOC tools, ensuring compatibility with existing architecture and minimising alert fatigue.
  • Improved SIEM rule tuning to reduce false positives and increase the fidelity of alerts.
  • Ensured SOC processes aligned with regulatory standards (e.g., ISO 27001, NIST) and internal audit requirements.
  • Created incident classification and documentation standards to support compliance reporting and audit readiness.
  • Directed staff recruitment and training, building a highly skilled and motivated operations team.
  • Developed and delivered training programmes for staff, improving skill sets and performance.
  • Analysed performance data to identify trends and develop strategies for operational excellence.
  • Monitored staff performance and developed improvement plans.
  • Liaised with senior management to align operational goals with strategic objectives.
  • Analysed performance data to identify trends, making strategic decisions to boost operational success.
  • Optimised resource allocation, ensuring projects were delivered on time and within budget.
  • Conducted regular performance reviews, setting clear objectives and providing constructive feedback.
  • Coordinated strategic plans for administrative services management and optimisation to best use available resources.
  • Reviewed and improved health and safety protocols, resulting in a 40% decrease in workplace accidents.
  • Coordinated cross-departmental projects, enhancing overall productivity and team cohesion.
  • Led operations team in daily tasks, optimising workflow and increasing efficiency by 20%.
  • Implemented feedback mechanisms, using customer insights to drive operational improvements.
  • Collaborated with sales and marketing teams to align operational capabilities with customer demands.
  • Prepared statements detailing operational details, key performance indicators, and other relevant information.
  • Facilitated change management initiatives, minimising disruption and maximising acceptance.
  • Oversaw quality control measures, maintaining a 99% customer satisfaction rate.
  • Conducted risk assessments, mitigating potential issues before they impacted business operations.
  • Reviewed and revised operational policies, aligning procedures with best practices and regulatory requirements.
  • Established performance metrics, driving accountability and recognising outstanding achievements.
  • Led cross-functional teams in project implementation, delivering on time and within budget.

SOC Operation Lead

INTLFCSTONE- StoneX
2021.05 - 2024.05
  • Led a team of 15 SOC analysts, achieving consistent SLA compliance in incident detection and resolution.
  • Incident Response: Investigated and mitigated security breaches, coordinating with internal and external teams to minimize business impact and ensure timely remediation.
  • Conducted detailed malware analysis and implemented mitigation strategies, reducing malware-related incidents.
  • Collaborated with cross-functional teams to develop incident response playbooks and streamline escalation workflows.
  • Prepared detailed post-incident reports and conducted root cause analysis to prevent recurrence of security breaches.
  • Directed end-to-end incident response lifecycles, including detection, containment, eradication, and recovery, followed by lessons-learned reviews to implement preventative measures.

Cyber Security Lead

Tcom
Riyadh
2020.01 - 2020.03
  • Assist with the development of processes and procedures to improve incident response times, analysis of incidents, and overall SOC functions.
  • Hands-on experience on alerts for potential Suspicious, malicious activity using incident review.
  • Hands-on experience with potential Phishing Attacks using Proof point.
  • Hands-on experience alerts for potential Symantec Endpoint Reported Infection.
  • Manually validate report findings to reduce false positives.
  • Experience with malware identification, analysis, and event resolution.
  • Handling alerts for potential suspicious and malicious activities.
  • Experience with malware identification, analysis, and resolution.

Cyber Security Analyst

Zensar Technology
2017.11 - 2019.12
  • Investigate alerts for potential Suspicious, malicious activity in Splunk enterprise security, Qradar using incident review and offenses.
  • Analysis on potential Phishing Attack using Proof point.
  • Analysis on potential Symantec Endpoint Reported Infection.
  • Analysis potential Suspicious Email Activity, Endpoint Exposed activity.
  • Own and resolve all Symantec MSS and Symantec ATP analysis issues and incidents.
  • Having knowledge usage of following tools: FireEye HX, FireEye ETP, Splunk, Qualys, Symantec Endpoint Protection, Symantec Manage Services, Symantec Advance treat protection (ATP), Proof point.
  • Submitting the infected file with Symantec for false positives.
  • Manually validate report findings to reduce false positives.

Sr. Network & Cyber Security Engineer

BOSE Software's
2016.03 - 2017.04
  • Proficient in Endpoint Security Incident Response using FireEye HX, ETP, Symantec Endpoint Protection, and ATP.
  • Skilled in Email Security with Proof point, including threat review and false positive elimination.
  • Experienced in integrating devices with SIEM for centralized log management and correlation.
  • Capable of creating technical documentation for SIEM content and assisting stakeholders with vulnerability understanding and remediation.
  • Knowledgeable in configuring and troubleshooting ASA and Checkpoint firewalls.

Sr. System Admin

Catche Technology - IMSI Global
2013.11 - 2016.03
  • Providing Enterprise Support to Customers using Symantec Antivirus Corporate Edition.
  • Symantec Endpoint Protection and Symantec ATP environment globally.
  • Taking escalations when it is required.
  • Manual Removal of Viruses, Worms and other Threats in case of a Severe Infection on the computers.
  • User Creation From Active Directory.
  • Providing Folder Access Permission to new users.
  • Installation of Windows Server 2003, 2008 & 2012.

Desktop Engineer - Team Lead

TechPool Solution / CMS Info Systems
2007.07 - 2010.08
  • Member of the technical escalation team for all major issues.
  • Managing of 5 Team Leader's team.
  • Managing of 50 engineers reports and C-sat reports.
  • Providing technical training to new joining Engineers.
  • Providing communication trainings to Engineers for end user solving problems.
  • Taking feedback from user regarding engineers work.
  • Arranging weekly meeting with team.
  • Doing daily call review meeting with client management.
  • Sending Motivational Emails to Engineers.
  • Arranging monthly awards Functions for top ticket closer engineer.
  • Hands on experience on McAfee Antivirus installation, configuration.

Education

Msc - I.T.

Kuvempu University
Shimoga

B.A -

Mumbai University
Mumbai

Skills

  • Incident response and classification
  • Threat assessment and risk mitigation
  • Cybersecurity compliance and operations
  • Malware analysis and technical training
  • Team leadership and cross-functional collaboration
  • Escalation management and performance metrics
  • Data analytics and operational support
  • Project management and workflow development
  • Customer relationship management and account management
  • Change implementation and people management
  • Incident response
  • Threat analysis
  • Technical documentation

Certification

  • CISM, Certified Information Security Manager, ISACA, 1420261
  • ITIL
  • COBIT
  • MCSA
  • ISO 27005:2018
  • CCIO, Cyber Crime Intervention Officer
  • CySA+, In Progress

Languages

English
Kannada
Hindi
Marathi

Custom Section

 Splunk, Cortex XSOAR, CrowdStrike, Recorded Future, Proofpoint, NIST, ISO 27001, MITRE ATT&CK, Leadership, Executive Reporting, Team Building, Stakeholder Collaboration

Personal Information

Father's Name: S. Nadaf

Timeline

Sr. SOC Operations Lead

Capgemini
2025.04 - Current

SOC Operation Lead

INTLFCSTONE- StoneX
2021.05 - 2024.05

Cyber Security Lead

Tcom
2020.01 - 2020.03

Cyber Security Analyst

Zensar Technology
2017.11 - 2019.12

Sr. Network & Cyber Security Engineer

BOSE Software's
2016.03 - 2017.04

Sr. System Admin

Catche Technology - IMSI Global
2013.11 - 2016.03

Desktop Engineer - Team Lead

TechPool Solution / CMS Info Systems
2007.07 - 2010.08

Msc - I.T.

Kuvempu University

B.A -

Mumbai University

Similar Profiles

CREATE PROFILE
Ramjan Nadaf