Smruti Suman Badjena Email: cyber.smruti@gmail.
com
Cyber Security Analyst Mobile: +91 7978322292
LinkedIn: https://www.linkedin.com/in/smrutisumanbadjena/ Website: https://smrutisuman.live
Summary
Dedicated and detail-oriented Cyber Security Analyst with strong hands-on experience in Security Operations Centers
(SOC) and blue team strategies focused on protecting critical systems and data. Skilled in threat detection, incident
response, vulnerability assessment, and security monitoring across diverse environments. Experienced in designing and
developing Capture The Flag (CTF) challenges to strengthen cybersecurity skills and support training initiatives.
Experience
LumenXo Software Pvt. Ltd. Oct 2024 - Present
Cyber Security Analyst
◦ Security Engineering: Spearheaded the design and deployment of a fully integrated open-source Security Operations
Center (SOC) solution, enhancing real-time threat detection and response capabilities. Implemented a comprehensive suite
of security tools including Wazuh, TheHive, MISP, Cortex, and pfSense firewall to provide advanced threat intelligence, log
aggregation, and incident management.
◦ SOC Operations: Actively monitored and analyzed security logs from network and endpoint sources, utilizing Wazuh for
intrusion detection, pfSense firewall logs for network security, and other relevant data points to identify, investigate, and
respond to emerging threats. Applied real-time analysis to proactively mitigate vulnerabilities and suspicious activities
across the infrastructure.
Bhumi iTech Pvt. Ltd. May 2024 - September 2024
Trainee Cyber Security Analyst
◦ SOC Operations: Managed and analyzed over 200 security alerts each month, quickly identifying critical incidents and
escalating them within 15 minutes. This proactive response helped reduce incident response time by 40%. Implemented
automated alerting and response workflows, streamlining SOC operations and significantly enhancing detection capabilities.
Worked closely with the SOC team, contributing to real-time monitoring and coordinated incident handling, leading to
more effective threat management and faster resolution times.
◦ Developed CTF Challenges and Scenarios: Designed and implemented over 15 Capture The Flag (CTF) challenges,
creating realistic and engaging cyber scenarios that simulated both offensive and defensive security techniques. Focused on
various attack vectors including network exploitation, vulnerability analysis, and post-exploitation tactics to improve
practical skills and decision-making. Collaborated with subject-matter experts to develop training environments that
allowed teams to gain hands-on experience in tackling real-world cybersecurity threats.
CyberYaan Training and Consultancy Jan 2024 - Mar 2024
Security Analyst Trainee
◦ Vulnerability Assessment and Penetration Testing: Conducted in-depth VAPT on 10+ web applications, performing
both automated and manual assessments to identify critical vulnerabilities and security gaps. Utilized a variety of tools such
as Burp Suite, OWASP ZAP, and custom scripts to perform comprehensive web application testing. Discovered and
documented security vulnerabilities, including but not limited to SQL injection, cross-site scripting (XSS), and
misconfigurations. Collaborated closely with development teams, delivering clear and actionable vulnerability reports that
prioritized risk levels and provided effective remediation strategies.
Education
Gandhi Institute of Engineering and Technology University Sep 2021 - April 2025
B.Tech - Computer Science and Engineering Gunupur, Odisha, India
Kendrapara Residential Higher Secondary School of Science and Technology July 2019 - May 2021
Intermediate - Science Kendrapara, Odisha, India
Skills Summary
Technologies: Splunk ES, Wazuh, Cortex, MISP, TheHive, DFIR-IRIS, Shuffle SOAR, Wireshark, Security Onion, pfSense,
Volatility, Autopsy, Snort, Suricata, Nessus, OpenVAS, Metasploit Framework, Burp Suite, OWASP ZAP, Nikto, Nmap, Linux,
Docker, Python, Azure
Concepts: SOC Operations and Monitoring, CTI, Incident Response, Digital Forensics, Malware Analysis, SIEM and Log
Analysis, EDR, Phishing Analysis, VAPT, Network Traffic Analysis, Detection Engineering, Reporting
Soft Skills: Problem Solving, Critical Thinking, Attention to Detail, Communication, Team Collaboration, Time Management,
Team Management, Adaptability
� Projects
SOC Automation Lab
Technologies: Wazuh, DFIR-IRIS, MISP, Shuffle SOAR
◦ : Developed an automated SOC workflow to streamline alert triage, threat enrichment, and response actions across various
detection scenarios.
◦ : Connected Wazuh alerts to Shuffle SOAR playbooks, automating enrichment via MISP threat feeds and VirusTotal,
reducing manual investigation time by over 60%.
◦ : Created custom playbooks to auto-classify and respond to phishing, ransomware, and privilege escalation incidents,
minimizing analyst fatigue and accelerating remediation.
◦ : Integrated DFIR-IRIS for case management and reporting, enabling centralized tracking of incident lifecycle.
Detection and Monitoring Lab
Technologies: Splunk, Suricata, Security Onion, pfSense Firewall
◦ : Designed and implemented a comprehensive detection and monitoring lab integrating Splunk as the central SIEM for log
collection, search, and alerting.
◦ : Deployed Suricata as an IDS/IPS to monitor network traffic, generating alerts on suspicious activities like port scanning,
exploit attempts, and malware communication.
◦ : Utilized Security Onion for centralized network security monitoring, including full packet capture, NIDS, and host-based
log aggregation.
◦ : Configured pfSense firewall for perimeter defense, logging firewall events and forwarding logs to Splunk for real-time
analysis and threat hunting.
◦ : Built custom Splunk dashboards for visualizing network threats, endpoint activities, and firewall events to support
proactive threat detection and incident response.
Guardian Malware Analyzer
Technologies: Wireshark, IDA Pro, PE Studio, Process Hacker, Threat Intelligence, Inetsim, PowerShell
◦ : Engineered a hybrid malware analysis lab using Windows 10 as a sandbox and Ubuntu for traffic inspection and
monitoring.
◦ : Automated static analysis workflows using custom PowerShell scripts, reducing manual analysis time by 70%.
◦ : Utilized Process Hacker for behavioral analysis and Wireshark to capture malicious network traffic during malware
execution.
◦ : Simulated internet services using Inetsim to safely analyze command-and-control (C2) communication attempts.
Certificates
CEH v13(Pursuing): By EC-Council
Blue Team Junior Analyst: By Security Blue Team
Certified Network Security Practitioner: By The SecOps Group
Google Cybersecurity Professional Certificate: By Google
Cyber Crime Intervention Officer (CCIO): By Information Sharing and Analysis Center
Certified Vulnerability Analyst (C-VA): By Sturtle Security Pvt Ltd.
