Sai Sasikanth Garimella

Security researcher with ten years of hands-on experience in malware analysis, exploit development, threat hunting, red teaming, vulnerability assessment, penetration testing, and adversary tradecraft. Adept at transforming complex technical insights into actionable defensive strategies. Experienced in leading projects, coordinating cross-functional efforts, and driving initiatives from concept to execution.

Known for innovating and delivering proof-of-concepts on emerging technologies, with a strong ability to evaluate, design, and implement advanced security solutions. Highly organized, and skilled in mentoring, coaching, and motivating teams to achieve high performance. Thrives in fast-paced environments, balancing multiple priorities while maintaining a focus on quality, efficiency, and continuous improvement. Seeking a leadership role that leverages my technical depth, strategic mindset, and commitment to professional growth.

• Perform real‑time monitoring, investigation, analysis, reporting, and escalation of security events across multiple log sources.
• Worked on automating parts of the incident investigation process, improving MTTA efficiency by approximately 90% and achieving around 40% scenario coverage.
• Contribute to detection engineering activities, including developing hunting scenarios, enhancing EDR detection logic, and updating signature‑based detections for emerging tools and techniques.
• Analyze and correlate large data sets to identify unusual patterns and potential attack techniques.
• Contribute to reducing incident response SLAs through workflow improvements and automation.
• Track changes in adversary tradecraft and assist in developing updated detection mechanisms.
• Notify customers impacted by validated threats and provide technical details and recommended actions.
• Support investigation and response efforts in collaboration with internal teams during critical incidents.
• Communicate findings and insights to threat hunting teams, senior management, and clients.
• Work with data science and threat research teams to help develop and maintain cloud‑based detections.
• Build tools and automations to support threat hunting and adversary discovery.
• Monitor open‑source exploit tools and techniques and contribute new detections based on observed activity.
• Participate in simulations of threat groups such as FIN6, FIN7, Carbanak, Wizard Spider, and Sandworm for evaluation exercises.
• Monitor, analyze, and respond to infrastructure threats and vulnerabilities.
• Document kill chains and create end‑to‑end attack reports to improve visibility and detection logic.
• Conduct incident response and malware analysis, including static and dynamic analysis to identify root causes.
• Perform infrastructure penetration testing, including network design review, lateral movement analysis, privilege escalation, and persistence techniques.
• Contribute to red team activities and assist in developing automation frameworks for attack simulations.
• Work on proof‑of‑concept exploit development and explore methods to bypass security controls.
• Participate in team knowledge sharing, training, and skill development initiatives.