SajanBajgain
SOC Analyst & Detection Engineer based in Sydney — deploying SIEM environments, triaging live-fire alerts, and building detection rules mapped to MITRE ATT&CK.
Detection
Analyst
Engineering
Support
Who I Am
About Me
I'm a cybersecurity professional with a singular focus: building detection capabilities that find real threats before they cause damage.
Completing a Master of IT (Cybersecurity) at VIT Sydney — built on a Bachelor's in the same discipline, a 3.85 GPA, and two years of hands-on work across SIEM deployment, incident response, and IT operations. I've deployed production SIEM environments, authored detection rules mapped to MITRE ATT&CK, triaged live-fire SOC scenarios, and led a team that shipped a real-world encrypted mobile application for an Australian non-profit.
My goal: a Tier 1/2 SOC Analyst or IT Support role in Sydney where I can apply this foundation to real threats, real tickets, and real impact — from day one.
CORE COMPETENCIES
Technical Capabilities
Detection, response, and infrastructure tooling used to identify threats and harden systems.
Cybersecurity
- ✓ SIEM (Splunk, Wazuh)
- ✓ Threat Detection
- ✓ Incident Response
- ✓ Vulnerability Assessment
- ✓ Threat Hunting
System Administration
- ✓ Windows Server 2019/2022
- ✓ Active Directory
- ✓ Group Policy
- ✓ Microsoft 365
- ✓ PowerShell
Networking
- ✓ TCP/IP
- ✓ DNS & DHCP
- ✓ VLANs
- ✓ Routing & Switching
- ✓ Cisco Technologies
IT Support
- ✓ Help Desk L1/L2
- ✓ Hardware Troubleshooting
- ✓ Software Support
- ✓ Remote Support
- ✓ Ticketing Systems
Tech Stack
Tools & Technologies
My technical toolkit: driving efficiency in Security Operations, IT Support and Infrastructure Management.
Enterprise Infrastructure & Cloud
Directory services, cloud platforms and server management.
Security Operations & Monitoring
SIEM, EDR, case management, network analysis and threat intelligence.
Automation & Scripting
Scripting, automation and task orchestration.
Endpoint & Identity
Endpoint protection and identity management tools.
Application & Offensive Security (Lab)
Security testing, vulnerability assessment and offensive tooling.
Work History
Experience
- Architected secure infrastructure with AES-256 encryption, RBAC/IAM, and OWASP Top 10 mitigations for a production non-profit app.
- Served as Scrum Master & Product Owner — led 5-dev team through full secure SDLC.
- Running controlled pen tests (OffSec methodology), Wireshark analysis, and system hardening across Kali & Parrot OS lab environments.
- Delivered cloud & cybersecurity workshops; mentored peers on Azure and Microsoft 365 across VIT campus.
- Delivered consistent, high-quality service in a fast-paced, high-volume hospitality environment.
- Maintained safety and quality standards while supporting cross-functional team operations during peak service periods.
Academic Background
Education
Industry Recognised
Professional Certifications
Continuous learning. Industry-recognised. Career-focused.
CompTIA Security+
Industry-standard certification validating foundational cybersecurity skills across threats, risk management, and operations.
Cisco Ethical Hacker
Foundational offensive security skills including network security, penetration testing, and vulnerability assessment.
Cisco Network Support & Security
Core networking and security fundamentals covering infrastructure support, protocols, and secure network design.
Google Cybersecurity Certificate
Comprehensive program covering cybersecurity foundations, SIEM tools, and real-world incident response scenarios.
Microsoft Cybersecurity Analyst
Professional certificate covering threat detection, security operations, and analyst-level incident response.
Microsoft IT Support Specialist
Professional certificate covering IT support fundamentals, troubleshooting, and end-user technical assistance.
Google IT Support Certificate
Hands-on program covering networking, operating systems, system administration, and IT customer support.
Google IT Automation with Python
Practical scripting and automation skills using Python, Git, and configuration management for IT environments.
ISC2 Candidate
Recognised candidacy in the global cybersecurity community, committed to the ISC2 Code of Ethics and ongoing CPE development.
Portfolio
Projects & Work
Hands-on simulated engagements and real-world deployments across IT support, SOC operations, and cybersecurity.
Secure Mobile App — Little Heroes Swim Academy
Led infrastructure and security for a production Flutter app at a real Australian non-profit. Implemented AES-256 encryption, RBAC, and OWASP Top 10 compliance across a 5-developer team.
Wazuh SIEM Deployment & Detection Engineering
Deployed Wazuh 4.x on Ubuntu 22.04 with Windows & Linux agents instrumented via Sysmon v15. Ingesting 12,000+ events/day across an isolated lab network. Authored 10 custom detection rules targeting T1003, T1053, T1059.001, and LSASS access — all mapped to MITRE ATT&CK.
IT Support Specialist — ArcLight Solutions
Managed helpdesk for a simulated 150-user Windows environment. Deployed osTicket with custom SLA policies, authored 5 SOPs, and handled 20+ incident types including AD account issues and software failures.
IT Administrator — Nexus Corp (AD + GPO)
Deployed Windows Server 2022 AD domain from scratch for 50 simulated users. Automated user provisioning via PowerShell CSV import. Configured 6 GPOs across role-based OUs including password policy, drive mapping, and software restriction.
M365 Administrator — Meridian Legal
Administered M365 tenant for a simulated 25-user legal firm. Enforced MFA via Conditional Access, configured anti-phishing, Safe Links, and DLP policies aligned to the Australian Privacy Act.
SOC Alert Triage — 30-Day Operations Project
30-day SOC simulation using Splunk and Security Onion. Investigated credential stuffing (T1110.004, 847 failed logins), C2 beaconing (T1071.001, HTTP beacon via DNS analysis), and lateral movement (T1021.002, SMB sweep with 72-hr timeline reconstruction).
Vulnerability Assessment — Pinnacle Finance
Conducted authenticated Nessus scan across a 3-host network. Identified 24 vulnerabilities including 4 Critical. Produced risk-prioritised remediation report with ACSC Essential Eight gap analysis.
Incident Response — Hargrove Manufacturing
Full ransomware IR engagement aligned to NIST SP 800-61. Executed complete attack lifecycle: spearphishing (T1566.001) → malicious macro (T1204.002) → Registry persistence (T1547.001) → file encryption (T1486).
Ready to Contribute From Day One
Available for SOC Analyst Tier 1/2 and IT Support L1/L2 roles in Sydney, NSW. I respond to every message within 24 hours — if you're building a security team or need someone who can triage, detect, and document from day one, let's talk.
Security Operations
Home Lab Architecture
A production-grade detection and response environment built from the ground up — continuously expanded to simulate real SOC operations.
What People Say
LinkedIn Recommendations
Verified recommendations from professors, mentors, colleagues and industry professionals.
Sajan demonstrated a strong commitment to learning and a solid understanding of software engineering principles. He consistently demonstrated the ability to analyse complex requirements and translate theoretical concepts into practical, effective design solutions. His analytical thinking, problem-solving skills, and collaborative attitude enabled him to contribute positively to group outcomes.
Sajan is a highly capable and motivated student with a strong interest in cybersecurity. He demonstrated a solid understanding of network security and infrastructure concepts. He showed initiative in applying theoretical knowledge through independent research and practical lab activities beyond the core curriculum. Sajan communicates technical concepts clearly, works well with peers, and has good troubleshooting skills that would support him in IT support or cybersecurity-related roles.
Sajan is a highly motivated Cybersecurity professional with a strong technical foundation and a clear passion for the industry. Having seen his growth and his commitment to professional development, it's clear he possesses the analytical mindset required for high-stakes IT roles. He is professional, communicative, and clearly dedicated to excellence in the cybersecurity field. I highly recommend him.
Sajan is an incredibly driven and highly qualified professional breaking into the IT and security space. With an outstanding 3.85 GPA in Cybersecurity and a strong suite of industry certifications from Google, Microsoft, and Cisco, he has built an exceptional technical foundation. His practical experience leading a secure mobile application project proves he has the hands-on skills and leadership required for real-world environments. I highly recommend him!
Sajan brings a rare and highly valuable combination of technical know-how and structural project management skills to the table. He has a fantastic grasp of how to document workflows and streamline processes, which is incredibly crucial for Level 2 support environments and SOC teams tracking incidents. Sajan is adaptable, highly collaborative, and has a natural knack for cross-functional communication. Anyone looking for an IT professional who can troubleshoot technical systems while keeping the bigger operational picture in mind should absolutely bring Sajan onto their team.
Sajan is an exceptionally proactive member of the Sydney tech community. I've seen firsthand his passion for cybersecurity and his ability to communicate complex topics effectively. His academic record speaks for itself, but it's his hands-on approach to building secure systems and his engagement with the industry that really sets him apart. He is a motivated professional with a bright future in SOC and IT support.
Sajan always brought a critical, security-first layer to our discussions. He has a sharp eye for identifying system vulnerabilities and a fantastic knack for troubleshooting complex environment issues. He is exceptionally reliable, communicates technical concepts smoothly, and brings invaluable peace of mind to any IT support or operations team.
I have known Sajan since our pre-college bridge course days in Nepal, and it has been incredible to watch his journey into IT and Cybersecurity. From day one, he has always possessed an exceptional work ethic and a deep curiosity for solving technical problems. He is someone who sets ambitious goals and consistently puts in the hard work to achieve them. Sajan is reliable, highly technical, and would be a massive asset to any IT Support or Security operations team.
Get In Touch
Contact
Whether you have a role to discuss, a technical question, or want to connect — I'd love to hear from you.