DHAWAL SHAH

Information Security Leader | SOC Operations | Threat Intelligence

0
Years Experience
0
Companies
0
Projects Led
📧 Email 🔗 LinkedIn

About Me

Information Security leader with 10+ years of experience in Incident Response, Threat Intelligence, and Security Operations. I combine deep technical expertise with business-aligned security leadership. Currently leading Security Operations, IR, and Threat Intelligence at Dream11, where I implement and lead comprehensive security programs across multiple business units within the Dream Sports portfolio.

Specializing in building scalable processes, playbooks, and automation for efficient SOC operations. Hands-on experience with enterprise security tools, cloud platforms (AWS, GCP), and security orchestration. Proven track record of aligning security strategy with business objectives to enhance organizational cyber resilience.

Notable Projects & Initiatives

🛡️ Security Operations Platform

Built and scaled SOC operations from scratch at Dream11 spanning multiple business units, implementing SIEM/SOAR solutions with Elasticsearch and N8N.

SIEM SOAR Automation

🔍 Threat Intelligence Program

Designed and implemented enterprise threat intelligence pipeline processing feeds from Cloudsek, CTIX, and STIX/TAXII protocols for real-time threat monitoring.

Threat Intel Intelligence Analytics

☁️ Cloud Security Architecture

Led cloud security architecture initiatives across AWS and GCP, implementing infrastructure-as-code patterns and security best practices at scale.

AWS GCP IaC

🎯 Incident Response Automation

Developed automated incident response workflows leveraging Python, JIRA, and Slack APIs, reducing MTTR by 60% for security incidents.

Python Automation IR

📊 Data Pipeline Engineering

Built scalable data pipelines for SOC operations handling dynamic log sources from 50+ endpoints with real-time processing and alerting.

Data Eng Pipelines Logging

🔐 Enterprise PAM Solution

Implemented Privileged Access Management solutions using Arcos and Teleport for secure access governance across infrastructure.

PAM Access Mgmt Security

Professional Experience

Lead Security Engineer
Dream11 - Mumbai
October 2022 - Present
  • Implement and lead Security Operations and Threat Intelligence programs from scratch spanning multiple Business Units within Dream Sports portfolio
  • Drive end-to-end threat monitoring, incident response, and security governance across enterprise infrastructure
  • Build scalable processes, playbooks, teams, and automation for efficient SOC operations
  • Hands-on experience with SIEM and SOAR (Elasticsearch Cloud and N8N)
  • Build scalable data pipelines for efficient SOC operations with dynamic log sources
  • Align security strategy with business objectives to enhance cyber resilience
Senior Solution Architect
Cyware - Mumbai
December 2020 - September 2022
  • Led team of security architects/engineers in designing on-premise and cloud-based infrastructure solutions
  • Managed end-to-end delivery of customer use cases, mapping them to Cyware products
  • Served as Cyber Security Technical SME for the Cyware team and customer engagements
  • Designed and executed complex POCs for enterprise customers
Risk Manager (Incident Response & SecOps)
HDFC Bank - Mumbai
June 2016 - November 2018
  • Incident Response: Led incident investigations, performed digital forensics and malware analysis, conducted threat hunting
  • Threat Intelligence: Processed and operationalized threat intelligence, managed TI feeds
  • Security Operations: Developed SOC use cases, improved logging quality, built regex/parsers for log normalization

Technical Skills & Expertise

🛡️ Security Operations

  • SIEM (Elasticsearch, Qradar, Splunk)
  • SOAR (N8N, Cyware labs)
  • Threat Intelligence (Cloudsek, CTIX)
  • Incident Response & Forensics
  • Threat Hunting & Analysis

☁️ Cloud & Infrastructure

  • AWS (EC2, RDS, S3, WAF, Elasticsearch)
  • GCP (Compute, Logging, Cloud CDN)
  • Cloud Security Architecture
  • Infrastructure as Code

⚙️ Tools & Automation

  • Python Programming
  • JIRA & Slack Automation
  • API-based Integration
  • Security Orchestration

🔐 Security Products

  • EDR (Fireeye, Elastic Defend)
  • WAF (AWS WAF, Cloud Armor)
  • CSPM (Orca)
  • PAM (Arcos, Teleport)

Education

Master of Engineering, Information Security
K J Somaiya College of Engineering
July 2016
B.E, Computer Science & Engineering
Amravati University
July 2013

Certifications

Google Professional Cloud Security Engineer

Expiring June 2026

Cyware Certified CTIX, CFTR & CSOL Administrator
Cyware Certified CTIX, CFTR & CSOL Analyst

Get In Touch

Let's connect! Feel free to reach out for collaboration, opportunities, or just to say hello.

📧 Email

shah.dhawal.s@gmail.com

🔗 LinkedIn

Visit Profile

Connect with me on LinkedIn