A Roadmap

$ cat ~/knowledge_base.log

✅ Existing Skills & Practical Experience

Domain	Highlights
SOC Operations	Worked in structured SOC environments with experience triaging incidents and creating detection playbooks
SIEM Engineering	Deployed and maintained Splunk, Wazuh & ELK; wrote correlation rules and dashboards
EDR & Endpoint Management	Managed 500+ endpoints using Sophos XDR and Endpoint Central
IAM & MFA	Implemented Role-Based Access Control (RBAC), MFA enforcement and IAM policies
Security Compliance	Hands-on with Cyber Essentials, ISO 27001 readiness, GDPR mapping
Automation	Built remediation and detection scripts in PowerShell & Python
Cloud & Admin	Experience with Microsoft 365 Admin Center, Defender, and Entra ID

---

$ tail -f ~/now.md

Currently brushing up on:

• SOC workflows and detection engineering
• SIEM log parsing & dashboarding
• Incident response end-to-end
• Threat intelligence & TTP tracking
• MITRE ATT&CK for blue team use

---

$ learn --parallel ~/labs/webapp.md

Also learning Web App Pentesting:

• OWASP Top 10
• Burp Suite usage
• Recon & fuzzing
• Exploitation
• Vulnerability mapping

---

$ roadmap --visual

[✓] SIEM (Splunk, ELK, Wazuh)
[✓] Endpoint Defense (XDR, Sysmon, Defender)
[✓] IAM & MFA
[✓] ISO 27001 / GDPR
[✓] Threat Detection Playbooks
[✓] Automation (PowerShell / Python)

[>] SOC Case Management
[>] Incident Response Methodology
[>] Threat Intelligence (OSINT, TTPs)
[>] MITRE ATT&CK Mapping
[>] Web App Pentesting Labs
[>] Elastic Dashboards

$ echo "Closing Thoughts"

This blog will serve as a digital terminal where I record what I learn, build, and break (responsibly). Whether you’re just starting out or deep in blue team work, I hope the logs here are useful to you too.

Feel free to explore my About page for a digital version of my resume.

— Arjun