Skip to content
View RuchiGiradkar's full-sized avatar
1 follower · 4 following

Block or report RuchiGiradkar

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
RuchiGiradkar/README.md

Hi, I'm Ruchi Giradkar πŸ‘‹

Cybersecurity Analyst | Vulnerability Management | GRC | Incident Response | Digital Forensics | Cloud Security

πŸ“ Germany

Cybersecurity professional with 3+ years of experience across enterprise security, vulnerability management, governance, risk & compliance (GRC), cloud security, incident response, digital forensics, application security, security operations, threat hunting, and automotive cybersecurity.

Experienced in identifying security risks, performing threat and vulnerability assessments, conducting forensic investigations, evaluating security controls, analyzing security events, and translating technical findings into actionable business-focused recommendations aligned with industry-recognized frameworks and standards.

πŸŽ“ Education

Master of Engineering (M.Eng.)

Mechatronic & Cyber-Physical Systems Deggendorf Institute of Technology, Germany

Bachelor of Engineering (B.Eng.)

Electronics & Telecommunication Engineering Cummins College of Engineering for Women, India

πŸ’Ό Professional Experience

Continental Automotive Technologies

Cybersecurity Analyst – Security & Privacy

  • Performed Threat Analysis and Risk Assessment (TARA) aligned with ISO/SAE 21434.
  • Analyzed 40+ attack paths across automotive architectures.
  • Prioritized cybersecurity risks and supported mitigation tracking throughout product lifecycles.
  • Collaborated with engineering teams and suppliers to improve security posture.
  • Supported cybersecurity compliance activities for safety-critical systems.

Bosch – Master's Thesis

Digital Twin-Based Intrusion Detection System (Industry 4.0)

  • Designed and implemented a Digital Twin-based Intrusion Detection System.
  • Built containerized monitoring and detection pipelines using Docker.
  • Simulated malicious behavior to identify anomalies within connected environments.
  • Improved anomaly detection accuracy by approximately 25%.
  • Implemented monitoring and visualization using Prometheus and Grafana.

πŸš€ Security Projects

Project Focus Area Technologies Repository
Digital Twin IDS Intrusion Detection & OT Security Docker, Python, Prometheus, Grafana Repository
Zero-Day Incident Response & Ransomware Recovery Incident Response, Vulnerability Management & Cyber Resilience Python, Log4Shell Analysis, Vulnerability Assessment, Risk Analysis, Incident Response Repository
Linux Log Analysis, Detection Automation & SIEM Investigation SOC Analysis, Threat Hunting, Detection Engineering, Security Monitoring & Incident Investigation Splunk Enterprise, SIEM, Linux Authentication Logs, Python, MITRE ATT&CK, Brute-Force Detection, Log Analysis, Security Event Monitoring, CSV Reporting Repository
VAPT & Digital Forensics Vulnerability Assessment, Penetration Testing & Digital Forensics Nessus, OpenVAS, Nmap, Metasploit, Hydra, Autopsy Repository
Network Scanning & Host Enumeration with Nmap Network Security Assessment, Host Discovery & Vulnerability Assessment Nmap, NSE Scripts, Service Enumeration, OS Fingerprinting, TCP/UDP Analysis, Port Scanning, Network Reconnaissance, Vulnerability Validation Repository
OWASP ZAP Web Application Vulnerability Assessment Application Security Testing, DAST & Web Vulnerability Assessment OWASP ZAP, AJAX Spider, Active Scan, SQL Injection Analysis, XSS Testing Repository
Cybersecurity GRC Audit Governance, Risk & Compliance ISO 27001, NIST CSF, Control Assessment, Risk Management Repository
Microsoft Azure Cloud Security Risk Assessment Cloud Security, Risk Assessment & GRC Azure VM, Azure NSG, Azure Monitor, Windows Server, Cloud Security Controls Repository
Zero Trust Security Architecture Enterprise Security Architecture & Security Strategy IAM, Zero Trust, Cloud Security, OT Security, Detection & Response Repository

πŸ“Š Professional Highlights

  • 3+ years of cybersecurity experience.
  • Analyzed 40+ attack paths using TARA methodology.
  • Improved IDS anomaly detection accuracy by approximately 25%.
  • Conducted network discovery, service enumeration, OS fingerprinting, TCP/UDP analysis, and vulnerability assessment using Nmap and NSE scripts; validated potential vulnerabilities and developed risk-based remediation recommendations to improve network security posture.
  • Conducted web application security assessments using OWASP ZAP, identifying SQL Injection, Cross-Site Scripting, security header weaknesses, and cookie misconfigurations in controlled environments.
  • Performed manual and automated DAST assessments and translated technical findings into risk-based remediation recommendations.
  • Investigated Linux authentication logs to identify brute-force attacks, invalid user activity, authentication failures, privileged account targeting, and suspicious login behavior.
  • Developed Python-based detection automation and leveraged Splunk Enterprise SIEM for security event investigation, threat hunting, MITRE ATT&CK mapping, and attack trend visualization.
  • Experience across Automotive, Enterprise IT, Industrial Control Systems, Cloud Security, Application Security, Security Operations, and Threat Detection environments.
  • Hands-on experience in Vulnerability Management, Incident Response, Digital Forensics, Cloud Security, Application Security, Detection Engineering, SIEM Investigation, Threat Hunting, and Security Risk Assessment.
  • Strong background in technical-to-business risk communication and security documentation.

πŸ›‘οΈ Core Competencies

Security Domains

  • Vulnerability Management
  • Governance, Risk & Compliance (GRC)
  • Security Operations (SOC)
  • Threat Hunting
  • Detection Engineering
  • Incident Response
  • Security Monitoring
  • Threat Modeling
  • Cloud Security Risk Assessment
  • Application Security Testing
  • Digital Forensics & Evidence Handling
  • Network Security Assessment

Frameworks & Standards

  • ISO/IEC 27001
  • ISO/SAE 21434
  • NIST Cybersecurity Framework
  • MITRE ATT&CK
  • UN ECE R155
  • CIS Critical Security Controls
  • OWASP Top 10

Cloud Security

  • Microsoft Azure
  • Azure Virtual Machines
  • Azure Network Security Groups
  • Azure Monitor
  • Azure Virtual Networks
  • Identity & Access Management

Assessment & Offensive Security

  • Nmap
  • Nmap Scripting Engine (NSE)
  • Network Reconnaissance
  • Host Discovery
  • Service Enumeration
  • OS Fingerprinting
  • TCP/UDP Analysis
  • OWASP ZAP
  • DAST
  • Web Application Security Testing
  • Nessus
  • OpenVAS
  • Metasploit
  • Hydra
  • DVWA

SIEM, SOC & Detection Engineering

  • Splunk Enterprise
  • SIEM Investigation
  • Security Event Monitoring
  • Log Analysis
  • Linux Authentication Logs
  • Threat Hunting
  • Detection Engineering
  • Brute-Force Detection
  • Authentication Failure Analysis
  • Security Reporting
  • MITRE ATT&CK Mapping

Digital Forensics & Monitoring

  • Autopsy
  • Wireshark
  • tcpdump

Platforms & Infrastructure

  • Linux
  • Windows
  • Docker

Monitoring & Observability

  • Prometheus
  • Grafana

Automation & Scripting

  • Python
  • Bash
  • PowerShell
  • SQL
  • Java

Collaboration & Project Management

  • Git
  • GitLab
  • SVN
  • Jira

πŸ“œ Certifications

  • CompTIA CySA+
  • CompTIA Security+
  • CompTIA A+
  • Embedded Systems Security – Riscure Academy

🌍 Languages

  • English – Fluent
  • German – Working Proficiency (B1 in Progress)
  • Japanese – JLPT N3 Certified

πŸ“ˆ Current Areas of Interest

  • Vulnerability Management
  • Security Operations (SOC)
  • Threat Hunting
  • Detection Engineering
  • SIEM Investigation
  • Cloud Security
  • Application Security
  • Security Risk Assessment
  • Network Security Assessment
  • Digital Forensics
  • Incident Response
  • Governance, Risk & Compliance
  • Security Automation

πŸ“« Connect With Me

Popular repositories Loading

  1. Capstone-Project-VAPT-Forensic Capstone-Project-VAPT-Forensic Public

    Capstone project on Vulnerability Assessment, Penetration Testing (VAPT), and Digital Forensics. Includes methodology, tools, exploitation results, and forensic evidence collection.

  2. RuchiGiradkar RuchiGiradkar Public

    Personal GitHub profile showcasing IT cybersecurity expertise, projects, and certifications.

  3. Digital-Twin-IDS Digital-Twin-IDS Public

    Master's Degree Thesis : Digital Twin-based Intrusion Detection System for Industry 4.0 Connected Sensor.

  4. ruchigiradkar.github.io ruchigiradkar.github.io Public

    My personal portfolio website

    HTML

  5. Cybersecurity-Process-Audit-GRC-Sample-Project Cybersecurity-Process-Audit-GRC-Sample-Project Public

  6. AIG-Shields-Up-Cybersecurity-Job-Simulation AIG-Shields-Up-Cybersecurity-Job-Simulation Public