Rajan Shrestha

Network & Security Engineer

London, GB.

About

Highly accomplished Cyber Security professional with an MSc and over four years of experience in optimizing, engineering, and monitoring network and security infrastructure. Proven expertise in enhancing SOC alert accuracy by 95%, implementing CIS Baselines, and achieving 100% patch compliance within SLA. Eager to leverage advanced skills in network defense, vulnerability management, and incident response to contribute as a Network & Security Engineer at RMG.

Work

Deesha Limited

Cyber Security Intern

London, England, United Kingdom of Great Britain and Northern Ireland

Jun 2025

→

Present

Summary

As a Cyber Security Intern, optimized SOC monitoring and enhanced network compliance by engineering detection rules and auditing firewalls.

Highlights

Engineered Wazuh detection rules, optimizing SOC monitoring and cutting false positives by 95%, which reduced mean time to detect threats to under 15 minutes.

Audited pfSense firewalls against CIS Baselines, remediating 100% of critical gaps and improving compliance by 18%.

SeveStonesGames

Cyber Security Analyst

London, England, United Kingdom of Great Britain and Northern Ireland

Jun 2024

→

May 2025

Summary

As a Cyber Security Analyst, optimized firewall configurations and automated security updates, significantly improving deployment efficiency and threat intelligence integration.

Highlights

Optimized FortiGate firewall configurations by consolidating policies from 180 to 95, improving deployment efficiency by 50%.

Automated IPS signature updates, ensuring continuous threat intelligence integration and 100% policy currency.

Mega Bank Nepal

Network & Security Engineer - Lead

Kathmandu, Bagmati, Nepal

Dec 2018

→

Sep 2022

Summary

As a Lead Network & Security Engineer, managed endpoint security and network infrastructure for 500 endpoints, driving significant improvements in threat detection, vulnerability management, and incident response.

Highlights

Managed FortiSIEM and Symantec EDR for 500 endpoints, improving true-positive detection rates to 92% and ensuring direct transferability to Microsoft Defender & Sentinel.

Conducted weekly Nessus scans and applied CIS Baselines, reducing critical vulnerability backlog by 83% and resolving 35 high-severity incidents.

Achieved 100% critical OS and firmware patch compliance within a 72-hour SLA, reducing exposure to exploits by 80%.

Configured FortiGate NGFW and F5 WAF DDoS policies, maintaining zero downtime while cutting false-positive drops by 92%.

Developed comprehensive run books and automated response workflows for incident handling, reducing manual remediation time by 60%.

Education

University of Wolverhampton

Wolverhampton, England, United Kingdom of Great Britain and Northern Ireland

Sep 2022

→

Jul 2024

MSc

Cyber Security

Grade: Merit

Courses

Incident Management and Response

Proactive Network Defense

Ethical Hacking

Languages

English

Certificates

CompTIA Security+

Jan 2023

Issued By

CompTIA

CompTIA CySA+

Jan 2023

Issued By

CompTIA

Certified Ethical Hacker (CEH)

Jan 2023

Issued By

EC-Council

Skills

Network Security

FortiGate NGFW, pfSense, F5 WAF, VPNs, LAN/WAN, WLAN.

Endpoint Detection & Response (EDR)

Microsoft Defender, Sentinel.

Vulnerability Management

Nessus, CVSS.

Incident Response

IDS/IPS Telemetry Correlation, Wireshark, tcpdump.

Security Automation

FortiManager, Scripting.

Patch Management

OS Patching, Firmware Updates.

Compliance

CIS Baselines, ISO 27001, NIST CSF.

Threat Intelligence

IPS Signature Updates.