Skip to content
View RuchiGiradkar's full-sized avatar
0 followers · 3 following

Block or report RuchiGiradkar

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
RuchiGiradkar/README.md

Ruchi Giradkar

Cybersecurity Analyst | Vulnerability Management | GRC |Security Operations & Incident Response | Digital Forensics

📍 Germany

🎓 Education

  • Master of Engineering (M.Eng.) - Mechatronic & Cyber-Physical Systems (Deggendorf Institute of Technology, Germany)
  • Bachelor of Engineering (B.Eng.) - Electronics and Telecommunication Engineering

📜 Certifications
CompTIA CySA+ | CompTIA Security+ | CompTIA A+ | Embedded Systems Security (Riscure Academy)

Professional Summary

Cybersecurity Analyst with 3+ years of hands-on experience across enterprise IT security, security operations (SOC), incident response, vulnerability management, and automotive cybersecurity. I work across the full cybersecurity lifecycle from threat modeling and attack surface analysis to zero-day response, forensic investigation, and risk-based remediation.

I combine a strong engineering foundation with practical, execution-focused security work, including:

  • real-world incident response simulations,
  • vulnerability exploitation and containment,
  • digital forensics and recovery,
  • and governance, risk, and compliance aligned with industry frameworks.

My work emphasizes measurable risk reduction, clear security communication, and defensible mitigation strategies aligned with NIST, ISO, and CISA guidance.

Industry Experience

Continental Automotive Technologies

Cybersecurity Analyst | Security & Privacy

  • Performed Threat Analysis and Risk Assessment (TARA) aligned with ISO/SAE 21434
  • Analyzed 40+ attack paths across automotive system architectures
  • Prioritized cyber risks and tracked mitigations across the product lifecycle
  • Translated technical findings into actionable inputs for engineering and suppliers
  • Strengthened cybersecurity posture of safety-critical automotive systems

Bosch - Master’s Thesis

Digital Twin–Based Intrusion Detection System (Industry 4.0)

  • Designed and implemented a Digital Twin–based IDS for connected sensor environments
  • Built containerized detection pipelines using Docker
  • Simulated system behavior to detect anomalous and malicious activity
  • Improved anomaly detection accuracy by ~25%
  • Implemented monitoring and visualization using Prometheus & Grafana

🔗 Repository:
https://github.com/RuchiGiradkar/Digital-Twin-IDS

SECURITY ENGAGEMENTS & LAB EXPERIENCE

Zero-Day Incident Response & Ransomware Recovery
Incident Response | Zero-Day Vulnerability Management | Ransomware Recovery | Risk Assessment | Python Automation

  • Led structured incident response activities for critical zero-day vulnerabilities (e.g., Log4Shell), including asset scoping, business impact analysis, and remediation prioritization.
  • Executed controlled ransomware recovery exercises using Python-based automation, demonstrating disciplined recovery validation, containment thinking, and incident documentation aligned with enterprise IR playbooks.

GitHub Repository:
🔗 https://github.com/RuchiGiradkar/AIG-Shields-Up-Cybersecurity-Job-Simulation

Vulnerability Assessment, Penetration Testing & Digital Forensics
Vulnerability Assessment | Penetration Testing | Digital Forensics | Threat Analysis | Evidence Handling

  • Performed end-to-end VAPT engagements across lab-based enterprise environments, identifying and validating high-risk security weaknesses such as SQL Injection, XSS, weak authentication, and SMB misconfigurations.
  • Supported remediation through forensic evidence analysis, timeline reconstruction, and impact-driven reporting.

GitHub Repository:
🔗 https://github.com/RuchiGiradkar/Capstone-Project-VAPT-Forensic

Cybersecurity Governance, Risk & Compliance (GRC) Audit
GRC | ISO/IEC 27001 | NIST CSF | Control Assessment | Risk & Compliance

  • Conducted cybersecurity control assessments and gap analyses aligned with ISO/IEC 27001 and the NIST Cybersecurity Framework.
  • Evaluated technical and procedural controls, identified compliance gaps, and produced audit-ready documentation supporting risk management, governance maturity, and regulatory readiness.

GitHub Repository:
🔗 https://github.com/RuchiGiradkar/Cybersecurity-Process-Audit-GRC-Sample-Project

Zero Trust Security Architecture – Enterprise Case Study Zero Trust Architecture | Identity-Centric Security | Cloud & On-Premises | Data Protection | OT Security | Detection & Response

  • Designed an enterprise-scale Zero Trust security architecture for a globally distributed hybrid environment, addressing identity-driven threats across cloud, on-premises, SaaS, remote users, and operational technology (OT).

  • Defined architecture-level access enforcement, data protection, and centralized detection and response with a phased five-year roadmap prioritizing visibility, blast-radius reduction, and operational stability.

    GitHub Repository: 🔗 https://github.com/RuchiGiradkar/zero-trust-security-architecture-case-study

Core Skills

Security Domains

  • Security Operations (SOC)
  • Incident Response & Threat Investigation
  • Vulnerability Management & Remediation
  • Digital Forensics & Evidence Handling
  • Threat Modeling (TARA, STRIDE)
  • Governance, Risk & Compliance (GRC)

Frameworks & Standards

  • ISO/SAE 21434
  • ISO/IEC 27001
  • NIST Cybersecurity Framework
  • UN ECE R155
  • OWASP Top 10
  • MITRE ATT&CK

Tools & Technologies

Assessment & Offensive Security
Nmap | OpenVAS | Metasploit | Hydra | DVWA

Forensics & Monitoring
Autopsy | Wireshark | tcpdump

Platforms & Engineering
Linux | Windows | Docker | Prometheus | Grafana

Automation & Scripting
Python | Bash | PowerShell | SQL | Java

Collaboration
Git | GitLab | SVN | Jira

Certifications

  • CompTIA Cybersecurity Analyst (CySA+)
  • CompTIA Security+
  • CompTIA A+
  • Embedded Systems Security - Riscure Academy

Professional Strengths

  • Strong engineering mindset with applied cybersecurity execution
  • Experience across automotive, enterprise IT, and industrial systems
  • Clear, defensible security documentation and communication
  • International exposure: Germany | Japan | India
  • Languages: English (fluent) | German (working proficiency) | Japanese (certified)

Contact

🔗 LinkedIn:
https://www.linkedin.com/in/ruchi-giradkar/

🌐 Portfolio:
https://ruchigiradkar.github.io

Popular repositories Loading

  1. Capstone-Project-VAPT-Forensic Capstone-Project-VAPT-Forensic Public

    Capstone project on Vulnerability Assessment, Penetration Testing (VAPT), and Digital Forensics. Includes methodology, tools, exploitation results, and forensic evidence collection.

  2. RuchiGiradkar RuchiGiradkar Public

    Personal GitHub profile showcasing IT cybersecurity expertise, projects, and certifications.

  3. Digital-Twin-IDS Digital-Twin-IDS Public

    Master's Degree Thesis : Digital Twin-based Intrusion Detection System for Industry 4.0 Connected Sensor.

  4. ruchigiradkar.github.io ruchigiradkar.github.io Public

    My personal portfolio website

    HTML

  5. Cybersecurity-Process-Audit-GRC-Sample-Project Cybersecurity-Process-Audit-GRC-Sample-Project Public

  6. AIG-Shields-Up-Cybersecurity-Job-Simulation AIG-Shields-Up-Cybersecurity-Job-Simulation Public