๐ง About Me
๐ M.S. in Computer Science (Cybersecurity) โ New York University, GPA: 3.9/4.0
๐ผ Experienced in DevSecOps and security automation, with a strong foundation in offensive security and vulnerability analysis.
๐ Passionate about building secure systems, conducting penetration testing, and driving cloud security automation.
๐ Certified in: ISC2 Cybersecurity (CC), AWS Cloud Practitioner | Currently pursuing CompTIA Security+
๐งฐ Technical Skills
Languages: Python, Java, Go, C++, Bash, PowerShell
Security Tools: Burp Suite, Metasploit, Wireshark, OpenSSL, Nmap, SQLMap, Nikto, Hydra, SIEM (CloudWatch, GuardDuty)
Cloud & DevOps: AWS (EC2, Lambda, S3, Macie, Glue, CloudWatch, GuardDuty, CloudTrail), GCP, Docker, Kubernetes, Jenkins, GitLab CI/CD
Security Practices: Penetration Testing, Vulnerability Analysis, Secure Code Review, Threat Modeling, Incident Response, Encryption/Decryption, Access Control
Networking: TCP/IP, HTTP/HTTPS, SSL/TLS, Firewall, Load Balancers (F5 Big-IP, Citrix ADC)
Automation & Scripting: Selenium, Robot Framework, REST Assured, Postman
Project Management: JIRA, TestNG
๐ผ Work Experience
Teaching Assistant โ New York University
๐ฝ Jan 2024 โ May 2025 | New York, NY
Designed and automated security labs for over 200 students, focusing on practical penetration testing, secure coding principles (OWASP Top 10), and vulnerability analysis using industry-standard tools like Burp Suite, Wireshark, and Metasploit.
Led hands-on AWS security workshops, guiding students through advanced encryption techniques, secure storage policies, and best practices for cloud security automation.
Developed an automated grading system to validate reference monitor implementations in RepyV2, ensuring adherence to secure coding standards and robust defensive security practices.
DevSecOps Engineer โ Appviewx
๐ป Jan 2022 โ Aug 2023 | Bengaluru, India
Automated API/UI security testing for Application Delivery Controller (ADC) and Public Key Infrastructure (PKI) platforms using Robot Framework (Python) and Selenium, resulting in a 60% reduction in manual effort and proactive identification of authentication and session security flaws.
Integrated comprehensive security testing into Jenkins CI/CD pipelines, automating pre-deployment security validation and misconfiguration detection to prevent insecure deployments and enhance software supply chain security.
Enhanced SSL/TLS API security workflows by automating validation of certificate issuance, renewal, and revocation processes, ensuring continuous encryption compliance and robust cryptographic hygiene.
Conducted in-depth security-focused testing and vulnerability analysis on enterprise-grade ADC platforms (F5 Big-IP, Citrix ADC) and PKI systems, identifying critical misconfigurations and recommending effective security controls.
๐ Projects
๐ PII Detection & Anonymization with AWS Macie & Glue
Developed and deployed an AWS-based security automation system to detect and anonymize sensitive data (PII) in S3 buckets using Macie and Glue, ensuring compliance with privacy standards like GDPR, CCPA, and NIST 800-122.
Automated PII detection and masking by configuring AWS Macie for data classification, utilizing Glue and PySpark to parse JSON results, extract relevant details, and apply scalable anonymization techniques.
Integrated AWS CloudWatch for real-time monitoring and anomaly detection, and enabled AWS CloudTrail logs for comprehensive compliance auditing, ensuring traceability of access and modification events in PII-handling workflows.
๐ก๏ธ Security Assessment for OpenKruise (CNCF)
Collaborated with OpenKruise maintainers as part of an academic project to conduct a comprehensive security assessment of their Kubernetes admission controllers.
Performed detailed threat modeling and analyzed potential attack vectors, identifying critical vulnerabilities in workload management and control plane interactions.
Delivered strategic security recommendations and performed secure code reviews, significantly contributing to improving the open-source project's overall security posture.
๐งฎ Cryptanalysis & Cipher Decryption
Designed and implemented Python scripts for cryptanalysis, capable of decrypting shift and monoalphabetic substitution ciphers using advanced frequency analysis and statistical methods for key detection.
Achieved a 95.7% success rate for shift ciphers and developed sophisticated algorithms for dynamic key length determination and statistical pattern recognition, effectively recovering plaintext from diverse encrypted ciphertexts.
๐ฅ Penetration Testing for NBN Corp
Conducted a simulated cyberattack and comprehensive security assessment in a controlled environment on NBN Corp's web servers and client systems.
Utilized a suite of penetration testing tools including Nmap, Nikto, Burp Suite, SQLMap, and Hydra for reconnaissance, vulnerability scanning, and exploitation.
Successfully exploited critical vulnerabilities such as SQL injection, Local File Inclusion (LFI), and privilege escalation (CVE-2021-4034) to gain root access and retrieve sensitive data, subsequently providing detailed risk mitigation strategies and remediation recommendations.
๐ค Crypto Bot โ AI-Assisted Cipher Selection
Developed an AI-powered tool leveraging Google's Gemini API and decision tree logic to recommend optimal cryptographic block ciphers (e.g., AES, Blowfish, SIMON) based on runtime efficiency, security considerations, and key sizes.
Designed an interactive chatbot interface that simplifies complex cryptographic decision-making for users, achieving high accuracy in recommending encryption schemes through comprehensive knowledge of cryptographic standards.
๐ Certifications
CompTIA Security+ (In Progress)
ISC2 Cybersecurity (CC)
AWS Certified Cloud Practitioner
๐ซ Let's Connect
I'm actively exploring challenging opportunities in security engineering, DevSecOps, cloud security, and vulnerability research.
Feel free to reach out, check out my GitHub repos and research, or read my latest insights on my Medium blog!