Hi, I’m Yash đź‘‹

I am a cybersecurity professional with experience in IT, software engineering, computer networking, and AWS services.

I hold CompTIA Security+ and AWS Solutions Architect certifications.

About Me Areas of Interest Skills Contact
headshot

About Me

I completed a bachelor’s degree in international relations and a minor in computer science. I am passionate about the overlap between these two areas, and leveraging my technical skills to solve real-world problems.

This passion led me to pursue a graduate (MS) degree in cybersecurity. Over the course of my degree, I balanced coursework with hands-on IT work experience, completed a cybersecurity analyst internship, and participated in various CTF events.

I have also earned multiple cybersecurity-related certifications and conducted various projects in computer and network security, culminating in my master’s thesis in quantum computing security.

Here are some of my areas of interest and experience in cybersecurity (More projects on my GitHub Profile):

Cybersecurity at its core: Offensive and Defensive Security

I have experience in security operations, threat detection, and implementing defense strategies in enterprise environments. I am familiar with NIST system monitoring and conducting real-time threat detection using SIEMs, particularly Splunk and Sumo Logic. I have worked with the MITRE ATT&CK framework to map adversary tactics and behaviors.

In the realm of offensive security, I have developed skills in penetration testing and vulnerability exploitation. I have used tools such as NMAP, Metasploit, and Burp Suite to conduct vulnerability scanning, attack surface discovery, and enumeration. I pay special attention to attack vectors and methodologies, and often form flaw hypotheses to better recognize attack landscapes and vulnerabilities.

DoS image

A DoS attack I simulated on a virtual Windows environment

In blue-team projects, I have configured IDS and firewalls to detect and block malicious traffic, and I have worked on anomaly detection using Snort and Wireshark, and log file analysis to safeguard networks.

I am CompTIA Security+ certified (SY0-701). Please reach out if this is a certification you are thinking of pursuing; I’m more than happy to share resources and answer any questions.

Network Security

I recently completed a cybersecurity analyst internship at Technical Consulting and Research, Inc., where I designed network diagrams to enhance security architecture, and identified tactics, threats, and procedures (TTPs) to strengthen defenses. I also conducted network risk assessments, aligning remediation efforts with NIST SP 800-171 and ISO 27001 frameworks.

Network security image
An .eml file illustrating a phishing attempt I came across while inspecting a .pcap on Wireshark.

I have configured Snort and Security Onion for network-based intrusion detection, and I have worked with Linux Audit Daemon for host-based monitoring. I have performed packet inspections using .pcap files to detect anomalies in network traffic. In addition, I have implemented DoS mitigation strategies to protect web servers from attacks.

I am currently preparing for the CCNA certification to continue honing my interest in network security. In this process, I am also preparing for the Network+ certification.

Cloud Security

My experience in cloud security involves securing cloud environments using AWS services. I have secured S3 buckets by ensuring privacy, configured Route 53 for secure domain management, used CloudFront for secure content distribution, and deployed Lambda functions securely. I also have knowledge in AWS encryption techniques using AWS KMS to protect sensitive data, and the AWS Certificate Manager (ACM) to secure websites using SSL/TLS certificates.

I am familiar with the AWS well-architected framework, and often make use of monitoring tools including CloudWatch and CloudTrail to identify potential security issues, such as compromised credentials or unauthorized access attempts.

I have also worked with Microsoft Azure and Purview, Microsoft’s broader data management framework solution. In my cybersecurity analyst internship, I integrated Microsoft Purview with the several compliance frameworks, including NIST SP 800-171.

I am AWS Solutions Architect certified (SAA-C03). Please reach out if this is a certification you are thinking of pursuing; I’m more than happy to share resources and answer any questions.

AI Security, Quantum Computing

I am deeply interested in AI and quantum computing, and their applications to cybersecurity.

My master’s thesis was focused on the security of quantum computers. Specifically, it aims to classify and simulate software fault injection attacks in NISQ-era quantum devices. As quantum computing progresses from cloud-based implementations to practical, utility-scale solutions, the need for accurate, reliable results increases dramatically, especially given innate error rates and noise in NISQ computation. My research focused on ensuring reliable results, and safeguarding against malicious actors injecting errors into quantum programs. My curiosity for quantum computing began while studying combanitorics and linear algebra/geometric algorithms in undergraduate coursework.

I am most familiar with the Qiskit SDK; I have participated in the Qiskit Summer School and Qiskit Challenge (2024).

Qiskit Certificate

In the realm of AI security, I have recently grown interested in how we can apply AI and machine learning techniques to enhance system security. I am familiar with essential AI methods (linear and logistic regression, support vector machines, decision trees, neural networks, ensemble learning), and I am currently working on implementing solutions using Python. These solutions address real-world cybersecurity problems, namely intrusion detection, fraud detection, and adversarial machine learning.

Some of my projects in AI security include building a spam detection model using linear and logistic regression with Pandas, NumPy, and Scikit-Learn, developing a logistic regression model with L1 and L2 regularizaiton to predict phishing attacks, constructing custom neural networks and convolutional neural networks to classify malware, and building an anomaly-based intrusion detection system using ML techniques.

Cyber Policy

My introduction to cybersecurity was from a policy perspective as a student of international relations. I have always been fascinated by how the technical side of cybersecurity shapes broader cyber policies.

I have written papers on topics such as the ownership and control of the internet, digital sovereignty, and cybersecurity norms.

Outside of Cybersecurity

I am also an avid programmer. My programming languages include Python, Java, HTML/CSS, Bash, and JavaScript

Over the past year I have had the opportunity to work at the LITE center at Fordham, where I have worked with 3D printers, configured and secured AR/VR headsets, and state-of-the-art laser engraving technology.

I often describe myself as a “global nomad”, having grown up in India, Switzerland, Sri Lanka, and the U.A.E. I speak five languages, and I enjoy playing the piano and weightlifting.

Skills

A summary of my skills:

  • Programming Languages: Python, Java, HTML, CSS, Bash, JavaScript
  • Cloud Platforms: AWS (S3, CloudFront, Route 53, Lambda, KMS, ACM)
  • Frameworks and Tools: Wireshark, Burp Suite, Metasploit, Sumo Logic, Splunk, Snort, Security Onion, Linux Audit Daemon, Qiskit SDK
  • Protocols and Models: TCP/IP, HTTP/S, SSH, ICMP; relevant ports, OSI Model
  • Concepts: Static Code Analysis, Intrusion Detection, Penetration Testing, Vulnerability Scanning, Threat Hunting, Network Security, DoS Mitigation
  • Certifications: CompTIA Security+, AWS Solutions Architect, expected CCNA in January 2025

    • Contact

    I’m always happy to connect!