Karimunnisa Shaik
*** **** ****** **, *******, GA-30324 660-***-**** ****************@*******.*** Objective
• 3+ years of professional and academic experience in Networking, Cybersecurity, Software Development and Security Risk Management.
• Implemented Secure DNP3 protocol Architecture of SCADA Systems for Smart Grids using Public Key Infrastructure (PKI), C++, and Raspberry PI.
• Actively pursuing Certified Information Systems Security Professional (CISSP) certification.
• Highly aspirant and dynamic professional with proven ability to learn quickly and become expert in various technologies.
Education
MASTER OF SCIENCE MAY 2018 UNIVERSITY OF CENTRAL MISSOURI
Major: Cyber Security and Information Assurance. MASTER OF SCIENCE MAY 2016 VELLORE INSTITUTE OF TECHNOLOGY
Major: Software Engineering.
SKILLS & ABILITIES
• Network & System Security, Vulnerability Management, Authentication & Access Control, Cyber Security Operations, Security Assessments testing, Change Control and Configuration Management, Security Incident Event Management (SIEM) Cyber Security Incident Response Plan (CSIRP), OWASP (TOP 10), Regulatory Compliance, Information Systems audits, Risk Assessment, IPS and IDS TECHNICAL SKILLS
• Security Technologies: Retina Network Security Scanner; Nessus Security Center, WebInspect, Nikto, Nmap, Metasploit, Tripwire, SIEM tools; (HP ArcSight, Splunk), TCPdump/Wireshark, IDS/IPS (SourceFire, Snort, FireEye); Log Management, Antivirus Tools (Blue Coat, Symantec Protection Engine), Service-Now Ticketing, HP Network Analyzer, Enterprise Certificate services (Venafi api)
• Operating Systems: Unix-Based Systems (Solaris, Linux, BSD); Windows (all)
• Networking: LANs, WANs, VPNs, Routers, Firewalls, WAF, TCP/IP protocols
• Access Control: RADIUS, TACACS+, NAC
• Virtualization: VMWare Workstation, Oracle Virtualbox
• Programming languages: C, C++, Java, PYTHON
• Web Technologies: HTML, CSS, Bootstrap, javascript, AJAX, JSP
• Framework: Angular JS, Spring MVC, HIPAA, COBIT, NIST
• Database: MY SQL, Azure SQL, MS SQL
• Network Monitoring: Nagios, SolarWinds, MRTG, NetFlow Experience
SECURITY ANALYST SOFTWORLD TECHNOLOGIES SEPTEMBER 2017-MAY 2018
• OWASP Top 10 Issues identifications like SQLi, CSRF, and XSS.
• Preparation of risk registry for the various projects in the client.
• Providing details of the issues identified and the remediation plan to the stake holders.
• Involved in a major merger activity of the company and provided insights in separation of different client data and securing PII.
• Identification of different vulnerabilities of applications by using proxies like Burp Suite to validate the server-side validations.
• Execute and craft different payloads to attack the system to execute XSS and different attacks SQLMap to dump the database data to the local folder.
• Identified issues on sessions management, Input validations, output encoding, Logging, Exceptions, Cookie attributes, Encryption, Privilege escalations.
• Provided and validated the controls on logging like Authentication logging, profile modification logging, logging details, log retention duration, log location, synchronizing time source, HTTP logging.
• Environment: Burp Suite, SQLmap, PHP, ASP, MS SQL, MY-SQL, Apache, OWASP ZAP Proxy, Dirtbuster, HP Fortify, Nmap, SQLmap, Nessus, Metasploit. SOFTWARE DEVELOPER BELL SOLUTIONS JULY 2015-DCEMBER 2016 Involved in a project that is associated with Private Bank. The current application was a part of the online banking that allows customers to pay bills securely as well as enroll in monthly automatic recurred bill payment. The functionalities involved in e-bill payment were Add a payee, make a payment. Set up automatic payments, receive Bills Electronically, Request E-mail Notifications and Review payments history.
Academic Projects
UNIVERSITY OF CENTRAL MISSOURI JANUARY 2017- JUNE 2018
• Involved in the Design, development, test, deploy and maintenance of the website.
• UI was developed using HTML, AJAX, CSS and JavaScript.
• Developed entire frontend and backend modules using Python on Django Web Framework.
• Generated property list for every application dynamically using Python.
• Responsible for search engine optimization to improve the visibility of the website.
• Developed Merge jobs in Python to extract and load data into MySQL database.
• Designed and developed the presentation layer/client end using HTML, XML, DHTML and JSP.
• Handled all the client-side validation using JavaScript.
• Wrote validation scripts in SQL to validate data loading.
• Used Git for version control.
• Performed Unit and system testing.
Page 2
Environment: Python, Django, MySQL, HTML, XHTML, CSS, AJAX, JavaScript, Apache Web Server, Git, Linux
VELLORE INSTITUTE OF TECHNOLOGY JANUARY 2015 – JUNE 2105 Incremental Map Reduce with K Nearest Neighbor evolving in Big Data
• Introduced I2Map Reduce, a fine-grained resource-aware I2Map Reduce scheduler that divides tasks into phases, where each phase has a constant resource usage profile, and performs scheduling at the phase level.
• In addition to this map reduce the K- Nearest Neighbor is introduced. This model allows us to bring the output again in a large dataset. The map gaze will determine the K-Nearest Neighbors in different splits of the data. I2 Map performs the operation once it gets the data from the K-Nearest Neighbor