Post Job Free
Sign in

Project Software Engineer

Location:
Boston, MA
Posted:
April 04, 2017

Contact this candidate

Resume:

Princely Dmello

LinkedIn: https://www.linkedin.com/in/princely-dmello-b189991a ******.*@*****.***.*** GitHub: https://github.com/princelydmello/NEU_Projects 617-***-**** Available: February 2017 Boston, MA EDUCATION

Northeastern University, Boston MA January 2015 - December 2016 Candidate for Master of Science in Information Assurance GPA: 3.3/4.0 Related Courses: Software Security Practices, Network Security Practices, Information System Forensics, Fundamentals of Computer Networking, Foundation of Information Assurance, Security Risk Management and Assessment University of Mumbai, Mumbai, India August 2011

Bachelor of Engineering in Computer Science.

TECHNICAL KNOWLEDGE

Languages: Python, C, HTML, MySQL, Unix CLI

Framework: Python-Scapy, Selenium

Tools: Splunk, Wireshark Network Analyzer, Zenmap, Metasploit, Nessus, Snort, Burp Suite, Cisco Packet Tracer, IPtables, Qradar, AcessData FTK Imager Systems: Kali Linux, Ubuntu, Windows XP/8/2003 Server/ 2008 Server, RHEL Attacks & Vulnerabilities: OWASP top 10, DOS, Response Spoofing, MITM, Pen-Testing, SSL/TLS vulnerabilities Standards: NIST 800-53, HIPAA, PCI-DSS

ACADEMIC PROJECTS

Northeastern University, Boston MA

Capstone Project: SPAR(Splunk Privacy Advisory Report) - Partners Healthcare, Boston

• Implemented Splunk dashboards to display patient data access events that could be potential breaches of confidentiality in accordance with HIPAA.

• Implemented Splunk queries with regular expressions to extract field values to populate the dashboards. Project: Network Protocols/Web-Based Attacks and Infrastructure Setup

• Implemented the infrastructure to perform network and web-based attacks that included installing and configuring multiple OS VMs, setting up DNS zone files, setting up vulnerable websites etc.

• Performed DNS poisoning by spoofing server response using python-scapy.

• Performed session hijacking, RST attacks on Telnet and SYN flooding using python-scapy and netwox.

• Performed CSRF and stored XSS attacks which included sending user cookies to attacker’s machine and creating a self-propagating XSS worm.

Project: Network Penetration Test

• This involved using tools such as Nessus, Zenmap, Metasploit at various stages and exploiting vulnerabilities such as ShellShock and preg_replace in phpMyAdmin. Project: Python WebCrawler

• Implemented a WebCrawler in Python that traversed approximately 5000 pages to search for secret keys. Class Paper: Risk assessment for Persistent Systems Ltd. based on NIST 800-53 framework.

• Wrote a paper detailing the security controls in place, the missing controls and associated risks, their mitigation costs and suggested controls for the organization I had previously worked at, using NIST 800-53 framework. WORK EXPERIENCE

Persistent Systems Ltd., India (Senior Software Engineer) October 2011 - November 2014 Project: Qradar/ Splunk configuration and log analysis - Whirlpool, USA

• Configured Qradar and Splunk to monitor machine generated logs such as Syslog and WinCollect logs.

• Analyzed machine generated logs for multiple operating systems and created a prioritized listing to determine the ones to be monitored.

Project: Tivoli Key Lifecycle Manager - IBM, USA

• Performed server-side testing of a key lifecycle management tool based on test cases that included checking for user role authorization and authentication.

• Followed agile methodology for these projects which included periodic interactions with US-based clients through scrum calls to communicate work status, provide an explanation or seek clarification for issues. Northeastern University, Boston MA(Research Assistant) June - October 2015

• Configured an Amazon AWS EC2 VM and installed SSL certificates to secure hosted website.

• Resolved incorrect reporting functionality, loss of session variable in the website using MySQL, JavaScript.



Contact this candidate