Apoorva Surana
Mobile: +1-917-***-**** Email: adnan5@r.postjobfree.com Address: 430 Senator St, Brooklyn, NY LinkedIn : https://www.linkedin.com/in/apoorvasurana EDUCATION Master of Science (Computer Science) - New York University, NY Aug 2019 - May 2021 Relevant courses: Computer Networking, Information Security & Privacy, Network Security, Big Data Application Security, Penetration Testing & Vulnerability Analysis, Digital Forensics Bachelor of Engineering (Computer Engineering) - Pune Institute of Computer Technology, India Aug 2014 - Jun 2018 Relevant courses: Cyber Security, Computer Forensics and Cyber Applications EXPERIENCE Subject matter expert in Mobile Security - NYU Tandon Online, NY Jul 2020 - May 2021
- Provide security expertise to the team on topics ranging from Android/IOS security architecture, WiFi vulnerabilities, Incident detection and response, CRYLOGGER as well as general mobile security improvements.
- Currently, conducting in depth research and working on proof-of-concept reviews for spoofing attacks against reconnections in Bluetooth Low Energy protocol, mitigating over-the-air attacks in self-driving cars and detecting Crypto misuses
- Coordinating and collaborating dynamically alongside the content, production and technical team with analysis and documentation of course materials and security concepts SAP Security Administrator - Schlumberger Ltd., India Jul 2018 - Jun 2019
- Administer and maintain user access controls and procedures to prevent unauthorized access.
- Perform unit and integration testing, compile and generate security reports on system and network access on a weekly basis.
- Part of the largest SAP deployment with over 20,000 users, provided Post-deployment support (Hypercare) after the release
- Implemented security upgrades using SU25 and Profile Generator (PFCG)
- Utilized Schlumberger IT Transformation (ITT) change management processes to handle IDM requests and manage the data integration and migration from legacy systems to ERP in an agile manner.
- Solved client’s security related issues via Incident Ticket System (REMEDY) on a committed schedule TRAINING & CERTIFICATES IT Security: Defense against the digital dark arts - Google IT Support Professional Certificate, Coursera Sept 2020 Introduction to Cloud Identity - Google Cloud Training, Coursera Sept 2020 Ethical Hacking: Evading IDS,Firewalls, and Honeypots - CompTIA® CEUs, LinkedIn Learning Apr 2020 IT Information Library Foundations Certification (ITIL) - AXELOS Global Best Practice Dec 2018 PROJECTS Application Security using situational case study Aug 2020 - Dec 2020 Domain: Web Security Technologies: git, JSON, Django, Sqlite, Docker, minikube, AFL fuzzer
- Responsible for creating secure designs, writing secure programs and identifying vulnerable patterns in existing code for C/C++, web, and mobile applications
- Exploited XSS, CSRF and SQL injection vulnerability, encrypted database, fixed vulnerabilities in the REST API
- Implemented Django migration and monitored deployment in a scalable, reliable, and secure manner with Prometheus Detection and prevention of Buffer Overflow vulnerability in Linux based OS Aug 2017 - Apr 2018 Domain: System Security Language: C/C++, Bash
- Developed and analysed a dynamic real time mechanism that successfully detects and reacts to buffer overflows.
- Designed a utility using ‘ptrace’ that monitors the target process and in case of a buffer overflow, reports the instruction which caused the attack and kills the process before any exploits can occur. Intrusion Detection System using Neural Networks Jul 2017 - Nov 2017 Domain: Cyber Security, Machine Learning Language: Python, TensorFlow
- Presented a seminar on “Cyber Security IDS using Neural Networks” which described a focused study on using Machine Learning and Data Mining methods for cyber analytics in support of Intrusion Detection.
- Evaluated the performance of backpropagation as compared to other neural network approaches on DDoS attack detection. KEY SKILLS Technical Skills: C++, Python, SQL, Bash Scripting Expertise in: IAM and SIEM tools, Vulnerability Management, Cryptographic protocols, Systems monitoring and alerting tool Technologies: SAP, Microsoft Office, Android Studio, Wireshark, NMAP, Metasploit, Snort, sslstrip, Hadoop, Spark, Burp Suite Systems: Kali Linux, Experience working in mixed Windows/Linux database and virtual/physical server environment