Apoorva Surana

Mobile: +1-917-***-**** Email: adnan5@r.postjobfree.com Address: 430 Senator St, Brooklyn, NY LinkedIn : https://www.linkedin.com/in/apoorvasurana EDUCATION Master of Science (Computer Science) - New York University, NY Aug 2019 - May 2021 Relevant courses: Computer Networking, Information Security & Privacy, Network Security, Big Data Application Security, Penetration Testing & Vulnerability Analysis, Digital Forensics Bachelor of Engineering (Computer Engineering) - Pune Institute of Computer Technology, India Aug 2014 - Jun 2018 Relevant courses: Cyber Security, Computer Forensics and Cyber Applications EXPERIENCE Subject matter expert in Mobile Security - NYU Tandon Online, NY Jul 2020 - May 2021

- Provide security expertise to the team on topics ranging from Android/IOS security architecture, WiFi vulnerabilities, Incident detection and response, CRYLOGGER as well as general mobile security improvements.

- Currently, conducting in depth research and working on proof-of-concept reviews for spoofing attacks against reconnections in Bluetooth Low Energy protocol, mitigating over-the-air attacks in self-driving cars and detecting Crypto misuses

- Coordinating and collaborating dynamically alongside the content, production and technical team with analysis and documentation of course materials and security concepts SAP Security Administrator - Schlumberger Ltd., India Jul 2018 - Jun 2019

- Administer and maintain user access controls and procedures to prevent unauthorized access.

- Perform unit and integration testing, compile and generate security reports on system and network access on a weekly basis.

- Part of the largest SAP deployment with over 20,000 users, provided Post-deployment support (Hypercare) after the release

- Implemented security upgrades using SU25 and Profile Generator (PFCG)

- Utilized Schlumberger IT Transformation (ITT) change management processes to handle IDM requests and manage the data integration and migration from legacy systems to ERP in an agile manner.

- Solved client’s security related issues via Incident Ticket System (REMEDY) on a committed schedule TRAINING & CERTIFICATES IT Security: Defense against the digital dark arts - Google IT Support Professional Certificate, Coursera Sept 2020 Introduction to Cloud Identity - Google Cloud Training, Coursera Sept 2020 Ethical Hacking: Evading IDS,Firewalls, and Honeypots - CompTIA® CEUs, LinkedIn Learning Apr 2020 IT Information Library Foundations Certification (ITIL) - AXELOS Global Best Practice Dec 2018 PROJECTS Application Security using situational case study Aug 2020 - Dec 2020 Domain: Web Security Technologies: git, JSON, Django, Sqlite, Docker, minikube, AFL fuzzer

- Responsible for creating secure designs, writing secure programs and identifying vulnerable patterns in existing code for C/C++, web, and mobile applications

- Exploited XSS, CSRF and SQL injection vulnerability, encrypted database, fixed vulnerabilities in the REST API

- Implemented Django migration and monitored deployment in a scalable, reliable, and secure manner with Prometheus Detection and prevention of Buffer Overflow vulnerability in Linux based OS Aug 2017 - Apr 2018 Domain: System Security Language: C/C++, Bash

- Developed and analysed a dynamic real time mechanism that successfully detects and reacts to buffer overflows.

- Designed a utility using ‘ptrace’ that monitors the target process and in case of a buffer overflow, reports the instruction which caused the attack and kills the process before any exploits can occur. Intrusion Detection System using Neural Networks Jul 2017 - Nov 2017 Domain: Cyber Security, Machine Learning Language: Python, TensorFlow

- Presented a seminar on “Cyber Security IDS using Neural Networks” which described a focused study on using Machine Learning and Data Mining methods for cyber analytics in support of Intrusion Detection.

- Evaluated the performance of backpropagation as compared to other neural network approaches on DDoS attack detection. KEY SKILLS Technical Skills: C++, Python, SQL, Bash Scripting Expertise in: IAM and SIEM tools, Vulnerability Management, Cryptographic protocols, Systems monitoring and alerting tool Technologies: SAP, Microsoft Office, Android Studio, Wireshark, NMAP, Metasploit, Snort, sslstrip, Hadoop, Spark, Burp Suite Systems: Kali Linux, Experience working in mixed Windows/Linux database and virtual/physical server environment