Cybersecurity Lead

Abhinay Kambhammettu

************.*******@*****.*** Edison, NJ 732-***-****

https://www.linkedin.com/in/abhinaykambhammettu/

PROFESSIONAL SUMMARY

Hands-on cybersecurity professional with practical experience in penetration testing, threat detection, and GRC implementation across both lab simulations and production systems. Proficient with Kali Linux, Splunk, Wireshark, and Wazuh, with a proven ability to identify critical vulnerabilities, build secure infrastructure, and lead technical teams. Familiar with frameworks including NIST 800-53, SOC 2, and ISO 27001. Currently pursuing CompTIA Security+ EDUCATION

Rutgers School of Arts and Sciences New Brunswick, NJ Bachelor's in Information Technology and Informatics and Business Administration May 2025

• Degree GPA: 3.7/4.0 Honors: Dean’s List Certifications: CompTIA Security+ (SY0-701) Cert Prep, Networking Foundations and Networking Basics, MySQL Basics, CompTIA IT Fundamentals: Computer Basics – Hardware and Operating Systems

• Relevant Experience: CompTIA Security+ (In Progress – August 2025), TryHackMe, HackTheBox WORK EXPERIENCE

Bunchful Enterprise New York, NY

Cybersecurity Lead & Company Stakeholder May 2024 – June 2025

• Led penetration testing on 7 websites using Kali Linux, Nmap, Nikto, and OWASP ZAP; deployed Wazuh and GLPI for 24/7 monitoring and remediation.

• Managed 9 interns across 25+ projects; handled user provisioning via Active Directory and built CI/CD from Dev to Prod using Jenkins, Docker, GitHub, Vault, ESXi, MySQL, NGINX, MinIO, and Zabbix.

• Reduced phishing by 95% with SpamHero and Outlook filters; launched interactive cybersecurity training for 250+ users with 95% completion, boosting org-wide threat awareness.

TECHNICAL PROJECTS & LABS

• Brute Force Detection & SIEM Dashboard (SPLUNK): Built a detection pipeline using UTM, Kali Linux, Splunk Enterprise, and rsyslog to forward syslogs over port 1514 into a custom linux_logs index, then developed SPL queries to detect brute force attempts and configured alerts with automated email notifications. Created a real-time SOC dashboard tracking brute force IPs, session spikes, sudo misuse, login anomalies, and auth failures, achieving 100% detection accuracy in a simulated lab with a mix of self-simulated and imported test data.

• Web App Penetration Testing: Simulated a full-stack attack using Kali Linux, DVWA, and Metasploitable2; performed reconnaissance with fping, Nmap, and Nikto, then exploited SQL injection via SQLmap to extract user table data. Cracked MD5 hashes using John the Ripper and rockyou.txt, inspected session cookies with Firefox Developer Tools, and simulated unauthorized access to validate post-exploitation control.

• Network Traffic Analysis Captured and analyzed 110,000+ packets using Wireshark, inspecting DNS, TCP, TLS, and ICMP traffic to identify SYN attempts, RST flags, and disrupted sessions. Traced activity to an AWS-hosted IP using IPinfo, captured DNS delivery to slowsplendiduniqueplay.neverssl.com, and documented findings in a structured report to improve threat visibility and response planning.

• TryHackMe Cybersecurity Labs: Executed end-to-end attack simulations using the Lockheed Martin Cyber Kill Chain, Gobuster, Meterpreter, and custom payloads. Investigated mock SOC alerts, blocked IOC-based threats, performed malware analysis, practiced Linux hardening and packet inspection, and wrote GRC-aligned documentation following ISO 27001, SOC 2, NIST 800-53, and GDPR standards.

CLUBS & LEADERSHIP EXPERIENCE

RU Investing New Brunswick, NJ

Executive Board September 2022 – September 2024

• Directed board operations and facilitated cohesive decision-making across 5+ executive members to align strategic initiatives

• Designed educational campaigns and led marketing efforts, including a featured event with NYSE floor trader Peter Tuchman, enhancing financial literacy for 150+ student members

RU Security New Brunswick, NJ

Member September 2024 – May 2025

• Participated in technical workshops and cybersecurity talks focused on threat detection, digital forensics, and red/blue team tactics.

• Engaged in in national competitions like HackTheBox and NCCDC, applying practical skills in network defense, ethical hacking, and incident response SKILLS

Cybersecurity Tools & Platforms: Kali Linux, Burp Suite, OWASP ZAP, DVWA, Metasploitable2, John the Ripper, rockyou.txt, SQLmap, Nikto, fping, Firefox Developer Tools, Gobuster, Meterpreter Network Analysis & Monitoring: Wireshark, IPinfo, Zabbix, TCP/IP, DNS, TLS, ICMP, SYN inspection, RST, flags, packet capture and filtering

Incident Response & SIEM: Splunk Enterprise, Wazuh, GLPI, Alert Triage, Malware Analysis, SOC Monitoring, Email Alerting, Dashboarding, Microsoft Defender

GRC & Compliance: ISO 27001, SOC 2, NIST 800-53, GDPR, CIA Triad, AAA Model, Least Privilege, GRC Documentation Scripting & Automation: Python, Bash, SPL (Search Processing Language) Infrastructure & Systems: Jenkins, Docker, GitHub, HashiCorp Vault, MySQL, NGINX, ESXi Host Client, OPNsense Firewall, MinIO S3, UTM Virtualization

Admin & Identity Tools: Active Directory, Microsoft Admin Center, Microsoft Purview, Microsoft Azure

Contact this candidate