Cybersecurity Specialist with Full-Stack & CloudFocus

Simran Karmacharya ******************@*****.*** 901-***-****

https://www.linkedin.com/in/simran-karmacharya-b280682a1/ Summary:

Results-driven Cybersecurity Professional with a strong foundation in Computing, full-stack development, data analytics, and advanced cybersecurity operations. Equipped with hands-on experience in secure application development, cloud security, threat detection, and enterprise-level risk governance. Skilled in bridging technical expertise with strategic decision-making and delivering scalable, secure digital solutions. With a background as an Application Developer Assistant and an academic focus on cybersecurity frameworks (NIST RMF, CNCI), encryption, AI-based defense, and multi-cloud architectures, I bring a unique blend of full-stack engineering and cybersecurity insight. Passionate about building secure systems, solving complex problems, and supporting organizations in strengthening digital resilience. Key Strengths

• Comprehensive Cybersecurity Knowledge: Deep understanding of network defense, intrusion detection, encryption, social engineering, and cybersecurity law and policy.

• Technical Versatility: Combines software engineering, data analytics, and AI applications to enhance cyber defense and system resilience.

• Strategic Thinker: Integrates NIST RMF and CNCI frameworks into real-world risk governance and business continuity planning.

• Analytical & Research Expertise: Skilled in evaluating emerging threats, quantum cryptography, and cybersecurity- as-a-service (CaaS) trends.

• Cloud & Infrastructure Security: Experienced in AWS/Azure configurations, IAM implementation, and hybrid environment hardening.

• Strong Communication & Collaboration: Adept at translating complex technical issues into clear, actionable insights for technical and non-technical audiences.

• Ethical & Policy Awareness: Knowledgeable in compliance standards (GDPR, HIPAA, CCPA) and professional ethics in IT and cybersecurity.

• Leadership & Teamwork: Proven ability to collaborate in diverse environments, lead projects, and deliver under tight deadlines.

Technical Skills

• Cybersecurity Tools & Frameworks: NIST RMF, CNCI, MITRE ATT&CK, SIEM (Splunk, IBM QRadar), IDS/IPS, Firewalls, VPN, Wireshark, Burp Suite, Nessus, Metasploit

• Cloud Security: AWS, Microsoft Azure, IAM, MFA, Zero-Trust Architecture, Cloud Monitoring, Compliance Management

• Programming & Scripting: Python, Java, C++, R, JavaScript, SQL, HTML/CSS, PowerShell, Bash

• Data Analytics & Visualization: RStudio, Tableau, Excel, Pandas, NumPy, Data Mining, Trend Analysis

• Encryption & Cryptography: AES, RSA, ECC, Hashing, PKI, SSL/TLS, Digital Signatures

• AI & Automation: Machine Learning for Threat Detection, Anomaly Detection, Predictive Analytics

• Networking & Infrastructure: TCP/IP, LAN/WAN, Network Configuration, Virtualization, OS Administration

(Linux/Windows)

• Application Development: Mobile & Web App Development, API Integration, UI/UX Design (Figma, Adobe XD), Software Testing & QA

• Governance & Compliance: GDPR, CCPA, HIPAA, ISO 27001, SOC 2, Cybersecurity Policy Development

• Soft Skills: Communication, Problem-Solving, Leadership, Project Management, Ethical Decision-Making Experience

Company: Aarambha IT Research Center Title: Application Developer Assistant Jun 2021– July2023 Project 1: Sadhan – Ride-Sharing Mobile Application In this project, Developed a ride-sharing app enabling users to book, track, and pay for rides in real time. Assisted in the UI/UX design, API integration, and testing phases to ensure seamless performance and security. Implemented key features like geolocation tracking, driver-user communication, and digital payment integration. The project enhanced skills in mobile app development, database management, and secure data handling. Responsibilities:

• Collaborated with the development team to design and implement frontend interfaces using Figma and Flutter for a clean, intuitive user experience.

• Assisted in backend integration and database setup using Firebase and SQL to enable secure real-time communication between riders and drivers.

• Contributed to feature testing, including functional, usability, and performance testing across multiple Android and iOS devices.

• Designed user flow diagrams and wireframes for ride booking, map navigation, and payment modules.

• Worked on data security and authentication mechanisms to protect user profiles and transaction information.

• Supported version control using GitHub, managing code merges and documentation throughout development.

• Participated in Agile sprints, providing feedback during daily standups and sprint reviews for iterative improvements. Project 2: Hamro Patro – Calendar and Event Management App In this project, I Contributed to the development of Hamro Patro, a localized calendar and event scheduling application designed for Nepali users. Focused on UI/UX optimization, responsive interface design, and custom date-time functionalities for regional accuracy. Supported cross-platform testing, debugging, and user experience refinement to ensure functionality and cultural relevance.

Responsibilities:

• Assisted in developing localized calendar functionalities integrating Nepali and Gregorian date systems.

• Designed and optimized UI/UX layouts for responsive performance across mobile devices.

• Helped build event reminder and notification modules using Android Studio and Java/Kotlin frameworks.

• Conducted manual and automated testing to verify time-zone accuracy and event synchronization.

• Ensured cultural adaptability by customizing layouts, color palettes, and icons for Nepali users.

• Documented project workflows, user stories, and design revisions to streamline future updates.

• Collaborated with the QA and development teams to identify and fix usability bugs and interface inconsistencies. Projects

Cybersecurity Aug 2023 – Mar2025

• Introduction to Cybersecurity: Built a strong foundation in cybersecurity principles, including CIA triad, risk management, vulnerability assessment, and ethical hacking fundamentals; explored evolving cyber threats, defense mechanisms, and global cybersecurity standards.

• Cybersecurity Strategic Operations: Conducted enterprise-level simulations of advanced attacks—reconnaissance, privilege escalation, persistence, and cleanup; applied the NIST Risk Management Framework (RMF) and CNCI principles to strengthen governance, perform Business Impact Analysis (BIA), and develop disaster recovery plans across hot, warm, and cold sites.

• Cybersecurity in Cloud Computing: Designed and secured multi-cloud environments using AWS and Azure; implemented IAM, encryption, zero-trust architectures, and compliance controls (ISO 27001, SOC 2) to mitigate data exposure risks in hybrid deployments.

• Cybersecurity Intelligence & Counterintelligence: Analyzed threat intelligence, OSINT, and APT operations; developed counterintelligence and disinformation mitigation strategies to protect organizational data and digital reputation.

• Cybersecurity Threat Detection: Built detection systems leveraging SIEM tools and endpoint telemetry; analyzed logs, anomalies, and user behavior to detect insider threats and intrusions using proactive layered defense.

• Cybersecurity Infrastructures: Secured enterprise networks and critical systems, including IDS/IPS, VPNs, and firewalls; conducted penetration testing and implemented defense-in-depth strategies to protect both physical and cloud-based assets.

• Cybersecurity Communication: Developed professional cybersecurity communication skills for technical and executive audiences; authored risk assessment reports, policy briefs, and incident summaries tailored for non- technical stakeholders to promote informed decision-making.

• Cybersecurity Law and Policy: Researched U.S. and international cybersecurity laws and frameworks (GDPR, CCPA, HIPAA, NIST); analyzed ethical and compliance implications for data protection, forensics, and digital investigations.

• Social Engineering & Human Factors: Studied Hadnagy’s manipulation and influence principles; analyzed psychological exploitation methods such as framing, elicitation, and pretexting; designed awareness and training programs to mitigate human-factor vulnerabilities.

• Practical Research in Cybersecurity: Authored graduate research paper “Cybersecurity Resilience for SMEs: Protecting Global Supply Chains in Nepal’s Geopolitical Landscape,” integrating CNCI principles, AI applications, and supply chain defense strategies.

• AI in Cybersecurity: Engineered AI-powered intrusion detection and phishing prevention models; applied machine learning for anomaly detection and predictive threat analysis to enhance enterprise defense capabilities.

• Encryption Methods and Techniques: Implemented symmetric and asymmetric encryption, hashing, and digital signature algorithms; analyzed cryptographic protocols (RSA, AES, ECC) and assessed their role in data confidentiality and integrity across network layers.

• Analytics Programming with R: Utilized R programming for cybersecurity data analytics; conducted statistical modeling, visualization, and trend analysis on security logs to inform threat detection and decision-making.

• Future Cybersecurity Trends & Strategic Leadership: Explored emerging areas such as quantum cryptography, 5G network security, and cybersecurity-as-a-service (CaaS); emphasized leadership-driven strategies, proactive defense models, and enterprise-wide cybersecurity culture. Academic Projects Bachelor of Science in Computing Oct2019 – Oct2022

• Smart Data Discovery System: I developed a Smart Data Discovery System that analyzed structured datasets and presented insights through interactive dashboards, utilizing Python, R, Pandas, NumPy, and Matplotlib to perform data preprocessing, visualization, and analytical modeling.

• IoT-Based Cloud Computing Integration Project: I designed and implemented a prototype that connected IoT devices to a cloud platform for real-time data monitoring, employing AWS IoT Core, MQTT, Python, and Arduino sensors, while focusing on secure device authentication and data encryption.

• Web and Application Development Project: I built a dynamic full-stack web application using HTML, CSS, JavaScript, PHP, and MySQL, integrating user authentication, database-driven content management, and responsive UI/UX design to simulate real-world application functionality.

• Database Design and Management System: I created and managed a relational database system for a small business scenario using MySQL, SQL Workbench, and ERD modeling tools, performing normalization, query optimization, and data integrity checks.

• Software Engineering and System Design Project: I participated in an Agile-based software development project, applying the full software development lifecycle with Git for version control, UML diagramming tools, and JIRA for task tracking, while designing and testing functional modules.

• Artificial Intelligence and Logic Problem-Solving Project: I developed a rule-based AI chatbot prototype using Python, NLTK, and basic machine learning libraries, enhancing my skills in logic-based reasoning, pattern recognition, and AI-driven automation.

• Network and Operating System Simulation Project: I configured virtual network topologies using Cisco Packet Tracer, and managed Windows and Linux operating systems, implementing firewall rules and basic encryption techniques to reinforce foundational network security and administration knowledge. Education:

Master of Science in Cybersecurity Operations -Webster University Bachelor of Science (Hons.) Computing - London Metropolitan University

Contact this candidate