I am a cybersecurity graduate student at the University of Maryland - College Park with hands-on experience in vulnerability management, GRC & compliance, and security research. My interest in cybersecurity began after experiencing a real-world account compromise, which motivated me to understand how attacks occur and more importantly, how to build systems that stop them.
I currently work as a Security Research Assistant at the University of Maryland, where I conduct vulnerability analysis, remediation validation, and NIST 800-53 control mapping to strengthen enterprise infrastructure. Previously, I built secure full-stack applications and led application security assessments aligned to OWASP Top 10 and NIST frameworks, translating technical findings into risk-based remediation plans for governance and compliance teams.
University of Maryland - College Park
Vulnerability analysis & remediation validation across production enterprise assets.Reliable Technosystems (I) Pvt. Ltd. · Remote
Led application security assessments mapped to OWASP Top 10 and NIST 800-53.Career Technology
Security testing of web apps & networks; automated, audit-ready reporting.University of Maryland - College Park
Graduate study integrating offensive and defensive security.Detection Engineering · AD & Cloud Defense
Building detection rules, playbooks, and AI-assisted SOC workflows.My journey into cybersecurity began in 2022 after my personal social media account was compromised, an incident that exposed me firsthand to the realities of cyber threats. That experience sparked my interest in understanding how attacks occur and how systems can be secured, leading me to formally explore cybersecurity concepts such as ethical hacking, network security, and vulnerability assessment during my undergraduate studies.
I spent countless hours in computer labs, learning about network protocols, system vulnerabilities, and the intricate dance between attackers and defenders. Each new concept opened another door to understanding the complex cybersecurity landscape.
The turning point came when I realized that being purely defensive wasn't enough. To truly understand how to protect systems, I needed to think like an attacker. This revelation led me to pursue advanced studies in offensive security and penetration testing. I began participating in Capture The Flag competitions, which not only sharpened my technical skills but also taught me to approach problems from multiple angles.
Learning to exploit vulnerabilities gave me a deeper appreciation for secure coding practices and system hardening. Every successful exploit taught me how to better defend against similar attacks. This duality of thinking - both as an attacker and defender - became my greatest strength.
During my internship at Career Technology, I shifted from theory to practice. I conducted security testing of web applications and network systems, mapping every finding to OWASP Top 10 and NIST frameworks. The most important lesson wasn't how to find vulnerabilities, it was how to validate them accurately, eliminate false positives, and communicate risk in a way that drives real remediation action.
I designed structured validation workflows to confirm exploitability and verify that fixes actually worked. I automated data collection using Python to clean up reporting pipelines, and produced audit-ready documentation covering risk severity, business impact, reproducibility steps, and remediation guidance. This taught me that a finding without clear context is just noise, and noise costs organizations time and money.
Today, as I pursue my Master's degree in Cybersecurity at the University of Maryland, I'm focused on bridging the gap between red team creativity and blue team methodology. My goal is to develop AI-powered security solutions that can predict and prevent threats before they materialize.
Beyond the technical aspects, I'm passionate about making cybersecurity accessible to everyone. I regularly write blog posts, contribute to open-source security tools, and mentor aspiring cybersecurity professionals. I believe that sharing knowledge and building a strong security community is just as important as developing technical expertise.