Amit Raut
Education:
Master’s Degree
Computer and Information Systems Security/Information Assurance
Northeastern University
Bachelor’s Degree
Information Technology
Veermata Jijabai Technological Institute (VJTI)
Experience:
2022 : Present
Workday
Senior Cybersecurity Engineer
2021 : 2022
Trend Micro
Vulnerability Researcher
⦿ Discovered and responsibly disclosed vulnerabilities in Tenda AC9 home Wi-Fi router via Cisco Talos (CVE-2019-5071, CVE-2019-5072)
⦿ Built and open-sourced Re2Pcap tool to create network traffic PCAP files from raw HTTP request or response via Cisco Talos which expedited process of Snort rules development
⦿ Currently building automation tool to create detection content (Snort rules) for the malicious traffic observed in Honeypot
⦿ Performed software analysis to find new vulnerabilities and created technical report for newly found vulnerability
⦿ Performed reverse engineering of malware using IDA Pro, Ghidra, X64dbg to create Snort rules and ClamAV signatures for its detection
⦿ Generated proof of concept (POC) for the known vulnerability using the publicly available information about the vulnerability and proposed mitigation strategies
2017 : 2021
Cisco Talos Intelligence Group
Senior Research Engineer
⦿ Built automated system using Python's Win32com API to send responses after analyzing the reported spam emails by the users (https : //github.com/amit-raut/Spam_Response_Automation)
⦿ Analyzed behavior of the Malware Campaign emails using cloud based Malware Analysis VM to determine type of the malware, C&C servers, possible effects of malware attacks
⦿ Used SIEM tools like Splunk Enterprise and ArcSight to gather more information about the security events
⦿ Assisted NBCU's SAFE Response team in monitoring and investigating special broadcasting events, supplier review for new vendors, identifying possible threats posted on social media, creating information security awareness among end users etc.
⦿ Remediated security event involving virus attacks on host, unauthorized user login from foreign country, use of unauthorized P2P applications with the help of tools like SEP, Triumfant, Casper, Knowledge Center, Moloch, FireEye
2016 : 2016
NBCUniversal Media, LLC
Information Security Analyst
⦿ Supported Bank of America’s hedging (Pegasus) and database (Position) applications by monitoring the generation of reports
⦿ Achieved “Bank of America global recognition Bronze award” for work on Pegasus application
2011 : 2012
Bank of America
Senior Technical Associate
Company: Workday
Years of Experience: 9
Spoken Language: English
Skilled at vulnerability research, creating detection content (Snort, ClamAV) for vulnerabilities / malware, reverse engineering, penetration testing