Amit Raut

Senior Cybersecurity Engineer | GREM | MS (Cybersecurity)

Ft. Washington, MD, United States

Details

Education: Master’s Degree

Computer and Information Systems Security/Information Assurance

Northeastern University

Bachelor’s Degree

Information Technology

Veermata Jijabai Technological Institute (VJTI)

Experience: 2022 : Present

Workday

Senior Cybersecurity Engineer

2021 : 2022

Trend Micro

Vulnerability Researcher

⦿ Discovered and responsibly disclosed vulnerabilities in Tenda AC9 home Wi-Fi router via Cisco Talos (CVE-2019-5071, CVE-2019-5072)

⦿ Built and open-sourced Re2Pcap tool to create network traffic PCAP files from raw HTTP request or response via Cisco Talos which expedited process of Snort rules development

⦿ Currently building automation tool to create detection content (Snort rules) for the malicious traffic observed in Honeypot

⦿ Performed software analysis to find new vulnerabilities and created technical report for newly found vulnerability

⦿ Performed reverse engineering of malware using IDA Pro, Ghidra, X64dbg to create Snort rules and ClamAV signatures for its detection

⦿ Generated proof of concept (POC) for the known vulnerability using the publicly available information about the vulnerability and proposed mitigation strategies

2017 : 2021

Cisco Talos Intelligence Group

Senior Research Engineer

⦿ Built automated system using Python's Win32com API to send responses after analyzing the reported spam emails by the users (https : //github.com/amit-raut/Spam_Response_Automation)

⦿ Analyzed behavior of the Malware Campaign emails using cloud based Malware Analysis VM to determine type of the malware, C&C servers, possible effects of malware attacks

⦿ Used SIEM tools like Splunk Enterprise and ArcSight to gather more information about the security events

⦿ Assisted NBCU's SAFE Response team in monitoring and investigating special broadcasting events, supplier review for new vendors, identifying possible threats posted on social media, creating information security awareness among end users etc.

⦿ Remediated security event involving virus attacks on host, unauthorized user login from foreign country, use of unauthorized P2P applications with the help of tools like SEP, Triumfant, Casper, Knowledge Center, Moloch, FireEye

2016 : 2016

NBCUniversal Media, LLC

Information Security Analyst

⦿ Supported Bank of America’s hedging (Pegasus) and database (Position) applications by monitoring the generation of reports

⦿ Achieved “Bank of America global recognition Bronze award” for work on Pegasus application

2011 : 2012

Bank of America

Senior Technical Associate

Company: Workday

Years of Experience: 9

Spoken Language: English

Skills Application Security, Artificial Intelligence (AI), bash, C, CCNP Certified, Cisco Advanced Malware Protection (AMP), ClamAV, Computer Networking, Cryptography, Cybersecurity, Deep Packet Inspection, Docker Products, Ethical Hacking, Flask, GNS3, GREM, High Performer, Information Security, Internet Protocol Suite (TCP/IP), Linux, Malware Analysis, Metasploit, MySQL, Network Administration, Network Security, Operating Systems, Penetration Testing, Personal Development, Python, Python (Programming Language), Splunk, System Administration, Vi, Vim, Vulnerability Research, Web Application Development, Wireshark

About Experienced Vulnerability Researcher with a demonstrated history of working in Cybersecurity industry by building and open-sourcing tools like Re2Pcap, finding vulnerabilities (CVE-2019-5071, CVE-2019-5072)

Skilled at vulnerability research, creating detection content (Snort, ClamAV) for vulnerabilities / malware, reverse engineering, penetration testing