Available for Opportunities · Ireland

Sagar B. Suryawanshi

Cybersecurity — Cloud · AppSec · DevSecOps

Cloud Security  ·  Application Security  ·  DevSecOps

CompTIA Security+ (SY0-701)  ·  Google Cybersecurity  ·  CISCO SOC  ·  LetsDefend

Building security tools across Cloud, AppSec, and DevSecOps — backed by CompTIA Security+, published research, and professional engagements with Mastercard, PwC Switzerland, and Tata Group.

View Projects
4+ Certifications
6 Security Projects
1 Published Paper
3 Professional Engagements
Sagar B. Suryawanshi — Cybersecurity
🛡️ Security+
01 / About

Who I Am

I got into cybersecurity because I wanted to understand how things break and more importantly, how to build them so they don't.

Over the past two years I've spent evenings and weekends doing exactly that: building a cloud misconfiguration scanner from scratch, designing an AES-256 encrypted file platform, studying how keyloggers behave so I could write detection logic against them. Not because I needed to for a grade because I wanted to understand how it actually works under the hood.

Yes, AWS has Security Hub. Yes, enterprise tools exist for everything I've built. The point was never to replace them. The point was to understand them deeply enough that on day one of a role, I'm not learning what a misconfigured S3 bucket looks like I already know, because I've written code that finds them.

I'm heading to Ireland for an MSc in Cybersecurity and actively looking for a role where I can keep learning fast and contribute early. Cloud Security, AppSec, DevSecOps, Vulnerability Management, Secure Code Review I want to work across all of it.

🎓
B.Sc. Information Technology KES Shroff College, Mumbai · Graduating May 2026
📍
Location Mumbai, India · Open to relocation in Ireland
📄
Published Research International Conference · ISBN: 978-93-342-8167-5
☁️ Cloud Security AWS · Azure · GCP
🔐 Application Security OWASP · Burp Suite · AppSec
⚙️ DevSecOps Docker · CI/CD · IaC Security
🛡️ CompTIA Security+ SY0-701 Certified
02 / Skills

Technical Expertise

Hands-on skills across cloud security, application security, and DevSecOps — built through projects, labs, and client engagements.

AWS

IAM & Policies GuardDuty Security Hub CloudTrail S3 Bucket Policies

Azure

Defender for Cloud Microsoft Sentinel Entra ID Key Vault

Concepts

Zero-Trust Architecture CSPM Cloud Threat Modelling Shared Responsibility CIS Benchmarks
03 / Certifications

Credentials

Industry-recognised certifications verifying hands-on cybersecurity competency.

CompTIA Security+

SY0-701

Globally recognised baseline security certification covering threat management, cryptography, identity management, and network security — a hiring requirement at many cybersecurity firms.

Cryptography IAM Cloud Security Network Security
View Certificate →

Cisco SOC

Security Operations Centre

Hands-on SOC analyst training covering intrusion detection, alert triage, and incident escalation workflows using industry-standard tooling.

SOC Workflows IDS/IPS Incident Triage
View Certificate →

Google Professional Cybersecurity

Cybersecurity Certificate · Coursera

Eight-module programme covering security foundations, network security, Linux, SQL, asset protection, Python automation, and cloud security fundamentals.

Python Automation Linux NIST CSF
View Certificate →

SOC Analyst Learning Path

LetsDefend · Dec 2025

Comprehensive SOC analyst learning path covering alert analysis, log investigation, incident response, and hands-on threat detection using a real SIEM-based platform.

Alert Analysis Threat Detection Incident Response
View Certificate →
04 / Projects

Security Projects

Hands-on builds demonstrating practical security engineering — each project solves a real-world problem.

01

CloudGuard

☁️ AWS cloud misconfiguration detection tool for proactive security auditing

Misconfigured AWS environments are behind some of the most costly cloud breaches. CloudGuard automates detection of exposed EC2 instances, disabled CloudTrail logging, and open S3 buckets — checks drawn directly from the CIS AWS Foundations Benchmark — and outputs a prioritised risk report. Built entirely with Python and Boto3. No third-party scanning engine: pure SDK-level interrogation of the AWS environment.

Python AWS SDK (Boto3) Cloud Security IAM Analysis S3 Audit EC2 CloudTrail
View on GitHub →
02

CryptoVaultX

🔐 End-to-end encrypted file storage platform with client-side cryptography and role-based access control

Most file storage systems trust the server too much — plaintext data sits in databases waiting to be breached. CryptoVaultX encrypts files client-side with AES-256-GCM before they ever leave the browser, enforces role-based access control, and runs as a Dockerised microservice. Zero plaintext reaches the server at any point. Stack: Python, Flask, PostgreSQL, Docker.

Python Flask AES-256-GCM PostgreSQL Docker RBAC Cryptography
View on GitHub →
03

NetTrace

🌐 Network reconnaissance and attack surface mapping tool built on Nmap automation

SOC analysts need to rapidly understand an environment's attack surface during an investigation — manual Nmap commands don't scale under pressure. NetTrace wraps Nmap automation in a Flask interface, enabling one-click network scanning, service enumeration, and port-to-risk mapping. Designed around a real L1 analyst investigation workflow, not a CTF.

Python Flask Nmap Network Recon Port Scanning
View on GitHub →
04
Research Series: Adversary Simulation → Detection  |  Part 1 of 2

KeyStroke Monitor

🧪 OS-level keystroke capture tool for adversary simulation and detection research

Part 1 of a two-part security research project. To build an effective defence, you first need to understand the attack in detail. KeyStroke Monitor is a low-level OS keystroke capture tool built specifically to study the precise behavioural patterns of a real keylogger — API call sequences, timing signatures, and process injection methods.

Python OS APIs Malware Simulation Endpoint Security
View on GitHub →
05
Research Series: Adversary Simulation → Detection  |  Part 2 of 2

Anti-Keylogger

🛡️ Behavior-based detection and mitigation tool for keystroke logging threats

Part 2 of the research series. Using the behavioural patterns mapped in Part 1, Anti-Keylogger detects and terminates unauthorised keystroke capture processes in real time — implementing process monitoring and behavioural detection logic that mirrors basic EDR functionality. Attack, understand, defend.

Python Process Monitoring EDR Concepts Behavioral Detection Defensive Security
View on GitHub →
06

PasswordCrack Suite

🔓 Password security analysis toolkit for evaluating authentication weaknesses

Weak password policies remain a top credential attack vector. This toolkit simulates dictionary and brute-force attacks against common hashing algorithms to calculate real cracking time — making the risk concrete, not theoretical. Results are used to argue empirically for stronger hashing (bcrypt, Argon2), mandatory salting, and modern credential policy standards. Built for security awareness and policy validation, not exploitation.

Python Hashing Algorithms Brute Force Simulation Authentication Security
View on GitHub →
05 / Experience

Professional Experience

Structured professional security programmes modelling real enterprise analyst tasks — each engagement produced a formal deliverable against industry-standard frameworks.

Mastercard Forage Placement
Cybersecurity Analyst
  • Analysed real-pattern phishing emails targeting financial services employees — identified 8 distinct social engineering techniques and mapped each to MITRE ATT&CK T1566 (Phishing).
  • Assessed organisational security awareness gaps using a simulated employee dataset, producing a targeted training intervention plan aligned to the identified risk profile.
  • Delivered a formal threat intelligence report structured to Tier-1 SOC analyst format — findings, severity ratings, and executive summary included.
Phishing Analysis Threat Intel Security Awareness
PwC Switzerland Forage Placement
Cybersecurity Consultant
  • Performed an integrated security risk assessment for a simulated enterprise client — identified critical and high-severity findings and mapped each to ISO 27001 controls and NIST CSF functions.
  • Designed a network segmentation strategy to address identified lateral movement risks — produced a firewall rule recommendation set with business justification for each proposed change.
  • Structured risk findings in a PwC-format client advisory report, prioritised by business impact rather than raw CVSS score alone.
Risk Assessment ISO 27001 NIST CSF Network Security
Tata Group Forage Placement
IAM Security Analyst
  • Designed an enterprise IAM architecture for a large-scale scenario — applied least-privilege principles across 200+ simulated user roles and produced a full access matrix covering all critical system tiers.
  • Developed an MFA strategy for privileged accounts, selecting authentication methods by risk tier: hardware tokens for admin access, TOTP for standard privileged users.
  • Documented architecture decisions as a structured security advisory aligned to Tata's governance reporting standards — written for a non-technical executive audience.
IAM MFA Least Privilege Governance
06 / Research & Achievements

Research & Publications

📚 Published Research

Building Cyber Resilience: The Interplay of Offensive and Defensive Security Strategies

Author: Sagar Balasaheb Suryawanshi
Institution: KES' Shroff College of Arts and Commerce, Mumbai
Year: 2024

How much does offensive security knowledge actually improve defensive outcomes? This paper argues that red team, blue team, and purple team functions must be structurally connected — not run in silos — to build genuine cyber resilience. Supported by case study analysis of real breach scenarios, it maps specific offensive techniques to the defensive controls they bypass, and proposes an integrated resilience framework for organisations. Published at international conference, 2024 (ISBN: 978-93-342-8167-5).

Published Cyber Resilience Penetration Testing Red Team / Blue Team Purple Teaming Threat Intelligence Incident Response
Verify ISBN: 978-93-342-8167-5 →
🏆
Research Paper Author Authored a paper on building cyber resilience through offensive and defensive security strategies — published at KES' Shroff College of Arts and Commerce (2024).
🛡️
CompTIA Security+ (SY0-701) Passed one of the most rigorous entry-level security certification exams in the industry.
🔬
Full SOC Lab Build Independently designed, built, and operated a multi-VM SOC environment for continuous skills development.
🌐
3 Global Firm Placements Completed professional security placements with Mastercard, PwC Switzerland, and Tata Group.
07 / Contact

Let's Connect

✉️ Email [email protected] 💼 LinkedIn linkedin.com/in/sagar--suryawanshi 🐙 GitHub github.com/CyberSec-Sagar-Security
📄 Curriculum Vitae