Hello

I'm Sushmita Paul

Cybersecurity Graduate student at Northeastern University

GET CV

About Me

I am pursuing Master of Science in Cybersecurity at Northeastern University with experience as a Software developer. While leading a team to develop frontend web application and consuming backend Rest API, my curiosity towards digital security commenced. This intrigues led me to advance my career in finding vulnerabilities, performing cyber forensics, and designing security controls to prevent threats. My hunger for knowledge and training from the university contributed to the addition of my skills in cryptographic schemes, access control, software security, risk management, and penetration testing.

Five years of work experience developed my skills in programming language, leadership, management, and teamwork. My contributions towards the project and delivering with the exception quality bagged me "Insta" award.

I consider myself as a persistent, detail-oriented, responsible, hard-working, quick learner, and committed towards work. To keep me updated, I read articles on security breaches, zero-day attacks, and security patches. During my free time, I like to read books and browse internet.

My Education

Master of Science in Cybersecurity

Northeastern University, Boston, MA
September 2019 - December 2021
Courses Taken - Foundation of Information Assurance, Computer System Security, Network Security Practices, Information System Forensics, Software Vulnerabilities and Security, Security Risk Management & Assessment

Bachelor of Engineering in Electrical and Electronics

Goa University, India
June 2010 - May 2014

My Skills

Bootstrap

Metasploit

Autopsy

SqlMap

My Academic Projects

SOC – Common Language Translator for Sigma and Yara Rules
(Northeastern University and Securonix)

April 2021

Developed translator tool to convert Yara and Sigma rules into Securonix SIEM Engine (Spotter) query format.

Self-Replicating Virus (Northeastern University)

December 2020

Designed and implemented virus using C that will infect one file at a time in the same directory it is executed. The infected file will keep on infecting other files based on its location, thus self-replicating & infecting legitimate files.

Penetration Testing
(Northeastern University)

March 2020

Performed reconnaissance on a test application to gain access to the Operating system and application along with maintaining backdoor entry into application.

Forensic Case Study of Windows Laptop
(Northeastern University)

February 2020

Performed analysis on a digital evidence to determine case in-hand using windows registry hives, and shellbags.

Firewall and iptables
(Northeastern University)

November 2019

Set up firewall and routed packets using iptables to protect internal network from the Internet

Password Cracking Tool
(Northeastern University)

November 2019

Developed an offline dictionary-based password cracking tool using Python. Multi-threading was implemented in the tool to improve speed and efficiency.

Incident Response Playbook
(Northeastern University)

November 2019

The paper comprises of instructions to identify cyber-threats through the Indicators of Compromise, and devising strategies to mitigate the impact of the same. The paper focuses on five common incidents and the response plan of each incident are divided into five steps of Identification, Notification, Analysis, Containment/Eradication and Recovery.

Enterprise Network Architecture
(Northeastern University)

October 2019

Designed a secure enterprise network architecture that includes network tiers to separate internet-facing system from the internal network (zoning); assigning IP address subnet to zones (subnetting); network access control rules to monitor and route the traffic; security devices to detect and prevent intrusions; and monitoring the traffic using SIEM tools.

Cryptographic Schemes
(Northeastern University)

Sept 2019

Designed and implemented cryptographic schemes to provide confidentiality, integrity and authenticity using a bash script which can be used to encrypt and decrypt plain-text files along with signing and verifying the signature of the encrypted file.

My Work Experience

CyberArk

Information Security Services Intern
Sep 2020 - Jan 2021
Newton, MA
  • Identified technical issues faced by the customer in the CyberArk Privileged Access Security (PAS) Solution which includes Password Management (verification, reconciliation, changing) and storage in the vault; Privileged Account Management via CyberArk Platform and its dependencies; CyberArk Discovery & Audit Scanning; Event Notification Engine; and Safe Management.
  • Debugged and resolved the CyberArk PAS issues of Enterprise Password Vault and Central Policy Manager Server by experimenting and recreating the scenario in my lab.
  • Provided solution and steps to meet the requirement of customer's environment-specific PAS installation and upgrade.

Global Resilience Institute - Northeastern University

Security Engineer - Part Time
Jan 2020 - Sep 2020
Boston, MA
  • Implemented security controls for the users and the administrators considering the network architecture hosted in Amazon Web Services (AWS) using Network Access Control Rules (NACL) and Security groups which will reduce the outsiders, as well as insiders, attack by 20%.
  • Designed and implemented security controls for the internal email application hosted on Amazon Web Service (AWS) EC2 instance along with monitoring of mail traffic which will reduce the phishing emails by 40%.
  • Implemented the internal and external webpage of the application hosted on Amazon Web Service (AWS) using Route 53 and EC2 instance.
  • Updating and Maintaining the certificate of the application website.
  • Designed and developed a webpage application using Django for Hospitals to place a request for inventories needed to treat an increasing number of COVID-19 patients.

Northeastern University

Teaching Assistant
Jan 2020 - Apr 2020
Boston, MA
  • Assisted Professor in the course "Cyberspace Technology and Applications" to prepare assignments and its solutions.
  • Provided positive learning and guidance techniques to students.

Infosys Limited

Technology Analyst
Jul 2018 - Aug 2019
Pune, Maharashtra, India
  • Led a team to deploy a project, which included the development of Restful API using Java with Spring Framework for incentive detail page allowing customers to check respective incentive details, decreasing the turn around time by 25%.
  • Developed a Proof of Concept using AWS which consisted of scheduling a reminder for the members to record their health vitals using Alexa and saving the recorded vitals in Dynamo DB. This will enable the providers (Doctors) to remotely monitor the vitals of the members (Patients).
  • Designed and developed the Web page of Member Portal using AngularJS and Bootstrap for customers to view their treatment, the funds claimed by the provider and details of the payment in terms of copay, deductibles, and coinsurance, thus improving the user Experience by 40% as per customer’s review.
  • Worked on the migration of applications from ANT-build to MAVEN.
Senior System Engineer
Pune, Maharashtra, India
Oct 2016 – Jun 2018
  • Implemented functionality change in the claims and explanation of benefits web page of the provider website application using JSP which reduced the number of tickets raised by 30% and enabled the providers to visit the funds they ought to get from the customer.
  • Developed an incentive web page in the Member’s Portal using AngularJS and Bootstrap which will enable the member to view the earned, active, and expired incentives.
  • Implemented the login flow change of the application in backend Rest API using Java and frontend using AngularJS which increased the awareness of contract terms among the users by 30%.
System Engineer
Pune, Maharashtra, India
Nov 2014 – Sep 2016
  • Provided support for the technical and functional issues in Production for Providers website application, Voice application, and Cost Transparency application of Health Insurance client using IBM RAD, Soap UI, and IBM DB2 which includes interacting with the client, conveying the designed methodology and implementing the solution.
  • Created Break-Fix SR to implement the solution of the issues raised as a ticket in ServiceNow in the production.
  • Monitored the UNIX batches using WinSCP, as well as resolved the critical failures of the report and claim data generation using Shell scripts to ensure the timely delivery of the reports to the members.
  • Provided technical support during application production deployment by monitoring the logs and fixing the code break during the deployment.

Colleagues say about me

Rachit Gupta

Technology Analyst at Infosys | Java Certified Professional

Sushmita is wonderful to work with, and has exceptional expertise in leadership, coaching, motivation. She is dedicated, self-motivated, methodical, and very capable. She is not only a reliable and forward thinking colleague but also an inspiring team player. As a team member or a leader, Sushmita earns my highest recommendation.

Rajeev Upadhyay

Technology Lead at Infosys Limited

Sushmita Paul is an amazing person to work with. Sushmita's technical knowledge and people management skills are exceptional. Sushmita understands the bigger picture and business value in every piece of work that she delivers. I would highly recommend Sushmita and wish her the very best in her future endeavors.

Sarika Chougale

Technology Lead at Infosys Limited

I have known Sushmita for last 5 years. She is a calm, responsible and down to earth person. The most noteworthy part of her character is her hardworking nature. She has shown immense talent and flexibility for the whole period she has been my colleague. I would gladly and wholeheartedly recommend her as her senior colleague.

Arpit Rathore

Technology Analyst at Infosys

Sushmita has been a consistent performer and impeccable team player. She has proved her technical competence by handling multiple projects involving challenging deliverables. Her ability to learn new technologies in limited time has helped the team to conceive efficient and improved solutions for business problems.

Rob Knake

Senior Fellow at the Council on Foreign Relations

Sushmita is a rockstar. She worked with me over a semester with a small team of other graduate students on a pilot project to replicate the security functionality of SIPRnet using AWS and zero clients. Sushmita brought a solid IT engineering and coding background to the project and serious security chops. She worked well with the other team members and was good at explaining highly technical issues to non-technical audiences. She also took on multiple other projects to explore new technologies in our lab and led the building of a website for the medical community in response to the COVID pandemic. Highly recommend!

Stephen Palagi

Enterprise Support Manager at CyberArk

Sushmita was an excellent addition to the CyberArk Support team. Her brief co-op with us showed she was able to handle customer facing technical work while providing great utility for her team. I would recommend her for any customer facing technical role. She received positive feedback from both customers as well as her co-workers.

James Johnson

Enterprise Support Engineer at CyberArk

I served as Susmita's Technical Mentor and Manager throughout her internship at CyberArk. I quickly learned Sushmita was highly intelligent, hard working, and dedicated to continuous improvement. Sushmita met and exceeded every expectation we placed upon her, and always made sure to be mindful of both small technical details and keeping her customers interests first. I have no doubt Sushmita will be successful in whatever she decides on as her next endeavor.

Wasim Halani

Director - Detection Engineering at Securonix

Although for a brief tenure, it has been a pleasure working with Sushmita for her Capstone project. She lead the project team, coordinated the discussions and made sure the time-zone differences never became a hurdle in our communications. Her proactive approach towards identifying bugs, documenting test cases and tracking tasks makes her valuable for any development team. Wish her the best in her career ahead!