MS Cybersecurity — Northeastern University · Boston, MA · Class of 2026
AI Governance · OT/ICS Security · GRC/Compliance · Cloud Security · Incident Response · Healthcare Cybersecurity

Automated NIST AI RMF risk assessment + 25-vector live prompt injection red-teaming against local LLMs (Ollama). Generates CISO-ready PDF reports with executive summary, attack narrative, and 30-day remediation plan powered by Claude AI.

Python Streamlit Ollama NIST AI RMF OWASP LLM Top 10 ISO 42001 HIPAA

Automated AWS security auditor replicating the AWS Security Assurance team's engagement workflow. Runs checks across IAM, S3, CloudTrail, and Security Groups — maps every finding to NIST CSF, SOC 2 TSC, and CIS AWS Benchmark v2.0. Generates structured audit evidence packages and CISO-ready PDF reports.

Python boto3 Streamlit AWS NIST CSF SOC 2 CIS Benchmark

Full-stack SOC lab for Tamil Nadu's state power grid. Deployed Wazuh + TheHive + MISP stack processing 8,760 hours of SCADA data. 20 custom detection rules mapped to MITRE ATT&CK for ICS. Python anomaly detection engine (Z-Score, IQR, Isolation Forest) with 90% recall across 5 simulated attack scenarios.

Wazuh TheHive MISP Python Docker MITRE ATT&CK for ICS OT Security

Wazuh SIEM processing 720 hours of synthetic SCADA data. 3 custom detection rules mapped to MITRE ATT&CK for ICS (T0855, T0856, T0814). Interactive Streamlit dashboard with live alert feed and MITRE heatmap.

Wazuh SIEM Python Streamlit MITRE ATT&CK for ICS SCADA

Simulated full Rhysida attack chain using CISA Advisory AA23-319A TTPs. 15 custom Wazuh detection rules (levels 12–15) covering all 15 MITRE ATT&CK techniques across 10 attack phases. Full IR report with attack timeline, IOC analysis, and root cause analysis.

Wazuh MITRE ATT&CK Incident Response CISA Threat Detection

Post-incident GRC assessment of the 2024 Rhysida ransomware breach (791,784 individuals affected). 30 risks identified (12 Critical) across NIST CSF 2.0. HIPAA compliance at 63% non-compliance with $5M–$15M penalty exposure. Interactive Streamlit risk dashboard.

NIST CSF 2.0 HIPAA IEC 62443 NIST SP 800-30 Risk Assessment Streamlit

Third-party risk management framework built in response to the 2024 Rhysida breach. 15 vendors assessed across 3 tiers including Epic, Philips, Baxter, and Change Healthcare. Dedicated medical device OT vendor track with FDA 510(k) and SBOM requirements. 50-question vendor assessment questionnaire.

NIST SP 800-161 HIPAA IEC 62443 Vendor Risk TPRM Streamlit

SOC 2 compliance gap analysis of the 2022 LastPass breach. Findings mapped to SOC 2 Trust Services Criteria, NIST CSF, and ISO 27001. Interactive Streamlit compliance dashboard with control heatmap.

SOC 2 NIST CSF ISO 27001 GRC Compliance Streamlit

Enterprise data governance program for HCA Healthcare subsidiary. Built system catalog (200+ assets), retention schedule aligned to HIPAA/IRS/ERISA. Sponsored by CISO Mardiros Merdinian.

NIST AI RMF ISO 42001 HIPAA Data Governance Microsoft Lists

IEEE CONIT 2024 — CNN-LSTM Hybrid Model for Network Intrusion Detection
Published research applying deep learning to IDS classification. Presented at the 2024 IEEE Conference on Interdisciplinary Approaches in Technology and Management.

• 🎓 MS Cybersecurity — Northeastern University (2026)
• 🏆 CompTIA Security+
• 📄 IEEE CONIT 2024 — CNN-LSTM Network Intrusion Detection (published research)
• 🔬 Graduate Capstone — AI governance & data retention for HCA Healthcare (CISO-sponsored)

Seeking roles in AI Governance, GRC/Compliance, Cloud Security, and SOC Analysis. OPT/STEM OPT eligible.