Cybersecurity Engineer & NYU Graduate Student

Gagan Yalamuri

I design and automate defenses that close gaps faster than adversaries can open them. I am pursuing my M.S. in Cybersecurity at New York University (GPA 4.0) while securing global infrastructure as an Information Security Intern at Cantor Fitzgerald.

Reduced trusted-IP provisioning from hours to minutes across 6+ Azure tenants using XSOAR, Terraform, and GitHub automation.
Built Splunk-to-XSOAR containment that publishes network blocks to Cloudflare in under a minute with progressive quarantine policies.
Published post-quantum research and toolkits that help teams migrate PKI toward quantum-safe cryptography.

Email Download CV LinkedIn GitHub Medium

Security Experience

Operating at Cloud & SOC Scale

I thrive where automation, incident response, and infrastructure intersect. Below are highlights from roles where I built resilient pipelines, tightened cryptographic posture, and shipped defenses to production environments.

Information Security Intern

Cantor Fitzgerald · New York, USA · Jun 2025 – Present

Orchestrated trusted-IP lifecycle across 6+ Azure tenants through XSOAR, GitHub, and Terraform, eliminating configuration drift.
Shipped Splunk-to-XSOAR containment that enforces Cloudflare and EDL blocks in under a minute.
Implemented progressive 15-day and 30-day block policies with recurrence tracking to standardize threat decisions.
Built 15+ Python utilities and 5+ SOAR playbooks, saving roughly 200 hours of manual effort each year.
Automated SSL certificate renewals on F5 BIG-IP via AppViewX, preventing ~200 hours of repetitive work annually.

Open-Source Contributor

Secure Systems Lab · Brooklyn, USA · Aug 2024 – Nov 2024

Standardized release signing with CI checks for projects safeguarding ~$5M in assets, blocking 2048-bit downgrades and unsigned artifacts.
Resolved Git and build issues across complex repos (submodules, signer trust, key sizes), accelerating release cadence and reducing triage noise.

Cybersecurity Intern

Garrett – Advancing Motion · Bengaluru, India · Feb 2023 – Aug 2023

Integrated MISP and OpenCTI feeds for threat hunting, boosting investigation throughput by around 30%.
Hardened cryptographic communications for Mercedes ECU units to resist tampering and spoofing.
Prototyped a post-quantum X.509 migration path to future-proof PKI.
Scripted fleet management for 40+ servers, reinforcing SOC operations and reducing manual interventions.

Summer Intern

HCL Technologies Ltd. · Remote (India) · Jun 2022 – Aug 2022

Built an ML-based DDoS prototype (SVM, Logistic Regression) that achieved 94% detection accuracy at the SDN layer.
Classified over 100,000 simulated IPs to isolate spoofed sources with high precision.

Projects & Builds

Security Engineering in Action

I turn research and playbooks into shipping software. These projects span cloud security, security automation, and quantum-safe cryptography.

Securing Serverless Applications in AWS

Zero-Trust Framework · 2024

Built a hardened AWS serverless stack (Lambda, API Gateway, WAF, Security Hub) governed by Zero-Trust principles.
Implemented IAM least privilege, Secrets Manager integration, and tuned WAF rules to disrupt malicious traffic.
Delivered a compliance guide and risk assessment aligned with AWS best practices.

GitHub Blog Post

Post-Quantum Cryptography Toolkit (PQCT)

Python Package · 2024

Implemented Kyber KEM and Dilithium signatures with NumPy vectorization for a 40% performance gain.
Published on PyPI to help practitioners experiment with quantum-resistant encryption and signatures.
Extended the toolkit with a hybrid X.509 prototype to ease migration toward quantum-safe PKI.

GitHub PyPI

Splunk SOAR – Adaptive MFA Enforcement

Security Automation · 2024

Automated identity controls in Splunk SOAR to identify and notify accounts missing MFA.
Enforced a three-strike policy before automatically locking non-compliant accounts for InfoSec approval.
Drove MFA adoption across 1,000+ accounts while cutting manual IAM operations.

GitHub Blog Post

Offensive Security – Exploit Solver Scripts

Offensive Tooling · 2023 – Present

Developed 30+ solver scripts for exploit challenges (stack overflows, ROP, shellcode) with reusable payload builders.
Standardized exploitation workflows that shrink solve time from hours to minutes.

Research & Writing

Post-Quantum Cryptography Leadership

A Review of the Present Cryptographic Arsenal to Deal with Post-Quantum Threats

Procedia Computer Science · 2022 · Cited 50+ times

Analyzed readiness of classical cryptography for quantum adversaries and outlined migration paths for enterprises.
Co-authored with P. Honnavalli and S. Eswaran; paper is cited by industry and academic teams planning PQ transitions.

DOI ScienceDirect

Skills Stack

Capabilities Across the Kill Chain

Programming & Scripting

Python Go C/C++ Java Bash PowerShell PHP SQL JavaScript

Operating Systems & Cloud

Windows Kali Linux Ubuntu macOS AWS (EC2, S3, GuardDuty, Lambda) Azure GCP Kubernetes (GKE) Docker OT/ICS IoT

Red & Purple Team

Cobalt Strike PowerShell Empire Covenant BloodHound Mimikatz Binary Ninja Ghidra Pwntools GDB Strace

Recon & Vulnerability Assessment

Nmap Nessus OpenVAS Burp Suite OWASP ZAP SQLMap AppScan Metasploit Wireshark IDS/IPS

Detection Engineering & SIEM

Splunk Wazuh AWS GuardDuty CloudWatch Endpoint Detection & Response Custom Log Pipelines XSOAR Xpanse Cloud Suite Microsoft Sentinel

DevSecOps & Automation

Terraform Ansible GitHub Actions SAST/DAST Pipelines CloudFox Azure IAM API Integrations App Registrations

Frameworks & Methodologies

MITRE ATT&CK PTES OWASP Top 10 NIST SP 800-53 Cyber Kill Chain Threat Modeling Risk Assessments

Education & Certifications

Lifelong Learning in Security

Education

M.S. Cybersecurity · New York University · Sept 2024 – May 2026 (Expected) · GPA 4.0/4.0 B.Tech Computer Science & Engineering · PES University · Aug 2019 – July 2023

Certifications

AWS Certified Security – Specialty (In Progress) CompTIA Security+ (In Progress) Certified Ethical Hacker (Planned) CISSP (Planned)