About me

Hi, I am Swetha, a cybersecurity engineer. I spend my days weaving together penetration testing, red teaming, cloud security, and IAM design. For me, every log feels like a clue, every vulnerability a plot twist, and every solution a way to close the story with a stronger, smarter ending.

I see cybersecurity as a story,once I step into it with every engagement, starting with reconnaissance, tracing the outlines of a system like the opening chapter of a mystery. Scanning follows, the plot thickening as hidden entry points reveal themselves. Then comes exploitation and post-exploitation, where theory meets action and each move rewrites the narrative. Finally, reporting closes the loop, turning raw findings into a roadmap for stronger defenses.

Somewhere in between the lines, you will usually find me with a cup of coffee in hand, chasing focus. And when the story winds down, biryani is home; it isthe comfort that reminds me why I do what I do.

What i'm doing

  • Web development icon

    Penetration Testing

    I perform the full pentesting process from start to finish, scoping out systems, finding ways in, and then writing up everything in reports that actually make sense!

  • Desktop development icon

    Red Teaming

    I get to play the bad guy and test the security of systems by pretending to be attackers, finding ways to get in and then helping teams fix the problems before real attackers can!

  • Console development icon

    Cloud Security & IAM

    I architect cloud security that is both secure and scalable, enforce secure access frameworks, design IAM policies, and harden cloud environments while still letting the business do its thing!

  • Photoshop icon

    Incident Response & Threat Hunting

    When things go sideways, I help teams figure out what happened, how it happened, and what to do about it. From analyzing logs to coordinating containment, I bring structure and speed to incident response likerooting out threats, minimizing impact, and translating technical findings into strategies stakeholders can act on.

Currently Hacking

HackTheBox

Pwning boxes & sharpening offensive skills

OSEP Prep

Advanced evasion techniques & C2 frameworks

Cloud Pentesting

AWS/Azure attack paths & misconfigurations

Malware Analysis

Reverse engineering & threat research

Resume

Education

  1. University of Maryland, College Park

    August 2023 — May 2025

    Master of Engineering in Cybersecurity [Minor: Cloud Engineering]

  2. Vignan's Institute of Information Technology

    August 2018 — May 2022

    Bachelor of Technology in Computer Science and Engineering

Experience

  1. Cybersecurity Analyst, Community Dreams Foundation, Remote,USA

    September 2025 - Present

    Executed web application penetration tests (Burp Suite, Nessus), identifying and documenting complex exploit chains for vulnerabilities like SQLi and XSS. ◦ Conducted post-breach analysis from an offensive perspective, re-creating attacker exploit chains to identify failed security controls and gaps in WAF/IDS rule configurations. ◦ Executed penetration tests based on ISO 27001 & PCI-DSS control families, demonstrating the real-world exploitability of theoretical access control gaps.

  2. Security Operations Center Analyst, University of Maryland Police Department, College Park, MD, USA

    December 2024 - May 2025

    Validated and improved SIEM detection logic by 30% by executing known TTPs (using Metasploit, PowerSploit) against a live lab to test rule effectiveness for Active Directory lateral movement. ◦ Authored adversary emulation plans based on MITRE ATT&CK to test SOC response and Tines (SOAR) playbook effectiveness, identifying and reporting gaps in automated containment. ◦ Collaborated with SOC analysts to hunt for APTs, applying an attacker’s perspective to log correlation (Active Directory, Wireshark) to uncover hidden attack chains.

  3. Project Engineer – Cybersecurity Specialist, Wipro Technologies, Bangalore, India

    September 2022 - August 2023

    Simulated adversary activity against AWS cloud infrastructure (targeting GuardDuty, Security Hub) to test and validate cloud detection capabilities for the SOC. ◦ Conducted penetration tests on live AWS environments, identifying and demonstrating the exploitability of critical data exposure risks via misconfigured S3 buckets and EC2 instances.

  4. Security Engineer, Ignited Sparks, Visakhapatnam, India

    July 2020 - December 2021

    Executed web application penetration tests (Burp Suite, Nessus), identifying and documenting complex exploit chains for vulnerabilities like SQLi and XSS. ◦ Conducted post-breach analysis from an offensive perspective, re-creating attacker exploit chains to identify failed security controls and gaps in WAF/IDS rule configurations. ◦ Executed penetration tests based on ISO 27001 & PCI-DSS control families, demonstrating the real-world exploitability of theoretical access control gaps.

Skills

Languages & Scripting

Python Bash SQL JavaScript PowerShell

Security Tools

Burp Suite Metasploit Nessus Wireshark Splunk Nmap

Security Domains

Penetration Testing Red Teaming Incident Response Threat Intelligence Network Security Cloud Security

Cloud & Infrastructure

AWS IAM Docker Kubernetes Active Directory

Platforms & Tools

Linux Windows SIEM SOAR Git VS Code

Certifications & Achievements

  • Cybersecurity Certification

    OSCP (Offensive Security Certified Professional)

    Certification

  • Cybersecurity Certification

    OSCP+ (Offensive Security Certified Professional+)

    Certification

  • Cybersecurity Certification

    CompTIA Security+

    Certification

  • eLearnSecurity Junior Penetration Tester

    eLearnSecurity eJPT

    Certification

  • AWS Certified Cloud Practitioner

    AWS Cloud Practitioner

    Certification

  • AWS Solutions Architect Associate

    AWS Solutions Architect Associate

    Certification