VISHALRAAVI
M.Eng. Cybersecurity at UMD. I've spent 2+ years building production systems at CALCE — and breaking them to make them stronger.
Engineering at the intersection of System Design & Security
I'm an M.Eng. graduate in Cybersecurity (GPA: 3.88/4.0) from the University of Maryland, with a Graduate Certificate in Cloud Engineering and a background in Computer Science from GITAM University. For 2+ years I built and secured production systems at the Center for Advanced Life Cycle Engineering (CALCE) — containerized web platforms, REST APIs, and data visualization tools used daily by active researchers.
What sets me apart is the combination: I don't just build systems — I attack them too. I've executed full offensive kill chains in isolated CTF environments: black-box reconnaissance, SQL injection exploitation, webshell deployment, privilege escalation, and data exfiltration. Cloud security experience spans AWS infrastructure aligned to NIST CSF and CIS Benchmarks.
I'm actively pursuing the OffSec Certified Professional (OSCP) certification and looking for roles where security and engineering are inseparable — where building and breaking are the same job.
How I Think
Every system I build starts with one question: “How would I break this?” That attacker's lens — built through real offensive security labs — shapes how I architect, review, and harden every system I ship.
What I've Built
MOSTCOOL Reliability Web Platform
I rebuilt a legacy Windows-only desktop tool into a containerized web platform — one command deploys it anywhere, on any machine.
Challenge
Researchers at CALCE were locked into a Windows-only desktop app with no web access, no API, and no scalability. I needed to rebuild the entire system as a modern, deployable web platform.
What I Built
- →Built a microservice-decoupled React.js + Flask architecture with 8 REST endpoints
- →Designed a React Flow graph editor with 7 custom node types, 14 action types, and 6 parallel Map collections
- →Implemented brute-force DFS state enumeration (Python + NetworkX) — 2ᴺ states, capped at N=22 (4.2M evaluations)
- →Engineered multi-sheet Excel round-trip serialization via SheetJS (5 worksheets, full backward compatibility)
- →Wrote cross-platform Bash automation for Docker orchestration across ARM64 + x86_64
Impact
MOSTCOOL Research Platform
I built the entire public web presence for a federally funded research lab from scratch — automated software distribution, OWASP-hardened, serving 850+ downloads.
Challenge
The lab had no public web presence, no way to distribute software to researchers, and no support infrastructure. I designed and built the full platform from scratch.
What I Built
- →Designed a 10+ page responsive MPA: modal modules directory, team directory, timeline news feed
- →Built a Flask REST API integrated with GitHub Issues API for automated support ticketing
- →Engineered a gated ZIP download pipeline with GitHub Actions CI/CD + Gunicorn WSGI deployment
- →Remediated OWASP Top 10 vulnerabilities (XSS, Insecure Design) — input validation + CORS whitelisting cut production bugs by 50%
Impact
Scalable & Secure E-Commerce Platform on AWS
I designed and deployed a production-grade AWS architecture with defense-in-depth security at every layer — no single points of failure, end-to-end encryption throughout.
Challenge
I set out to build a production e-commerce system on AWS from scratch — handling variable load, eliminating single points of failure, and embedding security at every layer rather than bolting it on after.
What I Built
- →Architected a multi-tier HA system: ALB → EC2 Auto Scaling Group → Multi-AZ RDS (MySQL)
- →Configured AWS WAF with custom rule sets blocking SQL injection and XSS at the edge
- →Set up ACM for end-to-end TLS/HTTPS and KMS customer-managed keys (AES-256 at rest)
- →Deployed CloudFront CDN with custom cache behaviors for global content delivery
- →Designed a private VPC with public/private subnet segmentation, NAT Gateway, and Security Groups
- →Built full observability: CloudWatch dashboards + CloudTrail immutable API audit logs
Impact
Where I've Worked
Center for Advanced Life Cycle Engineering (CALCE) · University of Maryland
Full Stack Engineer
CALCE · University of Maryland · College Park, MD
- →Implementing a cross-module data integration layer using REST APIs to directly connect the reliability platform with other research modules, enabling real-time data sharing across tools and eliminating manual data entry between systems for a unified end-to-end analysis workflow
- →Built and launched the MOSTCOOL public-facing website (HTML5, Tailwind CSS, Vanilla JS) serving as the central hub for researchers and stakeholders to access software downloads, documentation, and team information — integrated Google Analytics 4 to track visitor engagement and optimize content delivery
- →Developed an automated support and distribution system using a token-authenticated Flask API and GitHub Issues integration, enabling users to submit issues directly from the website and securely download research software — replacing a manual process with a fully automated, access-controlled workflow
- →Conducted a full security audit of the platform codebase, identifying and remediating OWASP Top 10 vulnerabilities (XSS, Insecure Design) through input validation, CORS hardening, and DOM-safe content handling — reduced software defects by 50% and aligned the platform with industry security standards
Software Engineer
CALCE · University of Maryland · College Park, MD
- →Designed and built the MOSTCOOL Reliability Web Platform from the ground up (React.js + Flask) — modernized a legacy desktop application into a full-stack containerized web platform for analyzing the reliability and availability of data center cooling systems, accessible from any device with a single command; improved system response time by 50% through optimized serialization and backend request validation
- →Built an interactive visual modeling tool using React Flow — researchers construct and analyze complex system reliability diagrams through a drag-and-drop interface, eliminating manual calculations and reducing modeling time by 60%
- →Developed the underlying reliability calculation engine in Python capable of evaluating every possible failure state across large systems to compute exact reliability and availability metrics
- →Engineered a data export and import system using SheetJS — researchers save their complete work to Excel across 5 worksheets, share it across teams, and reload it with full fidelity including all diagrams, parameters, and configurations with no data loss
- →Built cross-platform Bash/Shell deployment scripts enabling the platform to be installed and launched consistently across ARM64 and x86_64 — removing manual setup steps and standardizing the researcher onboarding experience
Junior Software Engineer
CALCE · University of Maryland · College Park, MD
- →Built a cross-platform reliability modeling desktop tool (Python Tkinter, NumPy) — improved modeling efficiency by 60%
- →Developed a responsive website (HTML, CSS, JavaScript) with Google Sheets API as a lightweight serverless backend for research data
Academic Background
Master of Engineering — Cybersecurity
+ Graduate Certificate in Cloud Engineering
University of Maryland · College Park, MD
B.Tech — Computer Science
GITAM University · Bangalore, India
Offensive Security Practice
Documented attack chains & security research from isolated lab environments
OffSec Certified Professional (OSCP)
Certification In Progress · OffSec
Solo CTF — 6-Flag Full-Chain Exploitation
Full Kill Chain · RootENPM634 · University of Maryland
Attack Chain
Penetration Testing — CTF VM Exploitation
Black-Box PentestENPM634 · University of Maryland
- →Nmap enumeration (SSH/22, HTTP/80, SMB/139, SMB/445)
- →Wireshark credential capture — plaintext HTTP traffic exploitation
- →Hydra brute-force + lateral movement via SSH
- →Hex dump + CyberChef data exfiltration
Cloud Security Assessment — AWS
AWS · NIST CSF · CISENPM665 · University of Maryland
- →IAM trust relationship enumeration + audit
- →EC2 hardening: chmod -R 755 exposing .env + API keys, absent patch management
- →Missing iptables/nftables firewall + no IDS/IPS (Snort/Suricata)
- →SELinux in permissive mode (sestatus: Current mode: permissive)
- →Synthesized 6-domain risk report aligned to NIST CSF + CIS Benchmarks
Enterprise Security Assessment — Threat Modeling
STRIDE · DREAD · ISO 27001ENPM686 · University of Maryland
- →STRIDE threat modeling — mapped 16 vulnerabilities across 6 threat categories
- →DREAD scoring across 12 scenarios: DoS (7.8), Phishing (7.8), Credential Theft (7.6)
- →65+ workstations/servers assessed (Ubuntu 22.04, Windows 10, macOS)
- →$250,400/year remediation roadmap: Cloudflare WAF, Okta IAM, Splunk, HashiCorp Vault
- →Compliance gap analysis: NIST CSF, ISO 27001, PCI DSS, GDPR
Linux Infrastructure & SIEM
EK Stack · 17.4M+ LogsENPM818P · University of Maryland
- →2-tier LAMP stack (www-vm + db-vm): Apache2, PHP, MySQL, phpMyAdmin, WordPress
- →Least-privilege RBAC with ACLs + UFW firewall (SSH restricted to VM host IP)
- →EK Stack (Elasticsearch + Kibana) — 17.4M+ log entries indexed and queryable in real time
- →MySQL port 3306 locked to www-vm IP only (network segmentation)
LET'SCONNECT.
Open to full-time roles in Software Engineering, Security Engineering, and Cloud Security.