Durgesh Gaurav
Cyber Security Professional
Leverage system and network security for protection against threats and vulnerabilities.
Passionate and dedicated towards cyber security solutions with artificial intelligence (AI)
for advance protection against general/custom/AI based threats.
"Dedicated to create and maintain a safe cyberspace for organizations and individuals.”
San Francisco, CA 94110 (M) 314.328.0302
(H)314.260.1577
RECENT RESEARCH: "Reverse engineering and vulnerability analysis using AI/machine learning to automate system and network security for advanced cyber protection".
Description: The research focuses on the reverse engineering of the malware and attack techniques for identification and neutralization to maintain a safe cyber environment by creating a better protection technique using AI against advance threats and vulnerabilities.
PERSONAL RESEARCH PROJECT:Virtual Security Analyst (Personal Project, Dec-2017): A self-defending network and system application which can make self-decisions to execute protection against suspicious activities or intrusions using machine learning/artificial intelligence.
Publication-Book
Gaurav, D. (2017). Learn how to defend against cyber-crimes, in just one day. Retrieved from
Technical Proficiency
Artificial Intelligence | Machine Learning |Natural language processing | Data Loss Prevention | Data De-Identification | Data Classification| End Point Protection | Threat Modeling | Advanced Threat Protection | Cyber Kill Chain | APT | Metasploit | Malware Analysis | Penetration Testing | Network Security | System Security | Digital Forensics | Cryptography | Vulnerability Scanning | Ethical Hacking | Risk Assessment
Computer Proficiency:Artificial Intelligence: / Windows, Linux-RHEL and Kali
Machine learning, Natural language processing,TensorFlow/Azure
Languages & Technologies: / CSS, Hibernate, HTML, Java Core (JSE) / Advance (JEE), JavaScript, JDBC, jQuery, JSON, JSP, MySQL, Python, Servlet and WebLogic Sever
Cyber Security: / Cyber Kill Chain|Threat Modeling & Protection | Penetration Testing-Metasploit framework,Burp Suite, etc. |IDS/IPS-SNORT | SIEM-Splunk, IBM QRadar|Vulnerability Scanner-Nessus / HPE Fortify & WebInspect /OpenVas |Port Scanner-Nmap|Endpoint Security- Symantec (SEP) 14| Symantec Advance Threat Protection (ADT)2x|Data Loss Prevention-Symantec (DLP)14|Console-McAfeeePO5.x|Data De-Identification |Data Classification-Boldon James | Risk management Framework-NIST SP 800-30rev-1 & SP 800-37 rev-1| Security Framework-NIST SP 800-53 rev-4|Honeypot-HoneyDrive | VPN protocols|Web Proxy-Bluecoat,Squid|Patch Manager-Solarwinds | Packet capturing and analysis-Wireshark, WinHex, TCPdump| Netflow-Colasoft Capsa Network Analyzer | Next Generation Firewall (NGFW)- Palo Alto|Web Application Firewall (WAF)-FortinetFortiWeb |OWASP Top-10 and other attack vectors|OSI Model| Protocols-TCP/IP, UDP, LDAP,SNMP, NetBIOS,Telnet, SSH, SSL, TLS, etc.| Static malware analysis-OfficeMal Scanner, BinText, CFF Explorer, PEview,PEStudio, Dependency walker |Malware behavior/Dynamic malware analysis- InetSim, and FakeDNS and other requiredtechnologies.
Digital Forensic: / FTK imager, EnCase, OSForensics, The Sleuth Kit(TST),and IrfanView
Durgesh Gaurav Page Two
Development Cycle: / Agile and WaterfallMiscellaneous: / Virtual computing-VMware, Hyper-V, Active Directory.
Professional Experience
PG&E-Pacific Gas and Electric (Contractor-KPMG)July 2018-Present
San Francisco, CA
Cyber Security Analyst
- Ensuring customer and employee data security against threats with data de-identification.
- Conducting data loss prevention with and implementing appropriate measures.
- Prioritize and data loss scan on repositories based on pre-defined criteria and policies.
- Analyzing potential privacy violations to identify false positives and policy violations with immediate remediation.
- Conducting SIEM scans and generating dashboard/reports.
- Identifying vulnerabilities through scans and penetration tests to report the issues.
- Scanning and Identifying Indicators of Compromise (IOC’s).
- Conducting OSINT and TECHINT reconnaissance.
- Performing threat intelligence and implementing Cyber Kill Chain defense against APT.
- Employing cyber modeling techniques to identify malicious threats and activities.
- Analyzing network traffic for malicious or abnormal activity for attack vectors.
- Identify adversary's Tactics, Techniques, and Procedures (TTPs) for technical mitigation strategies for preventing, controlling, and isolating incidents.
- Performing malware analysis using different malware analysis methodologies.
- Performing digital forensics to identify suspicious malicious content.
- Conducting intrusion detection and prevention. Performing log analysis and identifying malicious activities.
- Creating risk matrix as per defined criteria.
Apace Technology, Ghaziabad, UP, India 2011 – 2015
A software consultancy.
Software Engineer
- Assisted in gathering requirements, developing and testing software.
- Projects Undertaken:
- Created a desktop inventory control and management system application using Java SE and MySQL, for controlling inventory and monitoring resources.
- Developed and delivered a small number of micro-sites using JSP, Hibernate and MySQL for business support.
Education
Master of Science (MS), Cyber Security, Webster University, St. Louis, MO. 2016 – 2017
□ResearchTopic:
- AI based reverse engineering malware and vulnerability analysis for advance security and cyber protection.
□Course Projects:
- Analyzed application’s broken file format and corrected errors, regenerating evidence using digital forensics for assigned criminal case.
- Inspected assigned corporate breaches, identified possible root cause, and provided solutions based on investigation, resulting improvised digital security and mitigating against further violations.
□Training:
- Microsoft Certified Professional Program for Artificial Intelligence (in progress).
- Machine learning, deep learning, neural networks, natural language processing, and big data from Udemy.com.
- Ethical hacking, Threat intelligence, Metasploit, Advance penetration Testing, CISSP, and Security+ courses/certificates from Cybrary.it & Pluralsight.com.
Durgesh Gaurav Page Three
□Groups / Conferences: STL Cyber Meetup, Mastercard STL Cybercon, Gateway2Innovation for updated techniques and technologies.
□Volunteer Work: Secretary, Webster finance and investment club.
Bachelor of Engineering (BE), Electronics and Instrumentation Engineering. 2007 – 2011
Galgotias College of Engineering and Technology, Greater Noida, UP, India.
□Course Projects:
- Developed device called ‘Talking Hand’ to be used as a speaking medium by people suffering from Aphasia (speaking disability), involving a microcontroller and voice processor for major operations.
- Designed robot which could be controlled and operated by an insect, based on “Biomimetics” and intended for disaster recovery operations to save human lives.
- Created electro-mechanical arm, allowing to detect and pick up metals for multiple use.