Savannah Alfaro

Rochester, NY sea2985@rit.edu.com

Welcome to my online portfolio! Currently, I am a 5th year Computer Science BS/Computing Security MS student studying at Rochester Institute of Technology (RIT). I am seeking a challenging cyber security full-time position starting June 2024 that focuses on red team skill sets. Experience in monitoring network security, conducting vulnerability assessments, and penetration testing.

Education

Rochester Institute of Technology

Bachelor of Science/Master of Science
BS Computer Science
MS Computing Security
Undergraduate GPA: 3.8
Graduate GPA: 4.0
August 2019 - May 2024
Related Courses

Penetration Testing • Cyber Defense Techniques • Info Security Policy & Law • Web Server and Application Security Audits • Foundations of Intelligent Security Systems • Intro to Cryptography • Codes & Ciphers • Covert Communications

Experience

Advisory Red Team Intern

Security Risk Advisors
  • Conducted technical assessments including external, internal, web application, and physical assessments in addition to purple teams.
  • Documented assessments as a part of reports and status updates.

    • May 2023 - August 2023

    Security Analyst Intern

    Interactions LLC
  • Developed and administered programs including the Threat and Vulnerability Management Program and the Security Awareness Program.
  • Formulated policies, standards, and processes including the Threat & Vulnerability Standard and the Security Exception Request Process.

    • May 2022 - August 2022

    Software Engineer I

    Westelcom
  • Collaborated as part of a software development team to design and test applications for least cost routing and server licenses.
  • Programmed the rest APIs, databases, and web interfaces using Flask, SQLAlchemy, Hibernate, and ASP.NET.

    • May 2020 - July 2022

    IT Security Intern

    Erie Federal Credit Union
  • Utilized various tools such as Security Onion, Pwnie Express, and Rapid7 InsightVM to monitor network security, intrusion detection, and risk assessment as a part of the IT security team.
  • Assisted in security awareness training of employees, including developing a solution for a company-wide password manager.

    • August 2021 - December 2021

    Skills

    Programming Languages

    Python • Java • C • C++ • C# • MIPS Assembly

    Web Technologies

    HTML • CSS • JSON • SQL • Bootstrap

    Operating Systems

    MS Windows • Linux/Unix • Mac OS X

    Hard Skills

    Penetration Testing • Physical Security • Computer Networking • Network Forensics • Password Cracking • Cryptography • Risk Management • Artificial Intelligence • Machine Learning

    Software/Tools

    Kali Linux • Metasploit • Burp Suite • Nessus • Rapid7 • Ansible Docker • Nmap • Wireshark • Sqlmap • Wpscan • ExifTool • CeWL • Hydra • Hashcat • Wfuzz • OphCrack • Pdfid • Steghide • Git • Powershell • Bash • Weka

    Projects

    Malware Static Analyzer

    A simple analysis tool that aids in the recognition of malicious executable files by examining PE file headers, imported DLLs, and function calls.

    Detection is currently being improved by using various data mining techniques including neural networks, support vector machines, etc.

    January 2022 - Present
    SNMP Discovery

    Uses the SNMP protocol to figure out what port and switch a particular device is on, given a device's MAC address. Queries data from each switch using snmpwalk, AMAP, and link aggregation until the correct/predicted port and switch is found.

    December 2021
    Cryptography Toolkit

    Includes several useful algorithms for cryptography including Extended Euclidean, Square and Multiply, and Russian Peasant algorithm. Also includes scripts for Fermat's and Miller-Rabin primality tests.

    January 2022

    Activities

    Women in Computing at RIT (WiC)
  • Launched an initiative to increase graduate services and networks available to current students to help encourage women and gender minorities to further their education beyond the undergraduate level.
  • Previous Outreach committee head where we coordinated and engaged in K-12 activities within the community. Organized and ran multiple events including ROCGirl Hacks and After Hours.

    • August 2019 - Present
    Women in Cybersecurity (WiCyS)
  • Involved within RIT WiCyS meetings where we support the recruitment, retention, and advancement of women in cybersecurity.

    • August 2023 - Present

    Awards & Certifications

    • Dean's List as of Fall 2019
    • IBM Cybersecurity Fundamentals
    • Pennsylvania House of Representatives Citation
    • Pennsylvania State Grape Princess 2017-2018
    • Pennsylvania State Grape Queen 2018-2019
    • WiCHacks 2020 - Most Commercially Viable Product
    • WiCHacks 2021 - Best Domain Name
    • WiCHacks 2022 - Best Data Hack