Jeet
// 00 — indexPittsburgh, PA40.4406°N · 79.9959°Wavailable for work

JeetVijaywargi

Cybersecurity × AI Engineer

Breaking systems so I can rebuild them smarter.

view work
get in touch
résumé.pdf

// 01 — about

I recently graduated from Carnegie Mellon with a Master's in AI Engineering focused on Information Security. I spend my time at the intersection of offensive security, incident response, and machine learning — from running ransomware recovery across 200 factory endpoints, to training an IDS that fits on a Raspberry Pi, to breaking passkey flows for fun.

GPA · CMU3.94
Dean's List7/8
TEDx views1.5k+
Endpoints recovered200+

education

Carnegie Mellon University

Aug 2024Dec 2025

M.S. Artificial Intelligence Engineering — Information Security

GPA 3.94 / 4.0

Boston University

Aug 2020May 2024

B.A. Computer Science · Minor: Business Administration

GPA 3.7 / 4.0Dean's List — 7 of 8 semesters

// 02 — experience

Building, breaking, and defending systems.

01Jun 2025Dec 2025On-site

SOC Analyst @ FalconEye Cybersecurity

  • Executed ransomware recovery protocols across 200 OT/factory endpoints, assisting IR to achieve a 3-hour RTO and rapidly restore critical production lines.
  • Centralized endpoint telemetry in Cortex XDR and authored Palo Alto firewall policies (inbound, outbound, NAT), reducing incident response latency.
  • Drafted incident response runbooks mapped to MITRE ATT&CK TTPs; validated resilient 3-2-1 backup architectures via recovery drills.
Cortex XDRPalo AltoMITRE ATT&CKSplunk
02Jun 2024Aug 2024On-site

Security Engineering @ Serene Pharma

  • Designed network topology for a multi-site Palo Alto firewall deployment, establishing a unified security baseline across facilities.
  • Modernized enterprise backbone to 1/10/40 Gb with redundant aggregation switches, eliminating single points of failure.
  • Ran a targeted risk assessment of enterprise backup practices and proposed a resilient offline-storage model with periodic restore testing.
Palo AltoNetwork TopologyRisk Assessment
03Jun 2023Aug 2023On-site

Cybersecurity & Infrastructure Engineering @ Serene Pharma

  • Replaced unmanaged legacy switches with centrally managed equipment in critical areas, improving visibility, troubleshooting, and uptime.
  • Automated endpoint provisioning using DUCKY scripts, cutting setup time ~80% and ensuring consistency.
  • Engineered a LangChain-powered Telegram bot ecosystem: semantic search for medical reps, plus a real-time factory status dashboard for executives.
LangChainTelegram Bot APIDUCKYNetworking

// 03 — projects

Selected work & research.

Dec 2025featured
SecurityResearch

Passkey Misbinding Vulnerability (18-739)

Demonstrated a critical WebAuthn logic flaw where manipulating client-side identity data during registration enables account takeover. Final project for Hacking & Offensive Security.

  • >Built full exploit pipeline using Flask + Docker + Python
  • >Automated IDOR attacks against the passkey registration API
WebAuthnFlaskDockerPython
repo
Dec 2025featured
SecurityResearch

Internal SQL Compromise: DFIR Reconstruction (14-823)

Group final for Network Forensics. Staged a fired-sysadmin insider threat: phishing → Meterpreter C2 on port 4444 → SOCKS pivot via proxychains → SQL injection against internal MySQL — then rebuilt the full attack timeline from Zeek, Suricata, and MySQL general query logs in SecurityOnion.

  • >Designed the attacker/victim lab behind pfSense segmentation
  • >Reconstructed C2 sessions and SQLi payloads from PCAP + Zeek notices
  • >Authored code-level + network-level mitigations from the DFIR findings
MetasploitSecurityOnionpfSenseZeekSuricataMySQL
May 2025featured
SecurityResearch

Metaspl-IoT: IoT Attack Suite (14-742)

Group final for Security in Networked Systems. Built a Metasploit-style attack suite against consumer IoT — deauth, credential brute force, and traffic manipulation against LIFX / Feit / AiDot smart bulbs, a Shark robot vacuum, and an Amazon Alexa. LIFX went fully exploitable; Alexa's 802.11w PMF held up.

  • >Drove deauth attacks on 2.4 GHz + 5 GHz bands (aircrack-ng, ESP32, Flipper Zero)
  • >Found LIFX bulb had no rate limiting and leaked credentials in plaintext
  • >Documented which vendors enforce PMF (802.11w) vs. which still ignore it
aircrack-ngESP32Flipper ZeroScapyWireshark
May 2025featured
AI/MLSecurity

Edge-Detect IDS for Raspberry Pi (14-757)

Final project for ML with Adversaries. Lightweight intrusion detection system on Raspberry Pi using PyTorch — aggregates raw PCAP into 25 normalized flow features and infers in real time.

  • >91.9% accuracy with a 1.2 MB model
  • >LIME-based interpretability + alert digests
  • >Reproducible training scripts included
PyTorchRaspberry PiLIMEPCAP
May 2025
AI/ML

Football Player Value Prediction on GCP (14-763)

Final project for Systems Tool Chain for AI. Built a PySpark + PostgreSQL pipeline on Google Cloud that ingests football stats, engineers features with window functions (dense_rank over season/position), and trains GLR-Gamma, Random Forest, and PyTorch NNs on GPU to predict player market value.

  • >PySpark on Dataproc joined multi-season stats into a single training table
  • >Compared Generalized Linear Regression (Gamma), Random Forest, and shallow + deep PyTorch NNs
  • >GPU training on Vertex AI; results visualized against actual transfer values
Google CloudPySparkPostgreSQLPyTorchVertex AI
May 2025featured
AI/MLFull-stack

Fridge AI: Agentic Meal Planning (14-789)

Final project for AI Business Modeling. Proof-of-concept agent that watches what's in your fridge, respects dietary constraints, and proposes meals you can actually cook tonight — built on LangFlow orchestrating Gemini with Exa Search and AstraDB for recipe memory.

  • >LangFlow pipeline: vision input → dietary filter → Gemini planner → Exa recipe retrieval
  • >AstraDB stores household preferences + past meals as long-term context
  • >Market sizing + unit economics modeled as part of the business case
LangFlowGeminiExa SearchAstraDB
May 2025
Security

Network Security Labs (14-742)

Five-lab sequence across the network stack: raw-socket packet crafting in C, OpenSSL PKI + OpenVPN deployment, and an OpenFlow firewall on Open vSwitch with a Ryu controller.

  • >Lab 1 — raw ICMP / TCP SYN flood crafting; validated SYN-cookie DDoS mitigation
  • >Lab 2 — TCP/IP & routing-layer exploitation on a Mininet topology
  • >Lab 3 — routed OpenVPN with OpenSSH bastion, subnet routing, CRLs
  • >Lab 4 — switch-stats-driven flood detection + rate limiting via Ryu/OpenFlow
COpenSSLOpenVPNRyuOpenFlowMininet
Dec 2024
SecurityResearch

Cyber Kill ChAIAn (14-761)

Final for Applied Information Assurance. Walked an Apache Tomcat target (CVE-2025-24813 — path traversal + insecure deserialization) through the full Lockheed kill chain, from reconnaissance to actions-on-objectives, and mapped defensive controls at each stage.

  • >Recon → weaponization → delivery → exploitation workflow, each with tooling (Nmap, CewL, John, Hashcat)
  • >Mapped kill-chain stages to MITRE ATT&CK and concrete blue-team controls
  • >Weaponized CVE-2025-24813 to land a deserialization-triggered shell
NmapCewLJohnHashcatTomcatMITRE ATT&CK
2024featured
Full-stackAI/ML

Automated Product Registration Bot

Telegram bot that tracks pharmaceutical product certifications for pharma operation — registers products, monitors expiry windows, and pings stakeholders across Telegram with multi-stage reminder thresholds.

  • >Multi-user conversation state machine (register / edit / delete / list) with 9-user allowlist
  • >Expiry scheduler fires at 365/180/90/60/30/15/7/1/0-day deltas
  • >AWS S3 for certificate storage, Heroku worker deploy via Procfile
Pythonpython-telegram-botFlaskAWS S3Heroku
2024
Full-stack

BUCrib

Modern social app for BU students — native mobile UI built with React, Appwrite, and TypeScript.

  • >Real-time social feed
  • >Appwrite backend + authentication
ReactTypeScriptAppwrite
repo
2023
AI/ML

ChessAI

AI agent that uses classical heuristics (minimax with α-β pruning) to compute the next best move in chess.

  • >Heuristic evaluation function
  • >α-β pruning for search efficiency
Java
repo
2023
AI/ML

Neural Network from Scratch

Neural network built from scratch in Java, training AI agents to fight in a field — tunable activation functions and depth.

  • >Custom activation functions
  • >Configurable network depth
Java
repo

// 04 — coursework

What CMU taught me.

M.S. in AI Engineering — Information Security. A blend of offensive security, network defense, and applied machine learning.

14-741Fall 2024

Introduction to Information Security

Security

  • ·Cryptographic primitives
  • ·Access control & authentication
  • ·Buffer overflows & memory safety
  • ·Tor & anonymity networks
  • ·Protocol analysis
14-742Spring 2025

Security in Networked Systems

Security

  • ·Socket programming
  • ·Link-layer & routing security
  • ·TCP/IP vulnerabilities
  • ·Software-defined networking
  • ·NIDS & DoS mitigation
14-757

Intro to ML with Adversaries

AI/ML

  • ·Adversarial examples (FGSM, PGD)
  • ·Evasion & poisoning attacks
  • ·Robust training defenses
  • ·Evaluating models under attack
14-761

Applied Information Assurance

Security

  • ·Security operations playbooks
  • ·Incident response workflows
  • ·Defense-in-depth
  • ·Vulnerability management
14-763

Systems Tool Chain for AI

AI/ML

  • ·ML pipelines & MLOps
  • ·Distributed training
  • ·Data versioning
  • ·Model serving & monitoring
14-789

AI Business Modeling

Business

  • ·AI product strategy
  • ·Cost modeling for ML
  • ·Go-to-market for AI
14-795

AI Applications in Info Security

AI/ML

  • ·ML for threat detection
  • ·Anomaly detection on telemetry
  • ·LLMs for security analysis
14-823Fall 2025

Network Forensics

Security

  • ·PCAP & flow analysis
  • ·Wireless & tunneling forensics
  • ·HTTP / web artifacts
  • ·Host-based evidence
  • ·Blockchain forensics
14-740

Fundamentals of Telecom Networks

Systems

  • ·Routing protocols
  • ·Cellular & wireless networks
  • ·SDN & traffic engineering
  • ·Performance modeling
18-780

Intro to Deep Learning (Pt. 1)

AI/ML

  • ·Backpropagation & optimization
  • ·CNNs & RNNs
  • ·Regularization
  • ·Practical PyTorch
18-739

Hacking & Offensive Security

Security

  • ·Exploit development
  • ·Binary reverse engineering
  • ·Web app pentesting
  • ·Privilege escalation
24-784Spring 2025

Trustworthy AI

AI/ML

  • ·Adversarial robustness (FGSM, poisoning)
  • ·Safe reinforcement learning (CMDP, CPO)
  • ·Reachability & control barriers
  • ·Fairness, privacy, causal reasoning

// 05 — stack

Tools I reach for.

01Security
Cortex XDRSplunkWiresharkBurp SuiteMetasploitSecurityOnionPalo AltoMITRE ATT&CKNISTOWASP Top 10
02AI & Data
PyTorchTensorFlowLangChainNLPDeep LearningLIME
03Languages
PythonJavaCTypeScriptBash
04Cloud & DevOps
AWSGoogle CloudDockerLinux / UnixAutomation
05Databases
PostgreSQLNeo4jFirebaseMySQLSQL
06Concepts
Incident ResponseZero TrustThreat ModelingNSMDFIRLog Analysis
Cortex XDR ·Splunk ·Wireshark ·Burp Suite ·Metasploit ·SecurityOnion ·Palo Alto ·MITRE ATT&CK ·NIST ·OWASP Top 10 ·PyTorch ·TensorFlow ·LangChain ·NLP ·Deep Learning ·LIME ·Python ·Java ·C ·TypeScript ·Bash ·AWS ·Google Cloud ·Docker ·Linux / Unix ·Automation ·PostgreSQL ·Neo4j ·Firebase ·MySQL ·SQL ·Incident Response ·Zero Trust ·Threat Modeling ·NSM ·DFIR ·Log Analysis ·
Log Analysis /DFIR /NSM /Threat Modeling /Zero Trust /Incident Response /SQL /MySQL /Firebase /Neo4j /PostgreSQL /Automation /Linux / Unix /Docker /Google Cloud /AWS /Bash /TypeScript /C /Java /Python /LIME /Deep Learning /NLP /LangChain /TensorFlow /PyTorch /OWASP Top 10 /NIST /MITRE ATT&CK /Palo Alto /SecurityOnion /Metasploit /Burp Suite /Wireshark /Splunk /Cortex XDR /

// 06 — wins

Milestones along the way.

Speaker

TEDx Speaker

Selected from 50+ applicants to deliver a talk on mathematical concepts. Viewed 1.5k+ times on the TEDx YouTube channel.

Academic

Dean's List

Boston University — 7 out of 8 semesters, reflecting consistent academic excellence through undergrad.

Academic

CMU AI Engineering

Master's with a 3.94/4.0 GPA at Carnegie Mellon, focusing on AI × Information Security.

// 07 — talk

What if infinity was more than you thought?

TEDxYouth@TashkentIntlSchool

A student's take on infinity — from the math that defines it to the way it shows up in the choices we make. Delivered at TEDxYouth and viewed 1.5k+ times on the official TEDx channel.

open on youtubeted.com

// 08 — writing

Philosophy, on the side.

When I'm not breaking systems, I'm thinking about why we build them in the first place. Short essays on ethics, virtue, and the absurd — published on Medium.

EthicsDec 2024

John Stuart Mill's Utilitarianism: Maximizing Happiness and Its Limits

Explores Mill's Principle of Utility and argues that actions should maximize happiness while critiquing the claim that all desired things are inherently desirable.

AncientDec 2024

Socrates and the Inconsistent Triad: Virtue, Knowledge, and Teachability

Examines Socrates' view that virtue is knowledge but not teachable, contrasting this with the theory of recollection and questioning whether virtue can be instructed.

ExistentialismDec 2024

Camus and the Absurd: The Clash Between Human Desires and Reality

Analyzes Camus's concept that human existence is absurd due to the confrontation between our longing for clarity and reality's limits.

MetaphysicsDec 2024

Schopenhauer on Suffering: A Critique of Life's Worth and the Role of Desire

Examines Schopenhauer's pessimism that suffering stems from insatiable desires, countering that happiness can occur during activities rather than merely through desire fulfillment.

AncientDec 2024

Virtue, Happiness, and the Human Function: Examining Aristotle's Argument and Its Limits

Analyzes Aristotle's function argument linking virtue to happiness, questioning whether human function is truly unique and whether virtue is absolutely necessary for living well.

all essays on medium

// blog

Notes from the work.

Short-form writing on security research, AI, and whatever infrastructure rabbit hole I'm in.

2026-04-18· 1 min read

Hello, World — and why I build

read all posts

// 09 — contact

Let's build something.

Whether it's a security audit, ML collaboration, or just a good conversation — my inbox is open.

or email directly →