KT

KSHITIJ TAPRE

Summary

Cybersecurity professional with a foundational background in digital forensics, risk management, and security operations. Experienced in conducting vulnerability assessments (VAPT), evaluating compliance gaps, and developing remediation strategies. Proven track record in IT/ISMS policy development, risk assessment, and mapping controls to regulatory frameworks including ISO 27001, GDPR, and RBI guidelines.

Education

Illinois Institute of Technology

Master of Science in Applied Cybersecurity and Digital Forensics

Excellence in Dissertation Research; Outstanding Student of the Year

2025

Xavier Institute of Engineering

Bachelor of Engineering in Computer Engineering

2022

Work Experience

Research Assistant

Center for Cybersecurity and Forensics Education, IIT

Aug 2025 – May 2026
Chicago, IL
  • Developed Digital Twin architecture for IIoT security monitoring using Kubernetes and Docker, detecting MQTT-based anomalies with an 85% detection rate using machine learning models.
  • Authored GRC policies for the acceptable use of Large Language Models (LLMs) aligned with the NIST AI Risk Management Framework (RMF).
  • Co-authored research evaluating machine learning models for IIoT network intrusion detection, focusing on empirical security testing configurations.
  • Designed a structured benchmarking framework to assess and audit LLM-based malware detection capabilities.

Work Experience

Instructor for AI Foundations

CPASS Foundation

Oct 2025 – Mar 2026
Chicago, IL
  • Designed and delivered an introductory AI/ML curriculum for 9th-12th grade students, covering Python fundamentals, basic model structures, and data ethics.
  • Developed hands-on projects and coding assessments to reinforce AI/ML concepts and problem-solving skills.
  • Mentored students on independent programming assignments and guided them through basic model deployment.

Work Experience

Software Developer & Business Analyst

ParishOnNet

May 2025 – Oct 2025
Chicago, IL
  • Conducted requirements gathering and gap analyses to translate stakeholder business workflows into technical specifications.
  • Evaluated operational risks during the MVP development phase to verify data handling practices adhered to relevant compliance guidelines.

Work Experience

Project Lead & Senior Fullstack Developer

Living Things

Nov 2022 – Dec 2023
Mumbai, MH
  • Led an engineering team designing a B2B IoT climate control network deployed across bank ATMs throughout India, ensuring alignment with infrastructure and compliance requirements.
  • Performed VAPT across the application stack to identify and resolve vulnerabilities.
  • Audited and updated system architectures to satisfy internal standards and regional financial sector deployment guidelines (RBI).
  • Managed DevOps CI/CD pipeline migrations, ensuring continuous integration and container deployment protocols were met.

Work Experience

Fullstack Developer (Internship)

Zyla Health

Mar 2022 – Oct 2022
New Delhi, DL
  • Maintained features on a chatbot platform for healthcare data management, adhering to data privacy requirements.
  • Developed data extraction pipelines used for behavior analysis while maintaining data integrity.

Projects & Publications

AI for Malware Detection

Implemented a machine learning model for JavaScript code deobfuscation to aid in automated static analysis.

Secure LLM Integration

Developed a policy framework for mitigating compliance and data leakage risks when integrating LLMs into corporate environments.

APT Attack Analysis

Analyzed a nation-state cyber attack targeting critical infrastructure, mapping behaviors to the MITRE ATT&CK framework.

MDPI Applied Sciences (2025)

AI-Powered Cybersecurity Models for Training and Testing IoT Devices

Master's Thesis (2025)

DevSecOps Digital Twin: Designed an ontology-driven knowledge graph for semantic reasoning of security vulnerabilities in the SDLC.

Technical Skills

Domains

IT Audit, GRC, Risk Assessment, ISO 27001, NIST RMF, VAPT, Application Security, OWASP Top 10, GDPR/DPDP

Tools

Wireshark, Burp Suite, Wazuh, Nmap, Metasploit, Nessus, Microsoft Entra, Git

DevOps/Cloud

AWS, Docker, Kubernetes, GCP, Azure, Terraform, CI/CD pipelines

Languages

Python, JavaScript, C++, Golang, R

Frameworks

React, Node.js, Django, Flask, FastAPI

Certifications

  • EC-Council: Certified Security Analyst (ECSA)
  • ISC²: Certified in Cybersecurity (CC)
  • Microsoft: SC-200: Security Operations Analyst
  • Hack The Box: Certified Bug Bounty Hunter (CBBH)
  • Google: Cybersecurity Professional Certificate
  • DeepLearning.AI: Neural Networks and Deep Learning

Contacts

+91 9158639011

kshitijtapre@gmail.com

linkedin.com/in/kshitij-tapre-840422a9/

Download Resume Download Thesis