Offensive Operator Security Builder

OFFENSIVE SECURITY | SOFTWARE | LEADERSHIP

Rohit Sah

Incoming Security Engineer Intern at Amazon and Computer Science student focused on offensive security, threat discovery, and resilient system design.

|

Email Me View Resume One-Page Brief Book a Call

rohit@security-portfolio:~

$ boot --profile rohit

About

What I Build

Security-first tools and workflows: detection logic, response automation, and developer security guardrails that reduce risk without slowing teams.

How I Work

I am offensive-security focused, using Nmap, Burp Suite, Nessus, and adversarial validation to find weaknesses, then hardening detections in Splunk, Snort, and SentinelOne.

Experience

Amazon Incoming Security Engineer Intern

Summer 2026 (Incoming)

  • Selected for Amazon's Security Engineering Internship in San Diego for Summer 2026.
  • Preparing for cloud-scale security operations, offensive testing workflows, and secure engineering practices.

Google Developers Group, TSU President

Nov 2025 - Present

  • Led secure-coding workshops around OWASP Top 10, Snyk, and GitHub security controls.
  • Implemented branch protections and CI checks, reducing misconfigurations by 40% (tracked via CI pipeline failure rate before/after branch protection rollout).
  • Built Python automation templates for secure development practices.

IVX Healthcare IT Security Intern

May 2025 - Aug 2025

  • Investigated 1,200+ endpoint and network alerts to identify anomalies and reduce noise.
  • Built and tuned detections in SentinelOne, Zscaler, Snort, and Splunk.
  • Supported incident response and recommended containment/remediation actions.

Tennessee State University Diversity and Inclusion Committee Lead

2025 - Present

  • Led inclusion-focused initiatives to improve participation and belonging in technical student spaces.
  • Organized technical events with mentorship and community participation goals.

Tennessee State University Peer Tutor (Python and Programming)

2024 - Present

  • Taught Python, Java, C/C++, and core programming fundamentals to undergraduate students.
  • Provided one-on-one debugging support and practical coding guidance for assignments and projects.

William Paterson University Cybersecurity Research Assistant

Feb 2024 - Jun 2024

  • Researched AI-driven attacks and defenses in cybersecurity and documented mitigation strategy insights.
  • Produced actionable recommendations to strengthen detection and resilience against weaponized AI attack paths.

Wins and Impact

0

Security alerts investigated

0

Misconfiguration reduction

0

TryHackMe and NCL rankings

0

President's List streak

Milestones 2024 - 2026

  • ICCSS 2024 publication: AI-driven Attacks and Defenses in Cybersecurity.
  • Ancestry History Makers Scholarship Recipient (2024).
  • Amazon Security Engineering Internship, Summer 2026 (San Diego).

Certifications Security Track

  • eJPT (2025), ISC2 CC (2024), Cisco Ethical Hacker.
  • Google Cybersecurity Professional Certificate.
  • Microsoft Security, Compliance, and Identity Fundamentals (SC-900).

Scroll Story Mode

A mission-style timeline showing how each phase built toward offensive and engineering depth.

Phase 01

Foundation

Built core programming discipline and systems thinking through tutoring and classroom projects.

Phase 02

Research and Threat Modeling

Studied AI attack paths and defensive controls, then translated findings into practical recommendations.

Phase 03

Detection and Response Operations

Investigated production-scale alerts and improved quality of triage and response playbooks.

Phase 04

Leadership and Scale

Led engineering communities and security workshops while preparing for Amazon security engineering.

Consistency Heatmap

Recent 6-month activity footprint across projects, learning, CTF prep, and writing.

Low
High

Tech Radar

Splunk

9/10 Detection and SIEM workflows

Burp Suite

8/10 Offensive web testing

Nmap

9/10 Recon and network mapping

Python

8/10 Security automation and tooling

Wireshark

8/10 Packet-level investigations

Snort

7/10 IDS signatures and tuning

Security Radar 2.0

Live CTF Feed

TryHackMe / NCL Activity

Loading activity...

Please wait while the feed initializes.

TryHackMe Profile

Rohit.Sah on TryHackMe

Hands-on offensive security labs, CTF practice, and continuous skill growth.

Open TryHackMe Profile

Interactive Threat Lab

Three mini labs for visitors: recon logic, web payload safety, and incident triage.

Recon

0

Web

0

Triage

0

Total

0

Question 1/5

Loading question...

Score: 0

Projects

Network Intrusion Detection Dashboard

Problem: Security data was hard to inspect quickly during triage.

Approach: Built an IDS dashboard with live protocol-level telemetry and suspicious activity views.

Impact: Faster anomaly visibility and clearer analyst workflows.

Tailwind CSS • JavaScript • Telemetry

Loading repo stats...

View on GitHub

Incident Response Simulation

Problem: Teams needed realistic IR practice with repeatable workflow.

Approach: Ran IOC correlation and packet/log analysis with Wireshark, Snort, Splunk, and MISP.

Impact: Improved response readiness and gap identification in detection logic.

DFIR • SIEM • Threat Intel

Loading repo stats...

View on GitHub

Compromised Password Detection Tool

Problem: Users lacked safe password-breach checks.

Approach: Implemented k-anonymity hash-prefix lookup against Have I Been Pwned API.

Impact: Detects compromised credentials without exposing plaintext passwords.

Python • API Security • Automation

Loading repo stats...

View on GitHub

AI Attack/Defense Research

Problem: AI-enabled threats evolve faster than traditional playbooks.

Approach: Studied attack patterns and defense controls, then published practical recommendations.

Impact: Produced actionable guidance for stronger monitoring and resilience strategy.

Research • Threat Modeling • Strategy

Loading repo stats...

View on GitHub

Case Studies

Deep dives with architecture, attack surface, and results for each project.

Network IDS Dashboard Case Study

Detection workflow design, telemetry schema, and triage impact analysis.

Open case study

Incident Response Simulation Case Study

IOC correlation process, log timeline reconstruction, and response maturity outcomes.

Open case study

Password Detection Tool Case Study

k-Anonymity design decisions, privacy-safe API strategy, and validation results.

Open case study

AI Attack/Defense Research Case Study

Threat model, attacker simulation patterns, and defensive control mapping.

Open case study

LinkedIn Highlights

Selected updates from leadership, internship milestones, and security work. Edit the cards below directly when you want to swap in newer posts.

Open LinkedIn Profile

OWASP Attack Reference

A quick-reference breakdown of the OWASP Top 10 — attack patterns I actively test for and build detections around.

Mini Tab

Select an OWASP item

Pick an item from the list to view a concise explanation.

Blogs

February 2026

Detection and Triage Notes

Operational notes on improving signal quality, analyst workflow, and incident response reasoning.

Blue Team
January 2026

Offensive Security Experiments

Short-form testing notes and observations from labs, tooling, and controlled offensive practice.

Offensive Security
View all on Medium →

Testimonials

"Rohit consistently combines hands-on security work with leadership. His ability to translate complex findings into clear actions stands out."

— Sarah M., Senior Security Engineer at IVX Healthcare

"He brings strong ownership to secure development and has a practical mindset for improving detections and reducing noise."

— Daniel L., Software Security Mentor at Tennessee State University
↓ Resume Let's Work Together Book Call