█

Srikar Paida

Forever building, breaking, and learning | Active CTF Player

> hello there!

Greetings, individuals. I am Srikar Paida, a curious engineer who lives at the intersection of building and breaking. I write software, full-stack apps, backend services, and the occasional web server in pure assembly, and I bring a security mindset to everything I ship. Always asking questions, always solving CTF challenges, always trying to understand everything I can. Forever learning, building, breaking, building again, having no idea what I'm doing (like everyone else). I love binary exploitation, reverse engineering, and forensics.

> experience

Resilience Inc.

July 2025 - Present

Lead Cybersecurity Engineer

Dec 2025 - Present

▹Lead the cybersecurity engineering team, driving vulnerability management programs, coordinating cross-functional remediation, and mentoring junior engineers.
▹Oversee penetration testing engagements and security posture improvements across the organization.
▹Manage end-to-end patching workflows using CVSS-based prioritization and structured triage documentation, reducing unresolved critical findings.
▹Produce detailed vulnerability reports outlining remediation timelines, exploitation contexts, and risk ratings for engineering stakeholders and executive leadership.

Cybersecurity Engineer

July 2025 - Nov 2025

▹Executed web application penetration testing using BurpSuite, OWASP ZAP, Nessus, and manual techniques, targeting injection flaws, misconfigurations, and insecure API endpoints.
▹Validated and reproduced vulnerabilities using CVSS-based prioritization and structured triage documentation.
▹Produced detailed vulnerability reports outlining severity, business impact, and remediation timelines, and collaborated with engineering teams to verify patching and risk reduction.

LLM Security Researcher

Handshake LLC, MOVE Program

Sep 2025 - Nov 2025

▹Trained and fine-tuned large language models on graduate-level, reasoning-intensive cybersecurity problems.
▹Identified reasoning failure modes and safety boundary violations in LLMs by evaluating model outputs for adversarial susceptibility using CTF-style problem construction.
▹Evaluated model reasoning quality and iterated on training approaches, contributing to improved AI-assisted security tooling.

Graduate Teaching Assistant

University of Maryland, College Park

Jan 2025 - May 2025

▹Mentored and instructed undergraduate students in core cybersecurity concepts, security tooling, and regulatory compliance frameworks including HIPAA, CCPA, CPRA, and GDPR.
▹Organized and led hands-on lab sessions translating theoretical concepts into practical, real-world application.
▹Refined course content by facilitating discussions and collaborating with the professor, ensuring curriculum alignment with current industry standards.

Software Engineer

Integral Ad Science

Apr 2022 - Jul 2023

▹Reduced priority incident response time by 6% by serving as SME for API macro mapping, using systematic triage and root cause analysis to resolve recurring failure patterns.
▹Improved platform security and code quality by identifying and resolving critical codebase vulnerabilities via Cybeats SCA/SBOM and SonarQube, contributing to a secure SDLC.
▹Led the migration of the primary client-facing dashboard from AngularJS to ReactJS, improving performance and maintainability and resulting in a 3% increase in customer satisfaction scores.
▹Developed standardized, secure onboarding documentation that streamlined integration for new engineers.
▹Collaborated with cross-functional engineering and product teams across multiple time zones to coordinate feature releases and align on API integrations.

Cybersecurity Analyst

Capgemini

Aug 2021 - Mar 2022

▹Managed end-to-end deployment process for a mission-critical energy management system, coordinating with cross-functional teams to ensure successful production releases.
▹Conducted comprehensive vulnerability assessments on production systems, delivering risk-rated reports to enable proactive prioritization of security improvements.
▹Delivered detailed vulnerability reports to stakeholders on a regular basis, enabling risk-informed prioritization and ensuring proactive issue resolution.

Security Researcher

IIIT Allahabad

May 2019 - Jul 2019

▹Performed comprehensive research on Public Key Encryption in Cryptography, focusing on developing more efficient algorithms.
▹Contributed to the field of cryptography by authoring and publishing a research paper, and presenting findings at the IEEE CICT-2019 conference, leading to broader dissemination and recognition of improved cryptographic methods.

> projects

StructIQ - AI Construction Tracker

Full-stack VLM-powered video analysis system (FastAPI + React + Three.js + OpenCV + Claude Vision) for construction site monitoring; designed per-frame structured JSON inference and a multi-metric smart frame selection pipeline.

PythonFastAPIReactThree.jsOpenCVClaude Vision

Windows-based Command-and-Control Framework

Built a custom C2 framework from scratch in Python and C: a FastAPI server with HTTP channels and a lightweight Windows C agent for modular command execution and data exfiltration.

PythonCFastAPIWindows

Web Server in Assembly

A functional HTTP web server written entirely in x64 Assembly, handling GET and POST requests via raw socket calls. A study in protocol-level systems programming.

x64 AssemblyLinuxSockets

Penetration Testing Enterprise Systems

Identified and documented critical vulnerabilities by executing black-box penetration testing on Windows and Linux systems, producing comprehensive technical and executive-level reports that enabled stakeholders to understand and mitigate key security risks.

Kali LinuxMetasploitNmapOther Pentesting tools

> certifications & achievements

Certifications

SANS GSEC2026

GIAC Security Essentials Certification

SANS GFACT2026

GIAC Foundational Cybersecurity Technologies

Security+2024

CompTIA Security+

eJPT2024

eLearn Junior Penetration Tester

GCIH*2026

GIAC Certified Incident Handler (pursuing)

CTFs

Regular participant in Capture The Flag (CTF) competitions, focusing on diverse topics like binary exploitation, reverse engineering, forensics, OSINT and web challenges.

SANS Core NetWars Tournament - North America 2026Top 5

Tenable x AWS CTF 2026Top 10

UMD Startup Shell x IronsiteTop 10

StructIQ - VLM-powered construction site monitoring system

BSides NoVA 2025 CTF2nd place

Team: RandomHackers2

Amazon x WiCyS CTF 20257th place

SANS x WiCyS CTF 2025Top 10

WiCyS x SANS Scholarship 2025Recipient

Awarded to the top 65 cybersecurity professionals globally, recognizing outstanding performance in the SANS x WiCyS CTF and commitment

> skills

Engineering

Languages

PythonCJavaSQLBashAssembly (x64)

Web & Software Development

ReactJSAngularJSFastAPIThree.jsOpenCVREST APIs

Platforms & DevOps

LinuxWindowsDockerLXC/LXDGitAgileJiraConfluence

AI / LLM

LLM Adversarial EvaluationReasoning Failure AnalysisLLM Fine-tuningVLM Inference Pipelines

Security

Offensive Security

Penetration TestingVulnerability ManagementC2 DevelopmentReverse EngineeringBinary Exploitation

Incident Response & Forensics

Threat AnalysisIntrusion Pattern RecognitionCTF ForensicsIncident TriageCVSS

Security & RE Tools

Burp SuiteMetasploitNmapWiresharkOWASP ZAPNessusGDBGhidraIDA FreeBinary Ninja

> education

University of Maryland, College Park

Master of Engineering (M.Eng.), Cybersecurity Engineering

Aug 2023 - May 2025

GPA: 4.0

Indian Institute of Information Technology, Design and Manufacturing, Jabalpur

Bachelor of Technology (B.Tech.), Computer Science

2017 - 2021

> get in touch

I'm always open to discussing software engineering and security projects, collaboration opportunities, or potential roles. Feel free to reach out.

Send Message