Ryan Syed

http handler, auth avoider

Greater Chicago Area

About

Security practicioner interested in all things computing and math related. Chronic capture the flag player. Always looking for new things to learn. E-mail: rsyed.business404 [at] gmail [dot] com

Experience

  • Application Security Engineer I at ?
    May 2026 - Present · 3 mos

  • Offensive Security Engineer at Praetorian
    Mar 2024 - Mar 2026 · 2 yrs 1 mo

    • Conducted 20+ engagements, ranging from web applications, desktop applications, internal, and external assessments, identifying and documenting material risk on multiple Fortune 1000 clients • Developed and applied structured, PASTA-inspired threat models to guide testing strategy and prioritize high-impact risk areas early in engagement • Contributed 20+ pages to internal company documentation on tactics, techniques, and procedures related to cryptography and application security • Notable findings include insecure Java deserialization on a medical server, chaining misconfigured client-side controls to perform CSRF on GraphQL, and discovery of a six year-old backup allowing privilege escalation to domain admin • Maintained proactive communication with clients via daily status updates and produced high-quality reports, achieving an average NPS score of 9 • Provided formal and informal mentorship to junior engineers related to business processes and testing methodologies • Leveraged AI tooling and workflows to perform source code review and tool development

  • Argonne National Laboratory ()
    • Research Aide
      May 2023 - Aug 2023 · 4 mos

      • Developed vulnerable Docker container to leverage web application firewall (WAF) for detecting web application attacks • Developed WAF log parsing for the Autonomous Intelligent Cyberdefense Agent (AICA) to expand the agent’s knowledge graph

    • Intern (SULI)
      Jan 2023 - Apr 2023 · 4 mos

      • Implemented a quantum key distribution algorithm in the SeQUeNCe simulator • Contributed to a position paper on a taxonomy/framework for quantum information security • Regularly interacted and communicated with a team to discuss the development of the SeQUeNCe project and its roadmap

  • Intern (SULI) at Argonne National Laboratory
    May 2022 - Aug 2022 · 4 mos

    • Conducted a literature review on methods of querying knowledge graphs with free text or loosely structured queries • Developed Docker containers to create a virtualized test environment for the AICA agent • Built on the functionality of AICA to parse antivirus logs to extend the agent's knowledge in Python Source code: https://github.com/aica-iwg/aica-agent

  • Undergraduate Research Assistant at Lewis University
    Jun 2021 - Aug 2021 · 3 mos

    Worked on Feature-based Role Discovery in Networks under Dr. Piotr Szczurek. Involved extensive Python programming using math/data science packages like Networkx, Pandas, and SciPy. Research was presented at the 2021 SURE Symposium at Lewis University. Code currently not public.