6
Universities
4
Projects
3
Activities
4
Work Exp.
Kishalay Masanta
Cybersecurity @ AUT | 2018
Cyber Security & Digital Forensics
Passionate about guiding students and professionals, I bring 5 years of experience in Information Technology. I hold a Masters in Cyber Security & Forensic Sciences from Auckland University of Technology and currently work as Cloud &Application Security Specialist at Bank of New Zealand.
Having navigated the challenges of higher education and ...read more
Applied Universities
Academic Details from Current/Recent University
Education
CountryNew ZealandUniversityAuckland University of Technology Intake2018DegreeMastersProgramCybersecurity SpecializationsSecurity Governance, Risk & Compliance, Network Security, Information Security Management, Digital Forensics & Incident Response, Cloud Security
Projects/Thesis
1
Cyber Security Proactiveness of University Students based on their area of expertise.Auckland University of Technology
I was involved in conducting a study to assess the level of proactiveness and awareness among university students regarding cyber and information security, based on the subjects they were studying. This research aimed to identify knowledge gaps and evaluate how well students understood fundamental security concepts, threats, and best practices. By analyzing their awareness levels, the study provided valuable insights into the importance of incorporating cybersecurity education into academic programs. The findings highlighted the need for basic cybersecurity courses to equip students with essential skills to protect personal and institutional data, enhance digital safety, and foster a security-conscious mindset in an increasingly digital world.
2
Security Analysis of Smart LocksAuckland University of Technology
The project involved assessing the authentication mechanisms used by smart locks to understand the level of security provided by different types of smart locks available in the market. This included analyzing the various authentication methods, such as PIN codes, biometrics, and Bluetooth, to evaluate their effectiveness in preventing unauthorized access. The assessment also focused on identifying potential vulnerabilities, such as susceptibility to hacking or physical tampering, and comparing the security features of multiple smart lock brands. The goal was to provide a comprehensive overview of the security capabilities of smart locks, helping consumers make informed decisions and improving overall trust in smart home technology.
3
Portable Weather Station PrototypeAuckland University of Technology
I was involved in developing a mini weather station prototype that incorporated multiple sensors, including UV, dust, temperature, and humidity, all embedded on an Arduino Uno microcontroller. The project involved selecting and integrating the appropriate sensors, writing the necessary code to process and display the data, and ensuring the system’s overall functionality. The weather station was designed to collect real-time environmental data, providing valuable insights into local atmospheric conditions. This hands-on experience helped enhance my skills in microcontroller programming, sensor integration, and data collection for real-world applications.
Part-time Work
1
Sales Team MemberKFC
Was involved in customer service and keeping a cheerful, friendly atmosphere among workmates and customers.
Application Profile
Skills
PCI-DSSISO 27001Cloud SecurityDigital Forensic AnalysisData PrivacyConsultingSAST & DAST
Test Scores
Exam TypeScoreIELTS7.5
Projects/Thesis
1
Vulnerability Assessment of Commonly Used Android Applications.Jain University
The project involved assessing the vulnerabilities and potential backdoor entries in the top 32 commonly used Android applications, using Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST). This included analyzing the source code and runtime behavior of the applications to identify security weaknesses, such as improper access controls, insecure data storage, and susceptibility to injection attacks. The goal was to uncover hidden vulnerabilities and backdoors that could be exploited by malicious actors, providing valuable insights for developers to strengthen security measures and ensure that the applications met best practices in safeguarding user data and privacy.
Extra-curricular Activities
01 President: Marcographia- The Photography Club
I was involved in leadership activities and trained new recruits for the club, helping them develop essential skills and confidence. I also took part in recruiting new members and mentoring them in photography techniques. Additionally, I organized photography events for the college, fostering creativity and engagement within the community.
02 Core Member: Crestas - The Forensic Club
I was involved in leadership activities and trained new recruits for the club, helping them develop essential skills. I also contributed to designing posters and magazines to enhance the club’s outreach and engagement. Additionally, I organized simulated forensic investigations for college students, providing hands-on experience in digital forensics and investigative techniques.
Work & Education
Work History
PresentJuly 2023(2Y, 1M) | Bank of New Zealand Security Specialist – Cyber Protection I utilize Wiz to monitor, assess, and enhance the security posture of multi-cloud environments across AWS and Azure, ensuring robust protection against emerging threats. I develop and implement automated security controls within Wiz, enabling real-time threat detection, continuous compliance monitoring, and streamlined remediation workflows through advanced dashboarding solutions. Additionally, I lead the implementation of Wiz automation as an open-source project at BNZ using Ansible, significantly improving operational efficiency and process automation. I also collaborate with the Application Security (AppSec) team to conduct Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST), proactively identifying and mitigating security vulnerabilities to strengthen application security. | |
June 2023October 2021(1Y, 8M) | Quantum Security Services Senior Cyber Security Consultant I led Governance, Risk, and Compliance (GRC) program reviews to align client programs with regulatory requirements and industry best practices, including PCI-DSS, ISO 27001, and SWIFT. My role involved directing technical programs, such as design reviews and cloud security posture assessments on Azure and AWS platforms, ensuring robust security frameworks. I developed tailored Information Security Plans and Policies covering data retention, classification, encryption, access governance, and incident response. Additionally, I assessed IT network and security architectures with a focus on identity management, access privileges, delegated administration, and workflow models. I also reviewed penetration test reports, assisted clients in remediating security gaps, and validated updated security infrastructure to enhance overall resilience. | |
September 2021April 2021(5M) | KPMG New Zealand Auditor – Technology Risk I assessed data migration and database security controls to ensure proper implementation and operational effectiveness, with a strong focus on the completeness and accuracy of stored information. This involved evaluating security services provided by vendors to confirm compliance with service level agreements and adherence to all security and regulatory requirements. Additionally, I ensured that system controls were designed and implemented in alignment with client requirements, supporting data completeness, accuracy, and integrity. I also conducted rigorous testing of database management systems to validate their ability to meet client needs, ensuring optimal database security, integrity, backup, reliability, and performance. | |
March 2021February 2020(1Y, 1M) | KPMG New Zealand Growth & Innovation Consultant Prepared Technology Research and Development Tax Incentive (RDTI) financial statements for presentation to management and shareholders, ensuring accuracy and compliance with IRD requirements. This involved conducting RDTI-related financial investigations, preparing detailed R&D reports, and advising on eligible projects for claims. Additionally, I provided assurance regarding the integrity of RDTI financial reports while introducing and maintaining systems to manage upcoming technology R&D expenditures. I also guided the selection and application of computer-based RDTI accounting systems, optimizing financial processes to support efficient claim submissions and regulatory compliance. |
Education History
September 2019October 2018(11M) | Masters Computer and Information Systems Security/Information Assurance • Auckland University of Technology | |
March 2018July 2015(2Y, 8M) | Bachelors Major in Digital Forensics • Jain University (Distinction (A+) Grade) |