Select Page

Ashan Gamage

IT Consultant 

I have worked in many roles within information security, including vulnerability assessment, penetration testing, and performing security assessments in the last 5 years
in the US and overseas. In my latest experience, I have had a opportunity to work in a Digital Forensics role completing end to end investigations

 KEY SKILLS

• Work experience in Splunk and Tableau Data Analytics software tools.
• Experienced in Information Security and Identifying Cyber Threats (tool: Wireshark,TCPDump).
• Work experience in Cloud Forensics Investigation (tools: AWS SSM, Axiom Cyber, AWS Athena, Cellebrite Cloud Analyzer, XRY Cloud).
• Experienced in Network Penetration Testing, Vulnerability Assessment and port scanning (tools: NMAP, Nessus and Metasploit).
• Experienced in Reverse Engineering Analysis (tools: IDA Pro and WinHex).
• Experienced in Computer Forensics Analysis and Mobile Forensics (tools: EnCase, Axiom, Physical Analyzer, UFED Touch).
• Intermediate level in web development in HTML5, CSS3, Drupal, WordPress.
• Programming Language experience in PowerShell, Shell Scripting and Python Programming.
• Proficient with Adobe Photoshop, Illustrator and InDesign.
• Proficient in Windows Server, UNIX and Linux System Administration.
• Experienced in IT Risk Assessments and IT Governance, and implementing policy controls.
• Experienced in Monitoring network traffics.
• Experienced in IT Security compliance in infrastructure, applications, and database system technologies.
• Experienced in validates information security key controls

 WORK EXPERIENCE

 Deloitte Financial Advisory – Chicago, IL

 Digital Forensics Consultant

October 2019 – July 2020

• Performed forensics imaging on iOS and Android mobile phones for evidence preservation and investigations.
• Successfully transferred and monitored over 40Tb of data over AWS S3 buckets for a cloud forensics project.
• Created S3 bucket policies and IAM policies for console access and improved the over roll security of the project.
• Innovated two machines for remote mobile acquisition during the COVID19 season that lead to a mobile acquisition project.
• Analyzed and identified deleted user accounts and emails in a Windows Server and Office 365.
• Deliver risk program assessments, designed, and development services to assist clients to reach their business objectives.

 Bentley University CIS Sandbox – Waltham, MA 

CIS Sandbox Tutor (Research Assistance)

August 2018 – May 2019

• Redesigned the CIS Sandbox website for the Bentley University CIS Sandbox and implemented a new fresh look for the website.
• Tutored freshman and senior class students with their HTML, CSS and JAVA courses.
• Coordinated technology events and tech career events organized at the CIS Sandbox

Epsilon Crest (Startup) Colombo,Sri Lanka

IT Security Consultant

January 2018 – June 2018

• Upgraded Wi-Fi/network diagrams for five corporate environments.
• Trained six interns in Analyzing Network traffics and Network Penetration testing (Wireshark and Metasploit).
• Ran Firewall penetrations tastings in two corporate environments to improved firewall security (Nessus and Metasploit).
• Worked with Android Development team and designed the
ChatMall App (Agile Methodologies)

 Huston-Tillotson University-IT Austin, TX

 Systems Analyst

 January 2017 – August 2017

• Developed a new user interface (UI) for my.htu.edu and improved the user experience (CSS, JS and HTML).
• Enhanced Group Policy and Domain controllers’ security in order to improve Active Directory Security.
• Ensured the on premised systems are compliance to policies and system the security standards are enforced.
• Built
MBA and Office of International Programs (OIP) websites and conducted vulnerability assessment for the Huston-Tillotson University.
• Maintained strong and effective working relationships with peers throughout the organization and with multiple levels of management

American International Group Fort Worth, TX

 Cognitive Solutions Intern

June 2016 – August 2016

• Implemented the 1st Ready for Business Check automation for Courion Servers and expedited password rest time.
• Innovated a machine learning automation to check the health on Courion servers and takes corrective actions when necessary.
• Internship project led to savings up to $45,000 per year on Engineers side and about $60,000 on end-users side.
• Supported the communication and reporting on Service Now tickets to IT management and governance groups.
• Provided support to executing Risk and Control Self-Assessments (RCSA’s) and own the process prioritization methodology

 Teacher Retirement System of Texas Austin, TX

 Communications Intern

 January 2016 – May 2016

• Assisted with migrating TRS website into Microsoft SharePoint and Microsoft Azure Cloud.
• Created a risk assessment documentation for TRS website in order to enhance website security.
• Designed posters for TRS Help Desk Awareness project to improve their customer service.
• Coordinating business unit projects and activities related to third party relationships, information security and technology

 Skill Point Alliance Austin, TX

 Project Coordinator

 November 2014 – May 2015

• Managed a team of 15 high school students that created a mobile application that helps blind people to walk.
• Programmed sites visit and guest speakers for the team that improved students’ knowledge in software development.
• Built a team of 15 high school students into a fully functional startup company.
  

 Health4Life StartUp Austin, TX

 IT Security Analyst

 May 2014 – August 2014

• Developed and implemented risk management strategies to control risk-related costs
• Served as a team lead to identify vulnerabilities in physical security in 7 business environments & improved security
• Worked with 4 engineering teams on launching the website and presented the business platform to potential clients.
• Created the website security documentation and improved web site security that lead to savings of $20,000.
• Worked with network teams and analyzed network traffic for incident reporting in banking environments (Wireshark).

Ernst &Young LLP Colombo, Sri Lanka

IT Risk Assurance Consultant

 March 2013 – December 2013

• Assisted on analyzing vulnerabilities internal network diagrams and systems for 4 major banks in Sri Lanka
• Identified vulnerabilities in Windows & UNIX operating systems and documented them to improve business security.
• Worked with senior consultants in executing case studies and created presentations on bank audits.
• Executed scripts in various IBM AS400 & Windows Server operating systems to improve the functionality in systems.
  

 EDUCATION

• MSc in Information Technology focuses on Cyber Security
• BSc in Computer Science Huston-Tillotson University May 2017
• BSc in Business Administration in IT May 2013
• Network Security Certifications: Certified Ethical Hacker C|EH v6 (312-50 v6)
• Magnet : Reverse Engineering for Android Users