×
About Skills Certifications Projects Competitions Education Experience Contact
Hi. My name is Sarah Lishin

And I'm

.profile { •------» ABOUT «------•.profile {


WHO:

Hello! I'm Sarah. I'm many things: A Mom. An InfoSec Analyst. A Learner of Things.

WHAT:

A Passion for Cyber Security and making the world a better place for everyone.
I'm quite excited to keep learning these new things and continue my journey.

WHEN:

Now! Everyday the Cyber Security landscape gets a little worse, and we need to work a little harder.

WHERE:

NYC - But The #SecurityMindset is Everywhere

WHY:

Seeing the world change so rapidly, and watching new technology and the
fumbles in the cyber security world and thought to myself,
'What could I do to make this better?'.

I want a world that is safer for my daughter, my family, and for everyone.

Let's work together to make that happen.

.ability { •------» SKILLS «------•.ability {


.certs { •------» CERTIFICATIONS «------•.certs {


    CISSP Issued September 2023 GIAC Certified Incident Handler Issued December 2021 CompTIA CySa+ Issued July 2020 CompTIA Security+ Issued August 2020
    Splunk Core Certified Power User Issued June 2022 Splunk Core Certified User Issued September 2020 Microsoft Azure Fundamentals Issued October 2020 AWS Cloud Practitioner Issued December 2020

.fun { •------» PROJECTS «------•.fun {


Rakhat

Rakhat


A Set of Custom-Built, deliberately vulnerable virtual machines designed to simulate a pen testing environment using a multitude of common exploits.
boxscanner.sh

Simple Box Scanner


A simple script to automate nmap, nikto, dirb, wpscan, and enum4linux scans. Additional scans to come.
SnapScreen

SnapScreen


A Linux GUI tool to take and name screenshots easily and more organized.
Evil_Eight

Evil_Eight


A CLI Game with a Spooky Take on the Classic Magic 8 Ball.

.irl { •------» COMPETITIONS «------•.irl {


SEC504 CTF Challenge

SEC504 CTF Challenge


CTF Covering the topics and techniques of Digital Forensics and Incident Handling.

Winning Group, OffSec Ops West 2021
Cyber Range CTF

CMD+CTL Cyber Range CTF


CTF focusing on common exploits such as SQL Injection and XSS.

Winning Team, June 2020
TraceLabs OSINT CTF

TraceLabs OSINT CTF


A CTF using OSINT to assist with real-life missing persons cases.

Top 30% Participant, July 2020

.learn { •------» EDUCATION «------•.learn {

Fullstack Academy Cyber Security Immersive
  • Computing and Networking
  • Virtualization
  • Linux
  • Python
  • Bash Scripting
  • Data Encoding
  • Information Gathering
  • Malware Analysis
  • Digital Forensics
  • Attack Frameworks
  • Web Frameworks
  • Firewall Bypass
  • Buffer Overflow
  • Scanning and Enumeration
  • Network Capture
  • Patching
  • Application Restrictions
  • Event and Incident Reporting
  • Whitelisting and Log Audition
  • Kill Chain Mapping
  • Network Configurations
  • Threat Identification
  • Threat Mitigation
  • Access Control and Policies
  • Compliance Policies
  • Incident Response
  • Vulnerabilities Management
  • Threat Management

.work { •------» EXPERIENCE «------•.work {


Match Group, Enterprise Security Analyst III


  • Implementation, Monitoring, and Analysis of Enterprise Security Systems and Logs
  • Review and Monitor SIEM and EDR, concurrent with Research and Testing of Security Processes
  • Document Processes, Procedures, and Collaboration on Comprehensive Reports and Outcomes
  • Lead Communications with Technical and Management Teams During Security Incidents
  • Develop Technical Solutions and New Security Tools, leading PoC’s
  • Monitor Bug Bounty Program, Threat Hunting Metrics, and User Behaviour Analytics
  • Mentor and Lead Security Analyst team for Specific Brands within Portfoli

Hinge, Enterprise Security Analyst


  • Analyze and Review Output for Infrastructure Security Systems
  • Review and Monitor SIEM and EDR, such as Splunk and Falcon
  • Document Processes, Procedures and Events
  • Collaborate Writing Comprehensive Reports, Outcomes, and Propositions
  • Assist with Configuration and Troubleshooting Security Controls
  • Communicate and Respond with Technical and Management Teams During Security Incidents
  • Support Triage for Bug Bounty Program
  • Research and Testing of Additional Security Processes and Products
  • Review New Threats and Exploits in the Security Community and Update Procedures Accordingly

TAD Associates, Senior Operations Coordinator


  • Managed Internal IT Projects, Work Scopes, and Daily Tasks
  • Collaborated with External IT Vendors for Management of IT Systems
  • Assisted in designing IT Best Practices and Procedures
  • Developed Proposal Pricing Matrices with VBA in Microsoft Excel
  • Maintained AP Database of 15+ data structures and Differing Vendor Requirements
  • Coordinated AR with Project Principals, Company Leadership, and Clients
  • Organized Workplace Events, Employee Retention and Training, and OnBoarding
  • Led Effort on Implementation of a Employee Mentorship Program
  • Oversaw Employee Certification Management and TradeShow Events
  • Managed HR, Payroll, Benefit and 401k Administration
-->