▶ AVAILABLE FOR OPPORTUNITIES

Christopher
Cortes-Sanchez

Cybersecurity Engineer & Researcher

CS student at NYU Tandon with a Cybersecurity minor, graduating May 2026. I build secure systems, break vulnerable ones, and specialize in application security, offensive security, and threat analysis. Targeting SOC Analyst and Cyber Engineer roles.

Contact Me View Projects
Christopher Cortes-Sanchez
OPEN TO WORK

// work history

Experience

Peer Tutor
NYU Opportunity Programs
July 2023 – Present
  • Achieved a 100% course pass rate across 20+ students over multiple semesters by delivering individualized Python, Precalculus, and Calculus tutoring with targeted debugging walkthroughs.
  • Strengthened technical communication skills applied in security incident documentation and vulnerability reporting by translating complex code defects into structured root-cause walkthroughs for students.
  • Accelerated student comprehension across programming fundamentals and mathematical reasoning by designing and facilitating 50+ targeted practice exercises.
External Relations Committee Member
Society of Hispanic Professional Engineers (SHPE) – NYU Tandon
2025 – Present
  • Represented SHPE at the 2025 National Convention, competing in the cybersecurity challenge.
  • Coordinated external partnerships and outreach initiatives to connect members with industry professionals.

// selected work

Projects

🛡️
SafeBuyr – E-commerce Security Platform
Python · Flask · Docker · GitHub Actions
  • Demonstrated a 95% application risk reduction (37/100 to 2/100) by architecting a deliberately vulnerable e-commerce platform with 6 OWASP Top 10 vulnerabilities and a 1,200+ line automated 8-phase scanner with CVSS-based risk scoring.
  • Proved mitigation effectiveness across all 6 vulnerability classes by designing side-by-side vulnerable and hardened code paths with working proof-of-concept exploits targeting each attack vector.
  • Validated every security fix automatically on each push by hardening the application with bcrypt, parameterized SQL, CSRF tokens, output encoding, and security headers, enforced end-to-end via GitHub Actions and Docker.
View on GitHub →
☁️
AWS Cloud Security Posture Management (CSPM) Tool
Python · AWS · boto3 · GitHub Actions
  • Validated 26 CIS AWS Benchmark v1.5.0 controls across 5 services in a single scan by engineering a modular Python CLI tool with boto3, producing severity-scored HTML and JSON reports for rapid remediation.
  • Surfaced 4 real misconfigurations in a live AWS account, including disabled CloudTrail logging and a non-compliant IAM password policy, by deploying the scanner against an EC2 instance with a weighted 0–100 security scoring system.
  • Achieved 100% CI pass rate across 36 unit tests by mocking all AWS API calls with moto and integrating GitHub Actions to validate every scanner check on each push without requiring live credentials.
View on GitHub →
🍯
Honeypot Threat Intelligence Pipeline
Python · Elasticsearch · Click · Jinja2 · DigitalOcean
  • Identified a targeted Solana credential campaign and a Mirai-variant botnet dropper by building a Python threat intelligence pipeline with 12 analysis passes including botnet cluster detection and post-login SSH session capture.
  • Analyzed 193,139 live attack events from 6,713 unique IPs by deploying a T-Pot honeypot on DigitalOcean for 5 days across Cowrie, Dionaea, and Honeytrap sensors.
  • Surfaced actionable findings including 62,201 unique malware payload hashes, 8 botnet credential clusters, and Netherlands-hosted VPS infrastructure as the dominant attack source (37.4%) via automated HTML and JSON threat reports.
View on GitHub →

// technical arsenal

Skills

Languages & Scripting

Python Bash C JavaScript SQL

Security Tools

Wireshark Nmap Burp Suite pwntools Binary Ninja Suricata Kibana

Frameworks & Infra

Flask React Docker AWS MongoDB GitHub Actions

Security Domains

OWASP Top 10 Binary Exploitation Web Vuln Assessment Threat Intelligence Cloud Security CTF

// credentials

Certifications

🏆
CompTIA Security+
CompTIA · In Progress
🎓
Add Your Certification
Issuing Body · Year

// get in touch

Let's Connect

I'm actively seeking internship and full-time opportunities in cybersecurity, particularly SOC analyst and cyber engineer roles. Don't hesitate to reach out.

✉️ [email protected] 🐙 github.com/ChrisCortesSanchez 💼 linkedin.com/in/christopher-cortes-sanchez/
chris@sec:~$ whoami
christopher-cortes-sanchez

chris@sec:~$ cat about.txt
Role : Cybersecurity Engineer
School : NYU Tandon (CS + Cybersec)
Grad : May 2026
Status : Open to Opportunities

chris@sec:~$ cat interests.txt
- Application Security
- Offensive Security / CTF
- Threat Intelligence
- SOC Operations

chris@sec:~$