Ronit Gandhi
(Cybersecurity / DevSecOps / Developer)
M.Tech Cybersecurity @ Rashtriya Raksha University | AWS Certified | DevOps & Cloud Security (AWS/GCP) | Gdg Gandhinagar Community Core | Software Engineer (Python, React TS) | Linux | Building secure, scalable systems
About me
I'm currently pursuing my M.Tech in Cybersecurity at Rashtriya Raksha University, combining engineering foundations with real-world security expertise. My tech journey started during the COVID-19 lockdown when I fell down the Linux and IT rabbit hole—and it completely changed my career path toward cybersecurity and cloud engineering.
After completing my BTech, I have spent 1.7 years as a Software Engineer and System Administrator at Eleics Design (IoTdashboard.in) where I built IoT applications with Flutter, Python, and Angular TypeScript. Beyond development, I designed server architecture, set up CI/CD pipelines, and managed cloud infrastructure—basically wearing both DevOps and full-stack hats.
On the security side, I've been a part of various national-level cyber exercises like Bharat NCX 2025 and CII SECEX 2025 as a Red Teamer, simulating real attacks to test how well defenses hold up.
I'm an AWS Certified Cloud Practitioner and core team member of Google Cloud Community Gandhinagar. I'm also actively involved with CNCF User Group, HashiCorp User Group, and Open Source Weekend—all local tech communities in Gandhinagar where we're building the future together through meetups, workshops, and collaborative learning.
My technical toolkit includes: Python, React, TypeScript, Flutter, Linux, AWS, GCP, Azure, DevOps, Docker, Kubernetes, Ansible, Jenkins, ArgoCD, Terraform, Networking, and Cloud Security.
Experience
Software Engineer & Sys Admin
- Managed Linux server configurations, performed server hardening, and automated sysadmin tasks with Python to improve system security and reliability.
- Built and maintained cross-platform applications using Flutter and Angular, while contributing to back-end logic and front-end integration.
- Designed end-to-end solution architectures, aligning technical infrastructure with application needs for scalable and maintainable deployments.
Education
M.tech in Cybersecurity
B.tech in Instrumentation and Control
Projects
Atherius-AI
- Developed an advanced analysis tool leveraging AI and Natural Language Processing (NLP) to simplify the interpretation of complex network traffic (.pcap) and various log files like firewall, system, and ELK stack logs (.log, .txt, .csv).
- Features a user-friendly Next.js interface for submitting natural language queries and uploading files, coupled with a robust Python back-end managing the analysis workflow.
- Employs over 30 specialized Python helper functions for targeted data extraction, with AI dynamically selecting the most relevant functions based on the user's query.
- Incorporates an innovative "agentic feedback loop" where AI iteratively generates, evaluates, and refines analysis commands (like tshark for pcap & grep, awk, sed for logs) to optimize accuracy and relevance before presenting results.
- Presents findings in clear, human-readable markdown format alongside raw data, enhancing accessibility for users across different technical skill levels while ensuring data privacy through immediate deletion of processed files and prompts.
Automated CIS benchmark For Debian based linux
- Engineered an automated tool to perform NIST CIS benchmark compliance checks on Ubuntu and Debian-based systems, leveraging a secure and resilient microservices architecture (Dockerized Next.js front-end, Python back-end orchestrated with Docker Compose).
- Built with high availability in mind; the microservices design eliminates single points of failure, ensuring continuous operation.
- Facilitates user input of system credentials and target IPs through a Next.js UI (built with shadcn/ui and Tailwind CSS) or via CSV/Excel inventory files for batch processing.
- Prioritizes security by executing SSH-based compliance checks within ephemeral Docker-in-Docker containers, ensuring credentials and session data are immediately destroyed post-execution.
- Delivers results in a clear, formatted report highlighting compliant (green) and non-compliant (red) rules, complete with actionable mitigation steps to guide users toward full compliance.
- Simplifies updates and maintenance; modifications for new CIS benchmark rules require updating only the specific ephemeral container responsible for checks, allowing for seamless upgrades with minimal system impact.
Skills ✨
Ronit Gandhi
(Cybersecurity / DevSecOps / Developer)
M.Tech Cybersecurity @ Rashtriya Raksha University | AWS Certified | DevOps & Cloud Security (AWS/GCP) | Gdg Gandhinagar Community Core | Software Engineer (Python, React TS) | Linux | Building secure, scalable systems
About me
I'm currently pursuing my M.Tech in Cybersecurity at Rashtriya Raksha University, combining engineering foundations with real-world security expertise. My tech journey started during the COVID-19 lockdown when I fell down the Linux and IT rabbit hole—and it completely changed my career path toward cybersecurity and cloud engineering.
After completing my BTech, I have spent 1.7 years as a Software Engineer and System Administrator at Eleics Design (IoTdashboard.in) where I built IoT applications with Flutter, Python, and Angular TypeScript. Beyond development, I designed server architecture, set up CI/CD pipelines, and managed cloud infrastructure—basically wearing both DevOps and full-stack hats.
On the security side, I've been a part of various national-level cyber exercises like Bharat NCX 2025 and CII SECEX 2025 as a Red Teamer, simulating real attacks to test how well defenses hold up.
I'm an AWS Certified Cloud Practitioner and core team member of Google Cloud Community Gandhinagar. I'm also actively involved with CNCF User Group, HashiCorp User Group, and Open Source Weekend—all local tech communities in Gandhinagar where we're building the future together through meetups, workshops, and collaborative learning.
My technical toolkit includes: Python, React, TypeScript, Flutter, Linux, AWS, GCP, Azure, DevOps, Docker, Kubernetes, Ansible, Jenkins, ArgoCD, Terraform, Networking, and Cloud Security.
Experience
Software Engineer & Sys Admin
- Managed Linux server configurations, performed server hardening, and automated sysadmin tasks with Python to improve system security and reliability.
- Built and maintained cross-platform applications using Flutter and Angular, while contributing to back-end logic and front-end integration.
- Designed end-to-end solution architectures, aligning technical infrastructure with application needs for scalable and maintainable deployments.
Education
M.tech in Cybersecurity
B.tech in Instrumentation and Control
Projects
Atherius-AI
- Developed an advanced analysis tool leveraging AI and Natural Language Processing (NLP) to simplify the interpretation of complex network traffic (.pcap) and various log files like firewall, system, and ELK stack logs (.log, .txt, .csv).
- Features a user-friendly Next.js interface for submitting natural language queries and uploading files, coupled with a robust Python back-end managing the analysis workflow.
- Employs over 30 specialized Python helper functions for targeted data extraction, with AI dynamically selecting the most relevant functions based on the user's query.
- Incorporates an innovative "agentic feedback loop" where AI iteratively generates, evaluates, and refines analysis commands (like tshark for pcap & grep, awk, sed for logs) to optimize accuracy and relevance before presenting results.
- Presents findings in clear, human-readable markdown format alongside raw data, enhancing accessibility for users across different technical skill levels while ensuring data privacy through immediate deletion of processed files and prompts.
Automated CIS benchmark For Debian based linux
- Engineered an automated tool to perform NIST CIS benchmark compliance checks on Ubuntu and Debian-based systems, leveraging a secure and resilient microservices architecture (Dockerized Next.js front-end, Python back-end orchestrated with Docker Compose).
- Built with high availability in mind; the microservices design eliminates single points of failure, ensuring continuous operation.
- Facilitates user input of system credentials and target IPs through a Next.js UI (built with shadcn/ui and Tailwind CSS) or via CSV/Excel inventory files for batch processing.
- Prioritizes security by executing SSH-based compliance checks within ephemeral Docker-in-Docker containers, ensuring credentials and session data are immediately destroyed post-execution.
- Delivers results in a clear, formatted report highlighting compliant (green) and non-compliant (red) rules, complete with actionable mitigation steps to guide users toward full compliance.
- Simplifies updates and maintenance; modifications for new CIS benchmark rules require updating only the specific ephemeral container responsible for checks, allowing for seamless upgrades with minimal system impact.