- Phone: +1 248 943 2251
- Email: [email protected]
- Website: melisasavich.com
- LinkedIn: melisasavich
- GitHub: m3lixir
- Google Scholar: deS7-_gAAAAJ
Cybersecurity professional with over 7 years of experience in research, development, and technical solutions for critical infrastructure security. Specialized in threat detection, vulnerability assessment, and system security, with proven success in delivering innovative solutions through R&D projects at Sandia National Laboratories. Experienced in optimizing digital experiences for businesses, leveraging AI and cloud-based technologies. Passionate about integrating cutting-edge security methodologies to drive efficiency and enhance cybersecurity defenses.
- 2020
- GPA: 3.9/4.0
- Notable Projects: Developed TDFF, a taint-driven firmware fuzzer for embedded systems, presented in thesis work.
- 2018
- GPA: 3.4/4.0
Sandia National Laboratories, R&D S&E, Cybersecurity
- June 2020 β Oct 2023
- Livermore, CA
- Developed an ensemble fuzzing system by integrating 5-10 fuzzers, which led to a 30% faster threat detection and 40% improved response times in critical infrastructure.
- Achieved 70-90% coverage on critical binary targets by optimizing AFL++ variants and applying custom mutation strategies, meeting stringent security and performance goals.
- Reduced debug time by 30% by enforcing coding best practices (e.g., code reviews, CI/CD pipelines) and streamlining backlog refinement efforts using Agile methodologies.
Sandia National Laboratories, Critical Skills Recruiting Program Fellow
- June 2018 β May 2020
- Albuquerque, NM
- Created a robust framework in the ICS/SCADA modeling platform for Data Acquisition (DAQ) using Hardware-in-the-Loop (HITL), reducing data processing time by 20% and strengthening infrastructure security.
- Conducted advanced research in cyber modeling and simulation using network topology analysis and vulnerability modeling, identifying critical risks in high-consequence networks and control systems.
Sandia National Laboratories, Intern, Cybersecurity R&D
- May 2017 β May 2018
- Albuquerque, NM
- Enhanced automated ELK dashboard deployment and monitoring within an ICS/SCADA platform by automating log ingestion, reducing detection time by 25% for cyber/physical infrastructure threats.
- Implemented and configured honeypots in an experimental cyber range, simulating advanced persistent threats (APT) and identifying vulnerabilities in intrusion detection systems.
- Sept 2016 β Apr 2018
- Ann Arbor, MI
- Courses: Introduction to Computer Security (EECS 388), Programming and Introductory Data Structures (EECS 280)
- Revamped Cybersecurity course content and hands-on projects by incorporating real-world threat scenarios and case studies, increasing student engagement by 15% and satisfaction by 20%.
- Led weekly sessions for 25+ students, simplifying complex programming concepts and improving course pass rates by 10%.
- Managed exam logistics for over 1,000 students, automating grading tools and coordinating exam locations, improving administrative efficiency by 25% and ensuring adherence to academic integrity.
- Expanded Stanford's MOSS plagiarism detection system with custom Python scripts, increasing detection accuracy and identifying 5-7% of projects as potential academic misconduct violations.
- Delivered daily support by answering 10+ curriculum-related questions on Piazza, using tracking tools to ensure timely and accurate responses, contributing to a dynamic learning environment.
- Administered exams for 300+ students, streamlining exam writing, testing, and grading processes through automation tools, improving exam logistics efficiency by 20%.
- June 2003 β Aug 2003
- Ann Arbor, MI
- Courses: Programming and Introductory Data Structures (EECS 280)
- Graded weekly lab assignments for 100+ students, ensuring adherence to course standards and providing constructive feedback that improved coding accuracy and problem-solving skills.
- Provided detailed feedback on coding style, promoting best practices in code readability and efficiency, helping students improve their programming skills in data structures.
- Jan 2016 β Dec 2016
- Ann Arbor, MI
- Conducted comprehensive literature reviews on data-driven methodologies, recommending key academic papers that directly supported the development of new research models and algorithms.
- Authored detailed summaries and data-driven analyses, providing insights that shaped ongoing research on algorithmic development and interdisciplinary problem-solving strategies.
- Sept 2015 β Sept 2016
- Ann Arbor, MI
- Provided technical support for faculty, staff, and students, troubleshooting computer and AV equipment issues, reducing system downtime by 20% through efficient problem resolution.
- Managed help desk operations and ticketing system for troubleshooting, improving resolution times by 15% and ensuring seamless equipment setups for faculty and classroom needs.
- May 2020
- Melisa K. Savich
- Master's Thesis, New York University
- Mar 2019
- Melisa K. Savich
- RSAC Security Scholar Poster Board Exhibition
- Dec 2018
- Jeremy Erickson, Shibo Chen, Melisa K. Savich, Shengtuo Hu, Z. Morley Mao
- IEEE Vehicular Networking Conference (VNC)
- July 2017
- Melisa K. Savich
- Office of Scientific and Technical Information (OSTI)
48 Flavors Ice Cream, Technical Solutions & Digital Experience Architect
- Nov 2023 β present
- Westland, MI
- Boosted food delivery platform orders by 55% in 1 year by redesigning the menus with AI-assisted item descriptions, improving SEO and user engagement, and enhancing e-commerce visuals using Canva.
- Optimized online presence by building and launching 2 websites using Google Sites and Square, managing the Google Business Profile, and integrating Google Analytics, Google Ads, Google Search Console, and 3 other Google products to increase online traffic by 25%.
- Streamlined the cake ordering system post-separation from Baskin-Robbins by configuring an automated 24-hour preparation time in the e-commerce platform, resulting in over 100 online orders in the first year and driving significant revenue growth.
- Programming & Scripting Languages: Python, Java, C/C++, Bash, JavaScript, SQL, Assembly (ARM/x86), Go
- Cybersecurity Expertise: Incident Response, Penetration Testing, Application Security, Malware Analysis, Reverse Engineering, Binary Analysis, Exploit Development, Network Security, Secure Coding Practices
- Vulnerability & Risk Management: OpenVAS, Metasploit, Wireshark, NVD (CVE), OSV (Open Source Vulnerability)
- Testing & QA Techniques: Black Box Testing, White Box Testing, Grey Box Testing, System Integration Testing, Regression Testing, Fuzz Testing, Unit Testing, Penetration Testing, API Testing
- CI/CD & DevOps Tools: GitHub Actions, GitLab CI, Travis CI, Docker, Terraform, Ansible, Infrastructure as Code (IaC), Continuous Security Testing, Automated Defenses
- DevSecOps & Security Operations: DevSecOps Practices, SIEM Integration, Vulnerability Scanning