Jun 2024 – Jan 2025 · 7 mos · Philadelphia, Pennsylvania, United States · Hybrid

• Reviewed and improved application and platform security processes to strengthen protection of the Verif-y™ web-based system.
• Defined and integrated a threat model to assess the overall security posture of the Verif-y™ ecosystem.
• Optimized SQL queries and normalized databases within a LAMP stack to improve performance and reliability.
• Built automated SQL reports for CEO-defined key performance and security metrics to support executive decision-making.
• Secured a public-permission Ethereum-based blockchain platform by analyzing access controls and attack surfaces to reduce security risk.

May 2023 – Sep 2023 · 4 mos · Gurugram, Haryana, India · Hybrid

• Reduced mean time to resolution (MTTR) by 20% for 30+ incidents by monitoring server performance with Dynatrace and leading the initial response for critical P1-P4 alerts.
• Tuned and implemented 10+ new correlation rules in Splunk, which directly contributed to the detection of the 30+ incidents mentioned above
• Communicated investigative findings and coordinated resolution strategy between multiple engineering teams during critical incidents, ensuring defensible documentation within ServiceNow for post-incident analysis
• Participated in disaster recovery (DR) planning and execution exercises, contributing to the validation and refinement of the firm's business continuity strategy.

Sep 2022 – Jan 2023 · 4 mos · Gurugram, Haryana, India

• Administered Identity & Access Management (IAM) operations via SailPoint IIQ, ensuring accurate role-based access provisioning.
• Investigated system vulnerabilities and led remediation efforts by applying targeted patches, reducing key infrastructure risks by 35%.
• Automated access workflows with scripts, reducing manual effort by ~40% and improving provisioning time.

Jan 2021 – Jul 2021 · 6 mos · Gurugram, Haryana, India

• Conducted vulnerability assessments on web applications using OWASP ZAP, identifying and documenting critical security flaws like Cross-Site Scripting (XSS) and broken access control.
• Engineered and deployed automated testing scripts using Selenium WebDriver, which enhanced regression testing coverage and reduced manual testing time.
• Assessed RESTful API endpoints for security vulnerabilities using Swagger/OpenAPI specifications, contributing to the overall integrity of the application's backend services.
• Authored and maintained detailed test plans and over 100+ test cases to ensure application functionality and security posture met project requirements.