Jan 2022 – Jun 2024 · 2 yrs 5 mos · Remote · Remote

Dec 2020 – Jan 2022 · 1 yr 1 mo

• Product Security Ninja.
• I do development, tackling problems at scale.
• I always question myself, can I automate this ? and yes I automate this.
• Automation and DevSecOps at scale.
• Cloud & Kubernetes security architect.
• Yes playing with K8s day in and day out.
• Securing GCP cloud permissions at scale.
• Penetration Testing of web and mobile applications, that's my bread and butter.
• Did I forget to mention Terraform?

Nov 2020 – Present · 5 yrs 4 mos · India

• Making security uncomplicated again.
• Read all my zines at : https://securityzines.com

Nov 2020 – Jan 2023 · 2 yrs 2 mos · India

• Designing and Delivering various modules for Upgrad's PGD Cybersecurity course for experienced professionals.

Jun 2019 – Dec 2020 · 1 yr 6 mos · Bangalore

• Invented a patent and trade-secret with Visa.
• Experience in writing Checkmarx SAST Audit Queries.
• Develop processes and implement tools and techniques to perform ongoing security assessments of the environment.
• Analyze security test results, draw conclusions from results and develop targeted testing as deemed necessary. Also perform secure design reviews as required and provide necessary feedback.
• Led and implemented a project for internal IAM application which helps in tracking UAR (User access review). Designed and implemented this solution from end to end. Micro-service architecture, Java Spring-boot and Spring-cloud, entire CI/CD automation using Jenkins.
• Automated various scanning and reporting flows with Python.
• Delivered various security trainings across various product development teams.

Aug 2018 – Jul 2019 · 11 mos · Bengaluru Area, India

• Invented a patent with Walmart.
• Work with internal teams to perform penetration tests on their staging operating systems, Network setups and Applications as necessary.
• Hold various workshops and CTFs to better understand state of art exploitation technique and how to mitigate them for product development teams. The highlighted of them were: Linux System Hardening & - System Binary exploitation and was also awarded for the same.
• Responsible for performing manual penetration testing and communicating findings to both Business and Developers, also help them to mitigate the issues.
• Provide guidance to development teams as SME for security as and when required.
• Work with development teams to validate, assess, understand root cause and mitigate vulnerabilities.
• File Integrity Monitoring that scales to 50K nodes few of which were legacy nodes.
• Administration portal for controlling Torbit CDN rules. Responsible for entire end to end design of this project.
• Public Cloud monitoring solution to continuously monitor public cloud deployments eg Azure and GCP under Walmart’s subscription and then generating alerts using Splunk SIEM.

Aug 2017 – Sep 2018 · 1 yr 1 mo · Bengaluru Area, India

May 2017 – Jun 2017 · 1 mo · Kanpur Area, India

• Worked at Cybersecurity Centre IITK Kanpur, under Dr Sandeep Shukla for carrying out research on SCADA systems.

Jun 2016 – Jul 2016 · 1 mo · New Delhi Area, India

• Worked at Samsung R&D Delhi, on the system for the identification of malicious webs server : Clientpot