Jul 2023 – Jul 2025 · 2 yrs

• Working on a leading zero trust segmentation product ‘Guardicore Cloud Microsegmentation’ that provides agentless cloud-native visibility and enforcement for workloads running on AWS. Contributed to this 0-to-1 product, focusing on the delivery of critical visibility and enforcement features.
• Implemented end-to-end asset visibility features for AWS services, covering compute (EC2) and PaaS services (Lambda, DynamoDB, RDS, S3, ECS). Leveraged Kafka and RabbitMQ to decouple ingestion, processing and storage layers, ensuring a scalable and resilient system.
• Designed and implemented VPC Reachability to identify connected virtual networks across AWS environments, supporting multitenancy and improving visibility and connectivity analysis.
• Contributed to the real-time policy translation component, converting micro-segmentation policies into SG rules by dynamically identifying the enforcement points.
• Redesigned the policy component to allow the enforcement of multiple security groups per network interface, enhancing enforcement scalability and performance.
• Optimized policy enforcement time by 60% through parallel processing of segmentation rules and adding cache at critical code paths.
• Actively participated in code reviews, mentoring junior team members, and fostering a collaborative environment.

Jul 2021 – Jun 2023 · 1 yr 11 mos

• Worked on a leading zero trust security product ‘Enterprise Threat Protector’. My responsibilities included end-to-end delivery of features on platform and datapath components.
• Worked on security hardening of core components of Enterprise threat protector, enhancing product stability.
• Delivered SafeSearch & Restricted YouTube feature, which was instrumental in closing a major customer deal.
• Implemented JA3 bypass feature to reduce connection drops of certificate-pinned applications by detecting these connections using JA3, JA3s, and SNI signatures. This resulted in 30% reduction in connection drops, improving reliability and user experience for enterprise clients.
• Implemented an in-house log analytics system on Akamai's Linode Cloud, which enabled the decommissioning of Azure ADX and saved $90,000 cloud costs annually. The system utilized Kafka for streaming, ClickHouse for storage, and Grafana for dashboards.

Jan 2021 – Jun 2021 · 5 mos

• Part of Enterprise Threat Protection team. Worked on Subnet attack mitigation on Akamai Cloud

Jun 2020 – Jul 2020 · 1 mo · Bengaluru, Karnataka, India

• Part of Enterprise Threat Protection team. Worked on building trust store aggregator application.