Jun 2022 – Oct 2025 · 3 yrs 4 mos

• Designed and enforced full-stack AI/ML security architecture across the entire model lifecycle—from data ingestion and training to deployment and post-production—using secure-by-design and GDPR-aligned data minimization principles.
• Developed advanced AI threat models and deployed multi-layered defenses against FGSM, PGD, CW, DeepFool, and GAN-based adversarial attacks.
• Built production-grade AI Guardrails using NeMo Guardrails (Colang), Amazon Bedrock, and Hugging Face Transformers to ensure LLM safety, prompt filtering, and fairness alignment.
• Engineered a scalable MLSecOps pipeline integrating:
• Secure model deployment with model provenance tracking
• Red teaming automation (jailbreaks, extraction)
• Model scanning and adversarial validation
• Integrated AI workloads with SIEM systems (Splunk & ELK) for real-time anomaly detection, adversarial behavior alerts, and automated response orchestration.
• Applied Responsible AI tooling—SHAP, LIME, Fairlearn, TensorFlow Privacy, Model Cards—to enforce transparency, fairness, and compliance audits.
• Hardened containerized AI infrastructure (AWS, Kubernetes) with CI/CD-to-runtime protections, including API security, RBAC enforcement, image scanning, and eBPF-based monitoring.
• Major Projects & Achievements:
• Adversarial RAG Defense: Built a robust RAG pipeline capable of real-time detection of retrieval poisoning and embedding-level attacks, improving response latency by 40%.
• Internal AI Red Teaming: Designed and led an in-house LLM red teaming framework to simulate jailbreaks, prompt injection, model extraction, and prompt leaking attacks.
• End-to-End MLSecOps: Delivered a fully automated AI security pipeline integrating model registration, adversarial robustness evaluation, and secure inference enforcement.
• GDPR-Compliant AI Implementation: Embedded privacy-by-design and record-keeping workflows across AI development and deployment pipelines—aligning with GDPR Article 30, Recital 71, and ISO/IEC 42001 standards.

May 2021 – Oct 2025 · 4 yrs 5 mos

Dec 2018 – May 2021 · 2 yrs 5 mos

Oct 2017 – Nov 2018 · 1 yr 1 mo · Pune/Pimpri-Chinchwad Area

• ✅ Cloud & AWS Infrastructure
• Engineer-level experience in building, operating, and supporting AWS Cloud environments.
• Implemented IAM policies, user administration, security groups, and network ACLs for secure access control.
• Hands-on with core AWS services: EC2, S3, ELB, Auto Scaling, Route53, VPC, VPC Peering, VPC Endpoints, NAT Gateway, and NAT Instances.
• 📊 SIEM & Splunk Analytics
• Deployed and maintained Splunk in both standalone and distributed environments.
• Worked with Indexers, Universal and Heavy Forwarders for optimized data ingestion.
• Strong command of SPL: stats, eventstats, regex, replace, top, rare, chart, timechart.
• Developed visualizations using Pivot, dashboards, reports, and real-time alerts.
• Experience with Data Models, Tags, Event Types, Lookups, and inputlookup for structured analytics.
• 🌐 Networking & Routing Protocols
• Configuration and troubleshooting experience with Cisco Routers & Switches (4500, 6500, ASR1009, Nexus 2K/5K/9K).
• Deep understanding of EIGRP, OSPF, and BGP protocols.
• Customized BGP behavior using route-maps (Weight, Local Preference, AS-Path, MED).
• 📡 Financial Protocols & Market Feed
• Troubleshot stock market data feeds (NASDAQ, NYSE) over Multicast and FIX protocol (Financial Information Exchange).
• 🔥 Firewall & Threat Prevention
• Configured and managed Palo Alto P500, Juniper SRX 650, and Cisco ASA 5555 firewalls.
• Implemented TAP Mode, V-Wire Mode, U-Turn NAT, and both static/dynamic NAT.
• Applied Content-ID security (Antivirus, Antispyware, URL Filtering, File Blocking, WildFire).
• Setup SSL Decryption, Captive Portal, User-ID Agent, GlobalProtect VPN, and failover (Active/Passive).
• Deployed security policies using rules, dynamic block lists, and App-ID.

Dec 2015 – Sep 2017 · 1 yr 9 mos · Greater Jaipur Area

• 🌐 Advanced Networking & Load Balancing
• 🛠️ F5 Load Balancer & Application Delivery
• Implemented F5 deployment types: One-Armed, Two-Armed, N-Armed, and DSR architectures.
• Configured and managed F5 3900 LTM appliances using both TMSH CLI and web GUI.
• Setup and troubleshooting of Virtual Servers, Pools, Nodes, SNAT, SNAT Pools, Automap, and Persistence (Cookie-based & Source IP).
• Hands-on with OneConnect, SSL Profiles, iRules, iApps, and Forwarding Virtual Servers.
• Performed UCS backups, created QKView diagnostic files for support and RCA.
• 🌍 Routing Protocols & MPLS
• In-depth knowledge and hands-on with dynamic routing protocols: RIP, RIPv2, EIGRP, OSPF, BGP.
• Experience with MPLS technologies: CEF, VRF, LDP/TDP, Route Distinguishers (RD), Route Targets (RT), SHAM links, VRF Lite, PE-CE Protocols, BGP Cost Community, and LDP-IGP Sync.
• Configured static and default routes, route filtering, and policy-based routing.
• 🧠 Redundancy & Layer 2 Protocols
• Configuration of high-availability protocols: HSRP, VRRP, GLBP.
• Worked with Layer 2 technologies: VLANs, STP, MSTP, PVST+, VTP, as well as advanced architectures like vPC, VSS, VDC, and FEX.
• 📡 WAN & ISP Coordination
• Coordinated with ISPs and Telco providers for troubleshooting WAN link failures, latency, routing issues, and provisioning new circuits.
• 🔐 Enterprise Security & Access Control
• Conducted periodic security assessments of firewalls, IPS, VPNs, and network security infrastructure.
• Configured Cisco ISE for endpoint profiling, MAC Authentication Bypass (MAB), and 802.1X integration.
• Additional expertise with Palo Alto Firewalls, including:
• Access Control Policies (Rules)
• Static & Dynamic NAT
• Content-ID filtering (AV, Anti-Spyware, URL filtering, file blocking)
• Active/Passive Failover configuration

Sep 2014 – Aug 2015 · 11 mos · Noida, Uttar Pradesh, India

• 🧩 Core Cisco Infrastructure & Routing Expertise
• 🖧 Cisco Routers & Switches
• Installation and configuration of Cisco 2800/3800 series routers and 2950/2960/3750 series switches.
• Experience with configuring trunk ports, VLAN Trunking Protocol (VTP), and Layer 2/3 EtherChannel for high availability and redundancy.
• 🛰️ Routing Protocols & Redistribution
• Proficient in deploying and troubleshooting RIP, EIGRP, and OSPF protocols.
• Hands-on experience in route redistribution between different routing domains (e.g., EIGRP ↔ OSPF).
• 🔁 Redundancy & High Availability
• Implemented and configured HSRP, VRRP, and GLBP to ensure seamless failover and network resiliency.
• 🧱 Access Control & STP
• Applied Access Control Lists (ACLs) to secure traffic flows across interfaces.
• Designed and implemented Spanning Tree Protocol (STP) to avoid loops and maintain Layer 2 network stability.
• 📊 Network Monitoring & Observability
• Experienced with real-time network monitoring and fault management using:
• PRTG Network Monitor
• Nagios
• SolarWinds
• CA Spectrum, CA NSM, CA Nimsoft