Apr 2018 – Jun 2022 · 4 yrs 2 mos · Greater Seattle Area

• Leader of leaders role, responsible for creating and executing the overall engineering strategy and product roadmap for Security Assurance organization, including building leaders to lead teams to build tooling and automation to monitor and protect AWS cloud's internal control environment. Hire and develop technical leadership in the organization and lead cross-organization initiatives to enable AWS Security teams to pro-actively identify and remediate security/compliance risks. Expand the portfolio of internal and external security and compliance services/tooling. Lead teams to evolve/create systems and/or product solutions that are exemplary in terms of robustness, stability, scalability, and cost effectiveness.

May 2015 – Mar 2018 · 2 yrs 10 mos · Greater Seattle Area

• Responsible for leading teams to perform security deep dive assessments on Amazon's core cloud services to identify potential security and compliance risks. This involves engaging various service teams at Amazon to track identified security risks and provide recommendations to mitigate those risks. I also manage the automation & tooling program to automate manual compliance/security activities to reduce human effort/errors.

Jul 2013 – Apr 2015 · 1 yr 9 mos · Greater Seattle Area

Jan 2011 – Jun 2013 · 2 yrs 5 mos

• Responsible for leading and executing security and privacy client engagements, driving business development efforts, managing client relationships and providing technical and management oversight for all engagements. I interface with client’s technical, non-technical teams and C-suite executives to communicate engagement approach, methodology, status and present observations and recommendations. As a senior consultant, I am responsible for the complete engagement cycle from sales to closeout.

Nov 2008 – Jan 2011 · 2 yrs 2 mos

• Leading a team responsible for testing IPS/IDS devices for expected fuctionality, optimum performance, and security robustness. This involves reviewing requirements and design and setting up environment for testing IPS and leading efforts to setup and carry out attack scenarios for security testing, expected functionality and performance.
• This role also involves researching new tools and techniques for providing test coverage for new security vulnerabilities and carry out attacks for testing network devices in a controlled environment.

Jun 2007 – Oct 2008 · 1 yr 4 mos

• Quality and security testing of products and services using manual/automated tools. Testing IDS/IPS signatures for correctness and performance. Writing scripts for automation.
• My responsibility also includes finding, examining, reporting, and tracking software defects. Utilizing security skills in white box, black box environment to find security flaws in design and implementation. Helping the development teams to develop better security products by designing and writing test cases based on software requirements and design and providing constant feedback.

Jan 2006 – Jun 2007 · 1 yr 5 mos

• Worked as a Research Assistant on various security projects and research.