May 2025 – Present · 10 mos

• AI Agent for Security Validation: Built an autonomous agent powered by large language models to verify and triage findings from a DAST scanner. The system leveraged LLM-assisted reasoning to drive context-aware request replay, dynamic payload generation, and intelligent response interpretation, filtering out false positives, streamlining validation workflows, and enhancing detection accuracy across security pipelines.
• Runtime Container Security & Performance Optimization: Led the end-to-end integration of advanced runtime container scanning across dynamically provisioned Kubernetes clusters in a public cloud environment. Architected and validated agent resource requirements, developed custom Helm-based deployment solutions, and integrated secure credential management, establishing a robust and scalable security baseline for containerized product deployments.

Jul 2023 – May 2025 · 1 yr 10 mos

• Zero-Day Vulnerability Detection: Built and operationalized an automated zero-day alerting platform, enabling rapid detection and notification within hours of public disclosure. Successfully identified and reduced exploitation risk across critical platforms including operating systems, enterprise applications, and network hardware.
• Shift-Left Container Security: Designed and implemented shift-left security pipeline integrating multiple vulnerability scanning solutions including Wiz, Snyk, Prisma Cloud, and Invicti, standardizing reports and streamlining remediation workflows. Enhanced Jenkins workflows to automatically scan newly built container images, enabling early vulnerability detection and remediation ahead of production deployment.
• External Attack Surface Management (EASM): Developed automated tooling to identify and alert on newly exposed domains and potential subdomain takeover risks. Enhanced proactive security by integrating regular web application scanning using Burp Enterprise and Nuclei to detect and report vulnerabilities across external-facing assets.
• Enterprise VM Security Hardening: Significantly improved security posture of infrastructure VMs by introducing secure "golden image" standards in collaboration with infrastructure team, resulting in reduced vulnerabilities and more secure baseline configurations.
• Enterprise-Wide Vulnerability Management: Established continuous vulnerability scanning coverage across the entire data center infrastructure. Delivered comprehensive visibility into vulnerabilities, enabling proactive identification, reporting, and prioritization for remediation.

May 2022 – Nov 2022 · 6 mos