Mar 2021 – Sep 2023 · 2 yrs 6 mos · Bengaluru, Karnataka, India

• Cloud Security Leader
• Site leader for India Security operations, leading multiple security teams including Infrastructure security, Incident response, Vulnerability management, Appsec and Governance

Jan 2017 – Dec 2020 · 3 yrs 11 mos

• Lead Globalization and Security teams managing 10+ Engineers around the globe
• Handled incidence response/escalations and interfaced with various customers
• Involved in company wide audit representing Informatica
• Worked cross functional to make Security and Globalization part of SDLC

Mar 2015 – Jan 2017 · 1 yr 10 mos

• Pioneered and responsible for end to end security of core Informatica products
• Pen-Tested various web applications, web services, thick client tools developed by Informatica
• Developed tools and framework to help find security vulnerabilities in Informatica products
• Involved in design and POC of security features of certain Informatica products
• Brainstorm and help develop fixes for the security vulnerabilities found in Informatica product
• Authored Secure coding guidelines for C++ and Java programming languages
• Conducted static code scans, dynamic application scans and Third party library scans

Feb 2013 – Mar 2015 · 2 yrs 1 mo

Jan 2012 – Jan 2012 · 0 mo

• 1) Developed indicator-driven endpoint data collection and baselining tool to automate for security incidence response
• 2) Extended existing public cloud security monitoring tool to support
• private clouds
• 3) Reviewed PCI relevant network segmentation policies in firewall configurations

Aug 2011 – Dec 2012 · 1 yr 4 mos

• Gained hands on experience by working on some cutting edge security projects and world-class research involving both offensive and defensive forms of security.
• Exposure to various facets of security.
• Application Security related research and projects
• 1) Facebook analysis to study privacy and behavioral pattern - Worked as RA under professor Lorrie Cranor, Director of CyLab Security Department
• Developed node.js Server, facebook app using chrome plugin extensions, javascript, html and css.
• Secured communication channels between client and host using SSL and secured data in storage using RSA-1024 bit.
• 2) Web Vulnerability exploitations (cross site scripting, SQL injection, cross site request forgery)
• 3) Secure Coding in C – exploiting and mitigating buffer overflows, smashing a program stack,
• Network security projects
• 1) Hands on experience on firewalls(PCI,endian), network based IDS(Snort), host based IDS(OSSEC), log monitoring tools(splunk,kiwi syslog), network capture and monitoring( tcpdump, NTop, Wireshark), ARP and IP spoofing.
• 2) Penetration Testing using Metasploit.
• 3) Vulnerability assessment using Nessus, Open Vas.
• Security Forensics
• 1) Host Based Forensics Projects
• Led a project that involved compromising a host(using SSH bruteforce, SQL injections) and performing timeline forensic investigation of the victim using Tapestry
• 2) Network Forensics using nGrep, tcpdump, Wireshark.
• Cryptography and operations security
• 1) Building a secure PKI
• 2) Securing mails using GNU-PG privacy platform and digital signatures
• Systems Security
• 1) Linux Host hardening
• 2) Windows and Webserver hardening
• Malwares analysis
• 1) Performing volatile data investigation for detecting presence of Malwares
• 2) Published papers on malware detection and mitigation, techniques used by online fraudsters to shield identity

Jul 2009 – Aug 2011 · 2 yrs 1 mo

• RSA Israel
• Worked on eFraud Networks (EFN) and Adaptive Hosted applications
• Handled the entire test effort from requirement, design, development up to deployment
• Developed a dynamically data generating automation for functional, stress and performance testing
• Developed Web Services Automation using SOAP UI which was deployed across multiple applications
• Improved adoption rate by 15% within one year of the framework setup
• RSA India Domain: Enterprise Security and Event Management
• Worked on EventSource Integrator, enVision, Authentication Manager
• Developed a data driven automation framework for testing underlying APIs of an enterprise application
• Developed UI Automation framework using Selenium and corresponding test cases
• Worked on security protocols such as adaptive authentication, two-factor authentication, risk based authen- tication, knowledge based authentication, anti-phishing, and pharming products

Jul 2006 – Jun 2009 · 2 yrs 11 mos

• 1) Pioneered “White-Box Testing” framework within Informatica.
• Imf is a modelling framework that involved phenomenal architectural shift from service based architecture to model driven architecture.
• i did a white box testing of this framework . This framework provided reflective capabilities and the ability to serialize the object state into an xml file and deserilize it back . i led the C++ white box testing of all the exposed Api's , integration and scenario based testing depending on the use cases.
• 2) Developed automation frameworks based on C++ Cpp Unit lite capabilities.
• 3) Developed functional and automation test suites for Informatica PowerCenter that included components for per-forming Multi-threading, Cross platform, i18n, stress, longetivity testing, internationalization.
• 4) Performed Memory leak testing efforts(Purify) and code coverage analysis(Bulls Eye).
• 5) Led a team of 4 people, and mentored 2 fresh graduates