Sep 2018 – May 2020 · 1 yr 8 mos · San Francisco Bay Area

• Added the support for X509 certificate based RBAC to access the Hadoop clusters for Threat Engineering.
• Implemented the NECMEC support for video classification from archives to find out the benign or malicious behavior.
• Successfully deployed the containerized service to integrate Okta based corporate identity with SSH logins to production servers.
• Added the Yubikey attestation support which verifies the signature of attesting certificates on the Yubikey.
• Architected the aggregation platform for managing the states of on-prem and cloud instances using AWS lambda, S3 and DynamoDb.
• Researched and implemented the organization wide SSH compliance scanning via Nessus agents.

Jun 2017 – Sep 2018 · 1 yr 3 mos · San Francisco Bay Area

• Designed and developed the mTLS interface for RA to issue short lived certificates for infrastructure services or production tools.
• Achieved transition of On-premise host based access control service to public clouds such as AWS. This covers more than than tens of thousands of production hosts.
• Integrated patterns for finding AWS Secrets, RCE, Permission Model breaches, and privilege escalation in Source code scanning tool.
• Developed the C library for cookie GDPR which is being used by all the customer facing
• services provided by Oath such as yahoo mail, yahoo media, AOL etc.
• Achieved SSH compliance in more than 50% of AWS land by writing audit files and running using Nessus Agents and Tenable.io in the organization.

Feb 2017 – Jun 2017 · 4 mos · San Francisco Bay Area

• Working in Yahoo paranoid team to develop industry wide security solutions.

Aug 2016 – Dec 2016 · 4 mos · Stony Brook, New York

• Teaching Assistant for Graduate Course CSE-509 : System Security for Fall 2016.
• Responsibilities:
• Helping students with Assignments and doubts on the topics. Evaluation and Grading of quizzes, homework, assignments and exams.

May 2016 – Aug 2016 · 3 mos · Mountain View, California

• Prototyping the Intel's Quick Assist Technology (QAT) based encryption and compression solution for offloading cpu-intensive compute to the hardware accelerators. This allows software applications and frameworks to take advantage of this offload seamlessly and transparently, achieving optimal
• performance with minimal changes to the application. The prototype helped in easing the storage and compute cost for heavy tasks such as crypto opeerations and compression or decompression.

Mar 2015 – Jul 2015 · 4 mos

• Research and development of the new Enterprise solutions based on Android framework. Innovate and ideate to make the solutions more effective and useful for the end users. Requirement discovery and collections from HQ counter parts, design and effectively implementing the solutions from the scratch. Unit testing and running static analyzer to generate static code analysis report.

Apr 2013 – Feb 2015 · 1 yr 10 mos

• Provisioning of Integrity management to Samsung Knox devices for all types of compromises like rooting, Source code breaching, malicious code injection, hacking software installation like malwares etc.

Apr 2012 – Mar 2013 · 11 mos

• Pretty Good Privacy(PGP).
• Responsible for the design and development of the OpenPGP security mechanism for the IMAP and POP accounts in the E-mail. Work involves the designing/discussing/implementing/testing of the module along with the technical research regarding the different Encryption Algos.

Jul 2011 – Mar 2012 · 8 mos · Mumbai Area, India

• I was responsible for Coding and Testing of Session Module (SM) of P-CSCF (handling of INVITE and other SIP Requests).