Aug 2023 – Present · 2 yrs 7 mos

• Vulnerability Management
• Led the firm-wide vulnerability management program in 2024, upgrading 50+ packages across 400+ applications, resolving 100+ CVEs and 5K+ findings, earning recognition from firm leaders for this impactful deliverable.
• DevSecOps
• Established the secret scanning process using GitLeaks, enabling application teams to integrate it into pipelines and local development workflows, aligned with the shift-left principle, and authored a runbook for triaging identified secrets.

Aug 2021 – Jul 2023 · 1 yr 11 mos

• InfosecHub
• Aggregated over 1M+ security findings across 650+ applications, integrating tools like dependency scan, DAST, SAST, and more. Features include advanced filtering, dashboards, and reporting, serving as the firm's central hub for vulnerability management and security compliance.
• Owned the end-to-end redesign of the application, transitioning from a GraphQL-based prototype to a relational schema and RESTful APIs, improving API response times by 4X (from 4s to under 1s) to handle growing data volumes and evolving requirements.
• DataFence
• Designed and developed a data scanner to detect confidential information for the firm and its clients in egress data, scanning documents against 500K+ keywords and regex patterns with 80%+ accuracy.
• Integrated the tool with Slack, Confluence, ZScaler, and Palo Alto, enabling it to process over 1M+ monthly alerts and reduce manual reviews by the security monitoring team to just a few hundred.
• Played a key role in implementing data confidentiality policies and became the team’s SME for design reviews involving data security and protection.
• Image Scanning
• Implemented a periodic image scanning process for production environments using the Trivy scanner to detect and mitigate threats in container images.

Feb 2021 – Jul 2021 · 5 mos

• InfosecHub
• Designed, developed and owned a feature-rich web application for Arcesium, built from the ground up, consolidating application security findings into a centralized hub.
• Built the APIs using Spring Boot with GraphQL, using Postgres as the data store with MyBatis as the persistence framework.
• The records of security findings were ingested into the system using an event driven architecture enabled through SNS, SQS, and S3.
• The application user interface was built using React with Zustand as the state management tool.
• Setup the CI/CD pipelines by contributing to the configurations of GitLab and Kubernetes. Also setup application monitoring by configuring logs, metrics and alerts on Datadog and ELK.

May 2020 – Jul 2020 · 2 mos · Hyderabad, Telangana, India · Remote

• Optimized the NGINX configuration change process by migrating the configuration templates from code to a data store. Evaluated Amazon DynamoDB and S3 for the use case. Saw a reduction in the need for deployments by 60% on historical release data.