Jan 2023 – Aug 2025 · 2 yrs 7 mos · Hybrid

• Q1 2025 -> Q3 2025: Senior Staff Software Engineer, AI DevTools
• During my tenure on the security team, I had way too much code to write and not enough time - so I slowly started to invest in AI to build the tools I needed, eventually helping bootstrap the AI DevTools team on the side. I then took a larger detour to build this stuff and ... here I am.
• I help 2000+ engineers (and some non-engineers) get their jobs done via AI. I am accountable for outcomes, not effort. Work includes: AI agents in the CLI, IDE experiences, MCPs for internal services, automating common tasks with workflows.
• In a few months, we've already changed how the company approaches migrations, thanks to AI (something previously thought impossible).
• Q3 2024 -> Q1 2025: Senior Staff Software Engineer, Trust and Safety - Security
• Q1 2023 -> Q2 2024: Staff Software Engineer, Trust and Safety - Security
• Fixing company-level security problems:
• DRI for specific secrets management improvements
• Drove an effort to prevent privacy/security incidents by fixing legacy tech debt
• Internal access management improvements
• Shipped an authorization framework to hundreds of internal services
• Drove adoption of TLS1.3 across all services for FedRAMP compliance
• Co-drove a better engineering effort to improve code quality and shift left: wrote static analysis frameworks+checks, secure frameworks to prevent security bugs, and drove adoption.
• Built a general RPC validation framework to protect against DoS attacks
• Shipped various product security improvements:
• TLS based internode encryption in Spark (coming soon in the next release!)
• Support key management and propagation in the storage layer
• Improved mTLS support for communication between DP & CP
• Contributed to various efforts, including but not limited to: security design reviews, encryption in transit, fuzzing, taint analysis, dead code cleanup, secrets detection, internal access workflow security

Oct 2014 – Sep 2022 · 7 yrs 11 mos · Menlo Park

• 2021 - 2022: Staff Software Engineer, Dynamic Analysis
• Tech lead for the team. Defined and drove a multi-year strategy for fuzzing; which was used by our team as well as partner teams. Worked with customers to adopt fuzzing, built and scaled our infrastructure, simplified our developer tools; found ways to get better results. During this period, the team had its best year in terms of usage (teams and engineers) and bugs found. Explored other security and privacy applications to solve company critical problems (e.g. dynamic taint analysis for Hack code).
• 2018 - 2021: Software Engineering Manager, Dynamic Analysis
• Tech lead manager, grew the team from 1->7 engineers as we built out a new fuzzing platform to meet growing internal demand. Primarily focused on the team: supporting people / career growth, hiring, resolving conflicts, defining the team charter; spent the rest of my time on technical direction and collaboration across multiple organizations.
• Ended up building the team I always dreamed of working on as an engineer, and realized I wanted to be more hands on, so I went back to being an engineer.
• 2016 - 2018: Senior Software Engineer, Dynamic Analysis
• First engineer on the team; maintaining an internal detection system. Primary engineer responsible for Invariant Detector (IVD), which automatically learnt privacy rules and enforced them on every write to TAO (many millions/s). Lead a small team to make IVD a product, vastly increasing adoption. Worked with Instagram's security team to apply IVD to their codebase; unblocking a company-wide critical migration to secure user data - we received an IG-wide award for this work.
• 2014 - 2016: Software Engineer, Ads Reporting
• Worked on the ads and pages reporting backend team to deliver high quality realtime insights to advertisers. I owned large scale data migrations from a legacy backend to the next-generation one, and focused on scaling challenges. I also built out a backfill system for disaster recovery.

Oct 2013 – Oct 2014 · 1 yr · Menlo Park

• Designed and implemented usable, efficient security protocols for next-generation content-centric mobile networks. Owned the testing, simulation, and analysis of realistic scenarios on both physical and virtual devices; critical for DARPA acceptance of our code.
• This work lead to four conference publications, and the code was open sourced at https://github.com/SRI-CSL/ENCODERS
• Prototyped LLVM based application specialization.

Aug 2012 – Jan 2013 · 5 mos · Menlo Park

• Studying decentralized capability-based authorization protocols for content-based networks. This work was then continued when I joined as a full-time employee, and lead to multiple conference publications.

Aug 2011 – May 2013 · 1 yr 9 mos

• Teaching assistant for Discrete Mathematics (Fall 2011), Data Structures (Spring 2012) and Network Security (Spring 2013).

Jun 2011 – Jun 2013 · 2 yrs

• Research into computer networks, distributed systems, and data provenance. As part of my research duties I spent a semester at SRI International as an International Fellow.

Jun 2010 – May 2013 · 2 yrs 11 mos

• Advisor on technical aspects of software development, including research on new areas to expand the business.
• Handled system administration and overall maintenance of the IT infrastructure.
• Developed the initial line of software products; managed and advised on the development of the later line of products.