Jul 2018 – Apr 2021 · 2 yrs 9 mos · San Francisco Bay Area

• Built the security engineering team from ground up which is responsible for designing, building, implementing and operationalizing security platforms for the enterprise
• Led the vision and development of enterprise wide security platforms such as Services Security Platform, WebApp Security Platform, Authentication & Authorization Platform, Kubernetes and Container Security Platform, Secrets Management Platform, Vulnerability Management Platform, Security Event Management Platform.
• Envisioned and developed cloud security strategy, migration plans and enabled the modernization of the enterprise applications in Azure. Led the spotlight team to evaluate and implement security tooling on cloud in short span of time. Developed architectural blueprints for azure native services, custom developed apps/services deployed in cloud and third party apps.
• Led the adoption of DevSecOps practices and implementation of related tooling in CI/CD pipeline such as SAST, DAST, IAST, CIS benchmark, IaC verification etc
• Engage with internal teams for architecture reviews, threat modeling, providing security requirements, development of security standards etc

Apr 2017 – Jul 2018 · 1 yr 3 mos · San Francisco Bay Area

• Developed next-gen security platform to keep track of employee security posture. This platform calculated security score for each employee based on their behavior. The score was ultimately used to provision access automatically and to suggest what employees need to do to improve their respective score.
• Developed a platform to manage all 2fac authentication operations for over 30k+ employees
• Designed & Developed tooling for Vulnerability Management which could work at Scale. This included identifying assets in the network, identifying vulnerabilities and automating the remediation process.
• Secured Docker environment by developing services, by establishing content trust in internal
• registries, by setting up security scanners, and by defining & implementing detection rules.
• Actively working as Security Partner with different teams such as WhatsApp, Oculus, Facebook AI - doing code reviews, threat modeling and security design for their infrastructure security.

Mar 2016 – Apr 2017 · 1 yr 1 mo · San Francisco Bay Area

• Designed and developed of security framework to improve security posture of the company using machine learning which could detect malicious employee behavior and can block certain access.
• Developed security guidelines to onboard container technologies like docker, heroku with existing legacy systems. Founding member of the team responsible for adoption of docker and heroku in IT.
• Application Security in IT - Code Reviews, Configuring Scans, Trainings
• Work as security consultant within organization, working with other dept/teams providing security view of the application architecture, providing security requirements, and validating implementation of security controls.

Sep 2015 – Dec 2015 · 3 mos · Greater New York City Area

• Application Security - Threat Modeling, Vulnerability Management, AppSec Scanning (HP Web Inspect, Checkmarx). Closely working with developers to remediate vulnerabilities within SLA.
• Developed security libraries to implement Authentication & Authorization for internal apps and users

May 2015 – Aug 2015 · 3 mos · New York, New York

• Design & Implementation of security policies according to PCI compliance standards
• Working with partner banks & card management companies to understand their system architecture and then integrating Urban FT's product securely with their infrastructure
• Developed automated security testing and log monitoring to look for attack patterns
• Implemented SIEM, Secure SDLC and Network Security Practices.
• Offensive Security - Finding ways to compromise the infrastructure and application developed by the enterprise

Jan 2015 – Jun 2015 · 5 mos

• A Framework for Securing Software Update Systems
• The Update Framework (TUF) helps developers secure their new or existing software update systems. Software update systems are vulnerable to many known attacks, including those that can result in clients being compromised or crashed. TUF helps solve this problem by providing a flexible security framework that can be added to software updaters.
• My Role: Discovery & then escape from inconsistencies in package managers like pypi, debain, ruby gems, rpm

Sep 2014 – May 2015 · 8 mos

• Implementing security policies and protocols to ensure infrastructure and application security
• Developed crawling framework and scraping scripts to fetch data for big data analytics
• Created incident response plans, responding to attacks & mitigating security risks accordingly
• Developed security awareness & training program

Jan 2014 – May 2014 · 4 mos · Noida Area, India

• Developed scripts to scrape industry data for sales team to reach new clients, resulted in increase of 34% in sales
• Developed ERP to manage sales, customer relationships, accounting and generate reports which helped managers in decision making and strategy development

Aug 2012 – Jan 2014 · 1 yr 5 mos · Jaipur Area, India

• Configuring and managing cluster of web services and application servers
• Building robust network infrastructure to ensure scalability and security of applications
• Client interaction & understanding requirements to provide overall security solutions

Jan 2012 – Aug 2012 · 7 mos · Jaipur Area, India

• Discovery and analysis of authentication and authorisation flaws in large scale production environment using kerberos and ldap

Oct 2011 – Jan 2012 · 3 mos · Jaipur Area, India

• Requirement analysis, design & development of finance management software using Java, Swing & Oracle DB. It records student's financial activities to generates reports and alerts for administration department of the organisation.

Dec 2010 – Sep 2011 · 9 mos · Jaipur Area, India

• Analysis of network traffic and application behaviour to help IT managers making security policies Design and implementation of infrastructure for the services offered by the company