Karan Dwivedi

DevOps Engineer

San Francisco, California, United States11 yrs 3 mos experience
Most Likely To SwitchHighly Stable

Key Highlights

  • Led security projects safeguarding over a billion users.
  • Mentored future cybersecurity leaders through training programs.
  • Authored a definitive guide for aspiring security engineers.
Stackforce AI infers this person is a Cybersecurity expert with extensive experience in incident response and security engineering.

Contact

LinkedIn

Skills

Core Skills

SecurityTeam ManagementIncident ResponseDigital Forensics

Other Skills

NegotiationProject ManagementCommunicationThreat HuntingPythonBash ScriptingLinuxCJavaC++Network SecurityPenetration TestingOperating SystemsC#PHP

About

Karan Dwivedi is a recognized cybersecurity expert. Currently, he serves as a security engineering manager at Google. Karan has led large-scale security projects at Google and Yahoo in the US for products like Google Search, Google Assistant, Yahoo Mail, Yahoo Finance, Flickr, etc, to safeguard over a billion users. At Yahoo, he was part of the security team responding to the world’s largest data breach. He is the author of the book “Kickstart your security engineering career” which is a definitive guide for anyone to looking to start a career in security engineering. Karan contributed to the latest internet standard for scoring vulnerabilities, the Common Vulnerability Scoring System (CVSS 4.0). He is featured in major media like Hakin9 Media Magazine, Forensic Focus News, etc. He has delivered talks at national and international conferences like Tech Ex North America, Tech Summit SF, BSides Las Vegas, National Cyber Summit, etc, to influence private and public sectors. Karan taught as a subject matter expert in the Google Cybersecurity Certificate program launched in May 2023 on Coursera, which had an enrollment of over 250,000 students. Furthermore, Karan has served as an advisor to startups, an editorial board member in international security journals, and judged global competitions. He holds a master’s degree in Information Security from Carnegie Mellon University, USA. His complete portfolio can be found at his website https://karand.me

Experience

11 yrs 3 mos
Total Experience
3 yrs 9 mos
Average Tenure
7 yrs 11 mos
Current Experience

Google

4 roles

Sr Security Engineer/Manager

Promoted

Apr 2022Present · 4 yrs

  • I've spend time in the last few years both as a security engineering manager and a technical lead. I've led 3 different teams as a manager simultaneously and large scale projects as an individual contributor.
  • Highlights as a manager:
  • 1. Defend Alphabet from security risks
  • 2. Mentor and train security engineers
  • 3. Lead technical work by setting strategy, making decisions and unblocking the team
  • 4. Develop people by holding regular 1:1s, career conversations, providing growth opportunities
  • 5. Contribute to hiring by interviewing, holding shadow sessions for new interviewers etc.
  • 6. Develop a sense of belonging by building a safe community to do productive work and drive business outcomes.
NegotiationProject ManagementTeam ManagementCommunicationSecurity

Senior Security Engineer (Tech Lead)

Promoted

Nov 2021Apr 2022 · 5 mos

  • Summary: Detection & Response at Scale to protect users and the internet from bad things.
  • Highlights of my current work:
  • 1. Successfully lead projects and set strategy across teams and business units to catalogue and mitigate threats to Google and its users.
  • 2. Mentor and train new hires in the detection team.
  • 3. Contribute to the detection codebase with high quality signals to indicate threats.
  • 4. Perform large scale investigations to remediate risk.
CommunicationSecurity

Security Engineer III

Nov 2019Oct 2021 · 1 yr 11 mos

Security Engineer II

Mar 2018Oct 2019 · 1 yr 7 mos

Yahoo!

2 roles

Technical Security Engineer I

May 2016Mar 2018 · 1 yr 10 mos · Sunnyvale, California

  • Responsible for Investigations and Incident Response tasks which include:
  • 1. Tracking intruders on the network using modern and experimental techniques at scale of 1 billion users per month
  • 2. Conducting and automating digital forensic analysis on hosts to determine root cause of an incident
  • 3. Searching and threat hunting - Migrated custom scripts and alerts to osquery
  • 3. Handling 24x7 on-call rotation for incident response
  • 4. Analyzing, triaging and verifying fixes of security vulnerabilities
  • 5. Filing mass security tickets for vulnerabilities affecting Yahoo infrastructure
  • 6. Bringing systems and network back to restore expected/normal operations
  • Skills Gained and/or Developed:
  • Large scale investigations (memory dump, system logs, disks), Responding to Incidents (information disclosure, phishing, exposed vulnerabilities/services, insecure configurations, DOS and DDOS attacks, Advanced dedicated threats), Threat hunting using various tools like Splunk, Google GRR and Carbon Black, Python and Bash scripting to automate forensic analysis, Effective leadership (C-level) briefing in writing and presentations, Mentoring new hires (1:1 as well as through monthly technical presentations company wide)
  • Certifications/ Trainings attended:
  • 1. GIAC GCIH (Certified Incident Handler)
  • 2. Carbon Black Introductory Analyst
  • 3. Encase Incident Investigations (IR-250)

Intern II Technical - Paranoids

May 2015Aug 2015 · 3 mos · Sunnyvale, California

  • Responsible for the following with Yahoo's security team - paranoids:-
  • 1. Aggregate all enterprise logs in a centralized location
  • 2. Develop intrusion detection mechanisms by automating analysis on the collected logs which have millions of events
  • Skills Gained and/or Developed:-
  • Big data technologies like Hadoop, Hive and Oozie, Bash Scripting, Python, Java, Splunk API

Honeywell

2 roles

Software Engineer

Jul 2013Jul 2014 · 1 yr · Bangalore

  • As part of digital video manager team which develops IP based security products (video management surveillance systems), my primary job function was to develop C++ components that aid in integration of new cameras from different vendors and Honeywell digital video manager system.

Project Trainee

Jan 2013Jul 2013 · 6 mos · Bangalore

  • Implemented information security modules (DPAPI, RSA, AES) in C# to facilitate secure communication between software and hardware (EBI Server and EBI client) components involved in a high profile security project for Honeywell access control systems

Innobuzz

Trainee (Distance Education)

Dec 2012Jan 2013 · 1 mo · Lucknow

  • Rigorous information security training covering topics such as footprinting, network scanning, steganography, cryptography, firewalls and intrusion detection/prevention systems, vulnerability scanning, penetration testing, incident handling and various attack vectors. This ultimately led to CISE (Certified Information Security Expert) Level 1 certification from Innobuzz, a NASSCOM and DSCI member company.
  • Certification Number: 30530
  • Verification Link: http://www.innobuzz.in/examination/verify/

Bharat sanchar nigam limited (bsnl)

Trainee

May 2011Jun 2011 · 1 mo · Lucknow

  • Grasped the implementation of telecom networks, principles of data transmission, signaling, digital switching, fiber optic (SDH and DWDM), broadband and NIB layouts, Intelligent Networks along with GSM and CDMA technologies

Education

Carnegie Mellon University

Masters — Information Security (MSIS)

Jan 2014Jan 2016

Manipal Institute of Technology

Bachelors — Computer Science and Engineering

Jan 2009Jan 2013

Seth M.R. Jaipuria School

Mathematics

Jan 1999Jan 2008

Stackforce found 100+ more professionals with Security & Team Management

Explore similar profiles based on matching skills and experience

Vikram Singh

Vikram Singh

Senior Manager

at Genpact

Faridabad, India13 yrs 5 mos exp
Cyber SecurityNetwork AdministrationNetwork SecurityRisk AssessmentSecurity Operations Center
Conor O.

Conor O.

Co-Founder & CEO

at OnSecurity

Liverpool, United Kingdom17 yrs 2 mos exp
ManagementPenetration TestingSecurityProduct Management
David Seidman

David Seidman

Head of Platform Security

at Plaid

Issaquah, United States21 yrs 2 mos exp
SecurityManagementSoftware Engineering
Vignu Bharath

Vignu Bharath

Manager

at ICON plc

Hyderabad, India11 yrs 6 mos exp
Cyber Threat Intelligence (CTI)Security Risk
TI

Taha Ibrahim

Senior SOC Analyst L2

at Spark Professional Services

Cairo, Egypt3 yrs 6 mos exp
DFIRLog AnalysisSecurity Operations
Assaf Keren

Assaf Keren

Member - Wall Street Journal Technology Council

at The Wall Street Journal

Draper, United States28 yrs exp
Cyber SecurityInformation SecurityProduct Management
Anirban Bain

Anirban Bain

Junior Security Researcher

at FireCompass

India3 yrs 3 mos exp
Cyber-security
Monica Malik

Monica Malik

Security Engineer

at NetApp

South Delhi, India10 yrs exp
CybersecurityInformation Security Management