May 2016 – Apr 2022 · 5 yrs 11 mos · San Francisco Bay Area

• Managed a wide range of security projects encompassing SCADA/ICS, IT/OT, IoT research, threat hunting, malware analysis, reverse engineering, and penetration testing using tools such as Metasploit, Cobalt Strike, Core Impact, and BreakingPoint.
• Served as a key liaison between project management, engineering, and QA teams to ensure seamless coordination and successful delivery of security initiatives.
• Conducted research and developed detection signatures for Palo Alto Networks products, focusing on vulnerabilities in IoT devices, SCADA systems, medical equipment, Microsoft/Adobe Patch Tuesday updates, and third-party software.
• Collaborated closely with third-party testing vendors specializing in NGFW, NGIPS, and DCNS to improve threat detection coverage and vulnerability mitigation.
• Designed and implemented automation frameworks for honeypot data correlation, signature development, and regression testing to streamline security operations and enhance detection accuracy.

Mar 2015 – Apr 2016 · 1 yr 1 mo · Redwood City

• Conducted in-depth vulnerability research focused on Microsoft MAPP Patch Tuesday, Adobe Patch Tuesday, Oracle Patch Tuesday, zero-day exploits, databases, operating systems, and third-party applications.
• Developed a web-based tool to monitor daily signature coverage, enabling effective tracking of false positives and false negatives.
• Created automation tools to streamline deployment of builds, packages, and binaries across large-scale infrastructure environments.
• Managed the publication of daily security content releases and builds to ensure timely and reliable delivery to customers.

Aug 2012 – Feb 2015 · 2 yrs 6 mos

• Researched and developed IPS signatures targeting vulnerabilities from Microsoft MAPP Patch Tuesday, Adobe Patch Tuesday, Core Impact, Metasploit, Canvas, and OSINT sources as a key contributor to the Corero Active Response Team.
• Managed the full security content lifecycle, including research, development, automation, testing, and comprehensive documentation.
• Analyzed and implemented effective countermeasures against security threats such as buffer overflows, integer overflows, SQL injection, XSS, CSRF, and other OWASP Top 10 vulnerabilities.
• Conducted research on DDoS mitigation algorithms and developed a performance monitoring tool leveraging Splunk and big data analytics.
• Addressed high-priority customer security escalations with rapid resolution and minimal turnaround time.

Jan 2012 – Apr 2012 · 3 mos · Greater Boston Area

• Conducted penetration testing leveraging tools such as Core Impact and Metasploit, and recommended remediation strategies for identified security vulnerabilities.
• Developed and updated security policies and procedures for Harvard’s Server Operations Center during the Capstone project.

Jun 2011 – Dec 2011 · 6 mos

• Designed and implemented security GUI automation through Perl test scripts and comprehensive test suites.
• Executed various security testing methodologies including blackbox, whitebox, smoke, regression, system-level, and performance testing of product signatures.
• Identified defects and collaborated closely with the development team to resolve issues, enhancing overall product quality.
• Assisted in the setup of lab infrastructure, including hardware, network, software, and building virtualization servers.

Dec 2009 – Apr 2010 · 4 mos

• Completed RedHat Linux Administration course, securely installing and configuring services including FTP, NFS, CIFS, DNS, and DHCP.

May 2009 – Aug 2009 · 3 mos

• Contributed to coding the Chat, Quiz, and Blog add-ons on www.vrindavandham.com.
• Developed and debugged the full Chat box functionality, integrating video and audio features into the website.