Mar 2022 – Mar 2024 · 2 yrs

• Primary responsibilities:
• 1. Automate processes
• 2. Help respond critical incidents + build security detections to find anomalies
• 3. Manage/remediate vulnerabilities and perform threat modeling/ application security reviews.
• Other highlights:
• Speaker @ BSides Indianapolis 2023
• Speaker @ BSides Atlanta 2023
• Speaker @ Security podcasts

Oct 2020 – Feb 2022 · 1 yr 4 mos

• My role is multifaceted and my responsibility has a nice balance between security and engineering side of things.
• Security: I have had the exposure to work on multiple security streams from Incident Response, Detection Engineering, Product security, Vulnerability management, Vendor security and Governance, Risk and compliance (GRC). I was also involved in managing our bug bounty program - testing/validating our code, performing architecure reviews, writing security detections, deploying/owning vulnerablity scanning tools and conduct compliance audits.
• Tools - Crowdstrike, Chronicle, Osquery, Capsule8, Nexpose, Qualys, Snyk, Joe sandbox, Google security console, VirusTotal; Cloudflare product suite - WAF, Gateway, Access, Area1, Vectrix (CASB).
• Engineering: Being the first engineer in the SecOps Engineering team, I was solely in-charge of driving the automation/engineering pillar from scratch, identifying areas of automation across the Security Org, building and managing them in real-time. This opportunity not just helped me build my problem-solving abilities, but the ability to "identify" problems, design program-level and product-level roadmaps, and build data visualizations to track performance / efficiency metrics.
• Other highlights:
• 1. Speaker @ Day of Shecurity 2021
• 2. Speaker @ Bay Area Security meetup
• 3. Co-lead for Cloudflare CTF event (internal)

Jun 2020 – Sep 2020 · 3 mos

• 1. Built and automated the security "Risk Register" from scratch, which acts a central repository of all security findings identified across all the orgs at Cloudflare.
• 2. Created process workflows and designed integrations to ingest security findings from the different security programs like Incident Response, Vulnerability management to Security Risk lifecycle.
• 3. Automated our approach to solve critical compliance requirements end to end.
• Tools and technologies used: Python, Bash, JIRA, Appscript.

May 2019 – May 2020 · 1 yr · San Francisco Bay Area

• 1. Designed and built dashboard to track performance metrics on the Salesforce dev platform that helped track and improve efficiency close to 50%. Got recognized up to 'SVPs and VPs' for the impact created.
• 2. Evaluated security controls for salesforce acquisitions to standardize with the baseline controls using industry frameworks.
• 3. Presented product showcase for " Salesforce Heroku" to key stakeholders and conducted security walk-throughs and security assessments.

Jan 2019 – May 2019 · 4 mos · Washington DC-Baltimore Area

• 1. Mentored next-gen security enthusiasts by presenting information sessions explaining the fundamentals of security and the different cybersecurity career paths to choose.
• 2. Also mentored freshman students during security hackathons.

Aug 2018 – May 2020 · 1 yr 9 mos · Washington DC-Baltimore Area

• 1. Simulated the working of networks using CORE and demonstrated the role of an adversary to cause cyber-attacks like DOS, website defacement, and MitM using packet generator, Burpsuite and Kali Linux pentesting toolkit.
• 2. Demonstrated security concepts by presenting lectures and using hands-on tools in network security lab sessions for a class of 50 at a undergraduate-level computer security (CSCI 6531) at School of Engineering and Applied Science (SEAS), GWU.

Aug 2017 – Mar 2018 · 7 mos

• 1. Built custom python scripts to automate scanners and analyzed network traffic using Wireshark, Tcpdump, and Zenmap.
• 2. Inspected the logs, create visual reports and handled security events/incidents by triaging alerts using Splunk.
• 3. Administrated Linux and Windows-based operating systems to manage user policies, and file administration.
• 4. Contributed to publish a research work “Enhanced Security for Data Transfer in Clouds” in an International UGC Journal.

Mar 2016 – Jan 2018 · 1 yr 10 mos

• 1. Founded the cybersecurity club to create next-gen security enthusiasts by presenting security concepts, organizing
• lectures and hands-on labs.
• 2. Conducted training programs in association with Tata Consultancy Services on Microsoft Azure Cloud.

Mar 2017 – Jul 2017 · 4 mos · Chennai, Tamil Nadu, India

• Was selected to be a part of Azure Student program by Tata Consultancy service, representing my university. The program involved learning azure cloud services and building real-time projects. In the final project expo, my team went to the top 15 among 200 other teams across the state of Tamil Nadu, India.
• Was a great experience leading the team and building fun projects.

Nov 2016 – Mar 2017 · 4 mos · Greater Chennai Area

• 1. Automated scripts in Raspberry Pi to perform temperature monitoring without human interference using Embedded C.
• 2. Researched on wireless security best practices and performed passive reconnaissance on weakly configured IoT devices using Shodan and Google dorks.
• 3. Created prototypes by binding embedded technology with the Internet of Things (IoT) using Embedded C, simulated the working in Proteus ISIS tool, and assisted in web development (HTML, CSS, Javascript).