Jan 2025 – Apr 2025 · 3 mos

Oct 2020 – Jan 2025 · 4 yrs 3 mos · San Francisco Bay Area

Apr 2017 – Sep 2019 · 2 yrs 5 mos · San Francisco Bay Area

• o Guide product team’s security and privacy initiatives by participating in design reviews,
• threat modeling and code reviews.
• o Architect secure solutions for multiple teams across various products
• o Manual and automated security testing of platforms, applications and services
• o Reviewing Partner Apps for Security flaws
• o Guide partners build Secure integrations
• o Designed and conducted threat modeling workshops for non security folks
• o Help Security Champions identify and drive high impact security initiatives

Jan 2016 – Apr 2017 · 1 yr 3 mos · San Francisco Bay Area

• Pentesting internal web applications for security vulnerabilities
• Managing bug bounty programs like HackerOne : Triaging security bugs reported,
• assessing the impact and awarding bounties
• Conduct Third Party Vendor Security assessment and help improve Zenefits security posture
• Perform Threat modeling for new features and help with architectural design reviews
• Educating and training developers about OWASP top 10 and secure coding practices
• Manage Phishing campaigns to improve security awareness and establish a security culture.

May 2015 – Aug 2015 · 3 mos · Atlanta Metropolitan Area

• Developed a tool in Python to convert CIDR notation to a list of IP addresses, List the number of hosts for each notation, check if the clients owns the domains and checks for overlapping address spaces.
• Automated and manual Source Code Analysis to identify Security vulnerabilities
• Network Penetration Testing : Internal Assessment
• Web Application pentesting
• Evaluated Security tools for the organization and provided evaluation reports and proposal documents
• Draft detailed security reports with actionable recommendation for clients.

Jul 2014 – Dec 2014 · 5 mos · Greater Boston

• Perform vulnerability assessment of web applications
• Dynamic Application Security Testing using IBM AppScan Standard
• Manual Penetration Testing of internal applications
• Compile and Publish Weekly Threat Reports for the Threat Intelligence team

May 2014 – Jun 2014 · 1 mo · Cambridge,MA

• Research on big data security for the Institute of Quantiative Social Sciences,Harvard University.

Dec 2010 – Jul 2013 · 2 yrs 7 mos · India

• Project :Nielsen Encoders
• Designed Category based Test strategies and methodologies to certify encoders for audio/video watermarking.
• Developed scripts for Performance testing of the encoders.
• Encoded NTSC and PAL signals and broadcasted them through OTA,DVB-C and QAM.
• Project: SMART CARD:USIM
• Contributed as a QA engineer for a Smart card Project in Tata Consultancy Services.
• Designed Test strategies and methodologies for the Global Platform in USIM.
• Developed Smart Card scripts for testing of the Global Card Platform.
• Validated Card content management operations: Installation, Key management, Deletion in Security Domains on the smart card.