May 2025 – Present · 1 yr 1 mo · San Francisco Bay Area · On-site

May 2025 – Jun 2025 · 1 mo · San Mateo, California, United States · On-site

• Selected for the DraperU Hero Accelerator Program. Staying at their university building in San Mateo and building ShipSec.ai.

Jan 2024 – Present · 2 yrs 5 mos

Jul 2023 – Dec 2023 · 5 mos · United States · Remote

Feb 2022 – Sep 2023 · 1 yr 7 mos

• As a security engineer at Rippling, I built some of the security automation systems like the Vulnerability Management System, Dynamic application security scanner ( using golang, next js for frontend ), Security Leaderboard etc.
• I also did source code reviews and threat modelling, for different products. I've also conducted security sessions and interviews while working at Rippling.

Feb 2021 – Feb 2022 · 1 yr · Bengaluru, Karnataka, India

• As a Senior Security Engineer at Gojek, I worked in ProdSec team, working on :
• Compliance as Code : This is a framework I wrote from scratch using Golang, to run automated CIS checks on our GCP infra, which spans 250+ projects. Also auto remediating any non-compliant resources. It has been running in production since the past 5 months without any downtime. Runs on Google Cloud Run.
• Android and Web App Pentesting : Pentesting any feature release in the GoJek web API backend and GoJek Android application.
• Code and Design Reviews : Code and design reviews for any feature release in the GoJek API or mobile application.
• Red Teaming : Finding critcal vulnerabilities and escalated privileges to cover any loopholes in the whole GoJek ecosystem.

Apr 2019 – Jan 2021 · 1 yr 9 mos · Gurugram · On-site

• Just after college have joined this as the 2nd member of the security team, just after it's creation a few months earlier. I worked on a lot of interesting projects here. Some of the highlights are :
• DNS-As-Code : Created from scratch an automated pipeline using terraform to create DNS entries in cloudflare as well as Route53 with failover option for easy switching to either of the DNS providers.
• Built Using : terraform
• G-Shield Security Bot : Created from scratch a github bot with the intention of shift-left, bringing security closer to the developer workflow. It scans each PR for common security issues like hardcoded secrets, code smells, vulnerable docker images, sensitive mount point etc. The code is modular and thus new modules have been easily added to it by other team members.
• Built Using : python, celery and github APIs
• Temporary credentials for DB : Integrated vault with DBs and github so that users can generate temp credentials for database based on their github team
• Cognito Integration : Worked with multiple teams to integrate AWS cognito in legacy APIs to provide better authentication workflows like social oauth ( such as google auth ) and OTP based workflow
• OauthProxy : Integrated oauthproxy for gsuite authentication and compliance to some of our internal applications

May 2018 – Jul 2018 · 2 mos · Noida Area, India

• DevOps intern.
• I worked on integrating health check into applications, whose metrics were further populated on kibana dashboards for easy management of the services.

Mar 2017 – Mar 2018 · 1 yr