May 2022 – Aug 2022 · 3 mos · Vancouver, British Columbia, Canada

Jul 2021 – May 2022 · 10 mos · Vancouver, British Columbia, Canada

May 2022 – Nov 2022 · 6 mos · Vancouver, British Columbia, Canada

Feb 2022 – Jun 2022 · 4 mos · Vancouver, British Columbia, Canada

Apr 2018 – Jul 2021 · 3 yrs 3 mos · Dubai

• Security Architect, Application Security, Automation

Mar 2017 – Apr 2018 · 1 yr 1 mo · Bengaluru, Karnataka, India

Jun 2014 – Mar 2017 · 2 yrs 9 mos

• Designed dozens of software solutions driving continuous improvement to processes, systems, work flow and customer responsiveness.
• Designed projects & tools in Agile SDLC and RAD best practices. Ensured the release of premium-quality applications that provided intuitive and secure experiences for users.
• Drove all phases of enterprise design, development, integration and process improvement projects to successful completion, including application availability initiatives and the implementation of single site fail-over and recovery options.
• Automated processes to resolve business challenges, such as Critical Incident Communication tool which communicates with end users when there is a critical incident with the cloud infrastructure.
• Streamlined processes between end users and support team, to ease ticket opening/management process which increased the productivity of overall team (Integration with ServiceNow, BMC IT Remedy).
• Managing large and complex projects or multiple components of a large projects involving more than one company’s product/ services.
• Creating and managing the estimates, project plan, project schedule, resource allocation and expenses to ensure that targets were reached
• Following the project life cycle methodology like Agile and Waterfall defined under the process framework, ensured that customer deadlines were met within project budgets.
• Provide ongoing application support and troubleshooting.
• Wrote documentation for new and legacy applications.
• Projects:
• 1) Behaviour Based Web Application Firewall (WAF) (Machine Learning)
• 2) Database as a Service (DBaaS) with HA
• 3) Easy Deployment of Applications in Containers (EDAC)
• 4) Critical Incident Comms Tool
• 5) Platform Lookup Tool
• 6) Handover Tool
• 7) Case Escalation Tool
• 8) Pagerduty Metrics
• 9) Cloud Support Dashboard
• 10) Customer Lookup Tool
• 11) ServiceNow customizations
• 12) Cisco Cloud Status Page

Mar 2014 – Mar 2017 · 3 yrs

• Design & development of multiple modules in OpenStack and Rally.
• Integrating ceilometer into Rally Benchmarking tool.
• Design an architecture for security driven deployment of OpenStack on private cloud.
• Providing security for Tenant Cloud and Cloud applications.
• Design & development of numerous tools based on cloud applications.
• Contributing patches to OpenStack community.
• Research on OpenStack security.
• Design & development of in-house product, CHAI a SaaS platform an distro agnostic, with on-demand log analysis, services assurance, and compliance tracking of openstack deployments.
• An analysis of security and privacy issues, challenges with possible solution in cloud computing.

Oct 2011 – Oct 2013 · 2 yrs

• Acted as a liaison between various departmental groups on information security related topics
• Audited systems based on security standards
• Collaborated in teams of technical and non-technical experts
• Conducted IT-Security standards/compliance assessments
• Developed detailed recommendations for mitigating findings and process improvement projects
• Developed mitigation strategies
• Documented results and presented findings to technical staff and management alike
• Drafted various policies and procedures
• Ensured compliance of Information Technology Security Policies and utilized vulnerability tools
• Fostered security-focused tools and training programs
• Identified and recommended solutions for various risks and security issues
• Maintained regulatory requirements
• Managed and facilitated information security related projects
• Moderated workshops and interviewed key stakeholders to determine technical threats and risk
• Monitored compliance with organization's information security policies and procedures...
• Projects:
• 1)OSINT Tool: Designed and developed OSINT (Open Source Intelligence) information gathering project which gathers the information of a given keywords from Search engines, social media sites like Facebook, twitter, Instagram, google plus, YouTube using API general media like websites, blogs, forums, Outlook PST's etc., All the information is stored in a database which is parsed, processed using proprietary algorithms and displayed with an organized information on a Web UI.
• 2)Automated Malware Scanner: This tool scan’s the given input file statically and gives the detailed information in chosen format. This tool accepts android, windows PE, DOC, PPT, XLS as input files.
• 3)Automated Dynamic Malware Analyzer: This tool scan’s the given input file dynamically in memory and gives out detailed information in chosen format. This tool accepts Windows PE, DOC, PPT, XLS as input files.

Nov 2009 – Oct 2011 · 1 yr 11 mos

• ϖ Handled numerous VAPT (Vulnerability Assessment and Penetration Testing) projects of clients
• ϖ Responsible for development of in-house certification and content
• ϖ Research on Cloud and Cloud based tools to speed up reporting process
• ϖ Setting up cloud infrastructure
• ϖ Conducted many workshops across India and gave training on Information Security.
• ϖ Assisted law enforcements in Cyber Crime Investigation
• ϖ Developed and reviewed information security and privacy policies.
• Projects:
• 1) MSOffice Sandboxie (Zeroday Detector): Designed and developed M.S Office Sandboxie, which detects any malware in the DOC, PPT, XLS files and report us instantly. This works on the principle of particular windows calls, if a shellcode is embedded and the malware is executed, this user mode application will listen to particular Windows API’s like file write on disk or particular call to system information or InetAPI, when it detects these calls instantly it blocks the execution and exists the process.
• 2) In-House Certification & Examination: Worked on Information Security content and assisted in creation of In-House Certification process and hands-on examination.

Jun 2008 – Aug 2009 · 1 yr 2 mos

• Provided Identity Protection to clients
• Worked on Cyber Threat Intelligence
• Worked on Malware Intelligence
• Handled services like Credential Monitor, Malware Monitor for clients
• Handled Real World Exploits