- Drive strategy and implementation of Security Operations- Drive strategy and implementation of Threat Intelligence- Drive strategy and implementation of Threat Hunting- Develop Incident Response playbooks & Runbooks- Implement and integrate key defensive platforms ( SIEM, Case management, CNAPP, EDR) through threat intelligence driven processes and workflows

- Building and leading Threat Hunting- Security Automation & Orchestration- Security Incident Response

Hunting miscreants in the unknown cyberspace with Zen.

- Developed and built NYC3’s first automation - orchestration program that enables the Citywide Security Operations Center to respond to cyber threats targeting the City effectively.- Developed and led the program strategy and implementation of the Counter Threat Automation (CTA) team. - Developed and led five unique groups within CTA : Automation Development, Software Development, Platform Engineering, Content Engineering, Malware Analysis.- Identified automation opportunities to streamline deployment and operations including creation of self-service automation approaches for the CTA team. - Created clear and concise documentation that defined the strategy, and operations of the CTA team.- Drove the adoption of ongoing automation and orchestration efforts within the NYC3 Threat Management division. - Architected and deployed CTA’s CI/CD pipeline for platform automation and deployment.- Designed and developed the integration of tools and technology with the automation-orchestration platform utilized by Threat Management including ingestion of data into the in-house managed Threat Intel Platform and threat feed aggregation. - Led, and mentored CTA developers, and engineers. - Collaborated with NYC3 Security Sciences to ensure successful deployments of CTA infrastructure and adequate access and provisioning required for successful CTA driven projects.- Assisted the CERT and SOC teams during high severity investigations, including providing support for malware analysis, high-level forensics and log analysis.

- Responded to high severity threats (e.g., malware, DDoS, BEC) targeting the City of New York and its encompassing mayoral agencies.- Performed high level malware analysis on suspicious objects identified within the City of New York’s infrastructure. - Performed threat hunting through log management platforms to identify suspicious activity. - Identified security control gaps within the City of New York’s infrastructure and proposed solutions to further improve the security posture of the organization. - Kept abreast of trends in cybersecurity, with an ability to articulate security-related themes and principles in business terms.- Delivered strategic recommendations to improve detection, escalation, containment, and resolution of incidents.

- Assisted in the day to day operations of the Cyber Response function, responding to high severity threats (eg. malware, DDoS) which could potentially put Barclays infrastructure at risk.- Developed and deployed tooling for malware analysis and automating the correlation and analysis of malicious samples detected within the firm for efficient response. - Developed the orchestration and automation capabilities of Cyber Operations to enable effective response to incidents from an end to end Incident management perspective.

August 2015 - February 2016- Worked in the Digital & IB Enterprise group with the Web Portal Services- Sign Up and Dev team.- Worked on the web penetration testing workflow for Barclays Live portal services utilizing OWASP Zed Attack Proxy (ZAP).- As part of the Barclays Accelerator program, analyzed and evaluated a passwordless start-up company and its competitors to determine its value for integration into Barclays Live for research clients.- Coordinated the migration of Barclays Live and Barclays Now portal to utilize new Single Sign-On Identity Provider (PING). March 2015 - July 2015- Worked in the Equity-IT Order Management Systems(OMS) group.- Projects involved developing an application alerting API for Order management applications.- Primary goal was to enable applications to send application alerts over solace to enable better monitoring of performance among low latency trading applications.

Policy-aware Secure Collaboration in Fog Computing- Led project funded by Cisco Inc. - Designed and implemented a robust, realistic test-bed implementation encasing use-case scenarios of Fog Computing- Proposed a concrete policy management framework to support the Fog architecture.- Worked on policy conflict, anomaly detection and resolution techniques in a Fog paradigm utilizing Smart Transportation Systems as a base-case.

- Part of the Global Compliance Architecture Authority (GCAA) team.- Analyzed the multiple Single-Sign-On frameworks utilized at Barclays.- Integrated the Federation Single-Sign-On authentication framework with third party compliance product.- Analyzed security framework of Actimize, for integration with Federation SSO. - Utilized header authentication methodology, to complete SSO authentication.

- Interned with the Web Portal Services group working on Barclays Live, the firms comprehensive client-facing portal delivering the firm’s world-class cross-asset content to our clients.- Worked with the Usage Analytics team responsible for delivering client, portal and application MIS for the Barclays Live portal. - Developed front end application dashboard for Sales applications displaying granular usage metrics to senior management and business across all Sales applications.- Contributed towards development of mobile UA applications to deliver key client MIS on mobile devices (iOS, Android) to Barclays Live Sales and COO teams.

- Developed a MS Project plan , detailing project start and completion time , including milestones and risk management strategies for the project in-case of delays.- Divided project into multiple tasks based on size and expected time of completion so as to make tracking and risk assessment efficient. - Created Component Requirement Specifications for engine models. - Developed test plan procedure to test engine components.- Developed automated test scripts to verify proper engine component functioning. - Generated test reports displaying results.