Provide top-level guidance and strategic direction for Coalition for Secure AI (CoSAI).The mission of CoSAI is to enhance trust and security in AI development and deployment through collaborative innovation and standardization. CoSAI focuses on democratizing AI security and privacy techniques, expertise, and solutions to improve the development, implementation, and usage of AI systems across organizations of all sizes.

Building the AI-native Detection and Response (AIDR) platform for Security and Privacy Incidents, empowering enterprises to build and scale cost-effective Security Operations Centers (SOC).

Led a team of engineering managers and privacy engineers responsible for detecting and responding to privacy incidents across Meta and enabling data-driven insights to prioritize and reduce top privacy risks.• Established refined team mission, vision, and charter to align with top business priorities and risks by facilitating collaborative decision-making.• Improved automated incident detection ratio by 57.6% in collaboration with security and AI teams.• Supported a volunteer-based oncall program, as an executive sponsor, providing 24x7 coverage of privacy site-event (SEV) response across US and EMEA. Maintained a healthy oncall size by growing US oncall team by 400% and backfilling 100% of EMEA attritions.• Defined strategic direction and drove cross functional alignment on incident insights program to enable risk quantification and risk-based prioritization of privacy investments.

Led a team of engineering managers and security engineers responsible for product security, security product architecture, data science, and Red Team operation to address Alexa’s biggest security and privacy challenges.• Proposed, hired, and built a new product security team to address a gap in delivering on business priorities. Drove alignment across senior executives and cross functional partners.• Defined a strategic direction and established a program to identify, prioritize, and address and report on Alexa's top security risks to Senior Vice President level.• Successfully supported bringing 6 security products to production providing innovative protections for customers and their data at Alexa’s scale.

Designed and built Poshmark's first security organization consisting of Security Governance, Engineering, and Operations teams, responsible for security and privacy of Poshmark’s apps, AWS infrastructure, and its 60+ million customers. Successfully hired and built out a distributed organization across US and India within 6 months.• Established risk-based security and privacy programs to successfully prioritize investments and support readiness for the California Consumer Privacy Act (CCPA) and IPO, partnering with senior executives from legal, engineering, and finance orgs. Poshmark became public in January 2021.• Established and drove a new PCI compliance program by identifying and implementing a segmentation strategy to reduce scope and number of requirements by 91% (127 to 11). Obtained Level 1 Report-on-Compliance (ROC) within 3 months and prevented non-compliance violation.

Designed and built Arlo's first security engineering organization consisting of Product Security and Security Feature Development teams, safeguarding HW/SW products, AWS infrastructure, and manufacturing/supply chain operation for all Arlo home security product lines. Successfully hired and built out a distributed organization across US, APAC, and EMEA within 8 months.• Product Security – Collaborated with cross-functional teams to execute security programs and initiatives including vulnerability management, threat modeling, penetration testing, DevSecOps, incident detection and response.• Security Feature Development – Designed a custom Arlo Security Layer (ASL) protocol and led development of cross-cutting security features (end-to-end encrypted, AuthNZ, secure key exchange, communication, secure storage, data integrity, privacy, secure boot) by leveraging ASL and Secure Element (SE) HW security module. • Drove adoption and integration of new Secure Element (SE) into all Arlo devices, manufactured since 2019, by successfully influencing the CEO and senior executives from supply chain, HW/SW engineering, and finance teams and Original Design Manufacturer (ODM) partner.

Built a new security solution development team across US and S. Korea, as part of Samsung Global CSO office.• Delivered Samsung FIDO solution from proposal and development to production within 7 months. Samsung FIDO solution provides secure multi-factor biometric authentication and became the world's first FIDO-Ready certified product that implements FIDO UAF 1.0 protocol, now known as W3C WebAuthn. Since 2015, the FIDO solution has become the main component of Samsung Pay, a new product line offered to enterprise customers, and the standard internal authentication solution for 500k+ Samsung employees worldwide.• Led the development of reusable software building blocks that enable scalable cloud-native microservice architecture. Standardized agile software development process and tools, which was introduced as the best practice at the company level.

Represented Samsung SDS at the FIDO Alliance technical working groups as the voting member.• Contributed to drafting and finalizing the FIDO UAF v1.0 specification set.

Architected and developed the flagship endpoint detection and response(EDR) product that protects endpoints from zero-day and targeted advancedpersistent threat (APT) attacks with Win32 kernel module syscall levelintrospection and big data taint analysis.• Led the technical and strategic efforts to successfully close an exclusivepartnership agreement with SK Infosec in South Korea, which triggered theSeries B round of funding ($12M).

Designed and developed anti-virus detection engines in Symantec Endpoint Protection (SEP) suite and secure communication components in Norton products.

Developed an automated malware analysis system that analyzed and provided about 30% of detection signatures, which were delivered to worldwide customers daily. Reverse engineered 1K+ malicious files, wrote detection signatures, created detailed write-ups, and developed standalone fix-tools for high-profile threats.