As an AI Strategist and Innovator, I drive the strategic adoption and integration of cutting-edge AI technologies, particularly Large Language Models (LLMs), to revolutionize application security. My responsibilities include:• Spearheading AI initiatives, leveraging machine learning, LLMs and other AI techniques to develop intelligent, adaptive security solutions• Collaborating closely with cross-functional teams to identify and prioritize high-impact AI opportunities in application security• Fostering a culture of AI innovation, staying at the forefront of AI advancements and thought leadership in the security domain• Leading and mentoring a talented team of AI professionals to build next-gen AI-powered application security products

Head of product security. Leading everything from IPO readiness, and internal product/cloud /app security to the HackerOne program.

• Collaborating with Product Management in defining the product vision and guiding teams on planning, designing, and building software• Driving the hiring process by owning the recruiting process as well as developing the employee on-boarding process• Managing team members including setting objectives, reviewing performance, and establishing a positive working environment

• Leading the team for attribute based access control and synchronised security.• Led the team for Optix integration with Central platform and delivered ahead of time.• Thread modelling, technical security assessment of web application and fixing the security issues.• Technical demonstration of vulnerabilities and secure design patterns to developers.• Developing libraries and services to enhance strong security posture of the product.• Services Hardening as per POLP, encryption of customer data with key rotation, hardening of APIs.• Ensuring protection from OWASP Top 10 (2017) risks and other commons risks including CSRF, SSRF etc.• Designed Role based access control for the product with fail safe approach.• Implemented MFA (Totp based), SAML login (Okta as idp), Google Sign in using Oauth (2.0) and brute force protection.• Member of Sophos Bug Bounty Program.

Founding Engineer at Cloud security start-up Avid Secure which was acquired by Sophos in Jan 2019.

Founding engineer for the multi-cloud security start-up and built the first version (MVP) of the security platform using SpringBoot over AWS.- Acquired by Sophos in Jan 2019.

• Conducting internal security trainings to make fellow employees aware about internet threats like phishing, social engineering and how to stay safe from them.• Conducting external trainings on writing secure code, catching and fixing security vulnerabilities in web applications.• Ensuring the digital security of critical information infrastructure by reviewing the source code, threat modelling, and conducting penetration tests against the websites.• Research on automated security audit of web applications to ensure government websites are secure.

* Designed a vulnerability scanner for windows. * Got the Pre Placement offer (full time).

Supervisor - Mrityunjay GautamMentor - Achin Kulshrestha The typical time developers and IT admins spend doing productive and non-productive work on their computers is 12 to 14 hours a day. But, the computers in any organization, where the servers and desktops are always switched on, have a HUGE percentage of idle time, other than the human sleeping hours. Why not use the idle computation power for Fuzzing ?We created a centrally controlled GRID of all machines in any globally distributed organization. We would be identifying the idle state of these machines in real time and using that to achieve fuzzing and consequently, finding security vulnerabilities in any target product. This system combines the idle time of all the grid machines and gets bursts of huge computational power along with the capability of parallel processing which can allow us to find software vulnerabilities in a faster and more effective without any additional financial expense. The system can be combined with any fuzzing framework and it would greatly amplify the capabilities of the fuzzers by proper scheduling and parallel processing.The project was presented by Mrityunjay Gautam in c0c0n - (International Cyber Security and Policing Conference) on 22nd August,2014.