Duties on the Global Security Engineering - Platform Automation & Tooling Team are:- Automate DevSecOps using Terraform, AWS Infra Cloud, Snowflake Data Cloud, Python and Golang- Implement and maintain the platform and tooling for threat detection and incident response automation- Automate Threat Detection & Incident Response workflows using a tech stack of Snowflake Data Cloud, Python, DBT, Terraform, Github Actions, AWS, Panther, Tines along with Integrations to JIRA, Slack, SMTP, SNS- Threat Model deployment of workloads on AWS Infra and Snowflake Data Clouds against STRIDE, MITRE ATT&CK and Cyber kill-chain methodologiesAccomplishments:- Onboarded and groomed 6 interns (SREs and SWEs) into FTEs- Helped create a state of the art pythonic detections as code (DaC) execution engine and framework that helped us streamline our detection pipeline and reduce our detection pipeline delay and improved observability and testability of our overall detection system but also individual detectors- Helped streamline IR pipelines with clear playbooks using Tines, Snowflake and Streamlit- Presented a webinar on Threat and Vulnerability Intelligence: https://www.snowflake.com/webinars/snowflake-on-snowflake/snowflake-on-snowflake-automated-threat-intelligence-correlation-2024-07-16/- Wrote technical medium articles like: - https://medium.com/snowflake/generic-external-function-framework-9aa1d20706fb - https://medium.com/hashicorp-engineering/cross-cloud-resource-management-with-terraform-snowflake-6b8965008a93- Cleaned-up RBAC per best practices in Snowflake Data Cloud Instances and AWS Accounts used for security workloads- Setup dev, test and prod environments for security teams to test detections and response automation- Setup automated deployments for Snowflake and AWS Terraform code using TFE, GHA etc.- Wrote NPM modules (typescript), PyPi modules, Terraform Modules and Helm Charts to solve various security problems

Duties:- Security Software Engineering using Python flask, django- Scanning monorepo and reporting projects that have vulnerable package dependencies using Checkmarx SCA as the vulnerability sourceAccomplishments:- Worked on optimizing and scaling vulnerability management tooling that correlates scans, assets and risk databases to answer the questions of: What vulns to fix, who should fix them and in what order fix them and helped with building autoescalation tooling to report the vulnerabilities to product owners.- Created tooling to scan, report and visualize vulnerable package dependencies and team level risk associated with vulnerable package dependencies

Duties:1. TVM ETL/ELT design and implementation - Involves working with my team to design an auto-scalable cloud-based ELT/ELT data pipeline for TVM automation. This includes e2e design using a tech stack of Nessus Security Center API, S3, RDS-Aurora, Apache Airflow, Kafka, Docker and EKS, distributed queues and ELK2. Threat and Vulnerability Intel Reporting - Tooling to build a comprehensive vulnerability and threat correlation engine to notify BUs of 0-day vulnerabilities and threats by correlating intel feeds with the org’s vulnerability and asset inventory for faster incident response and 0-day hardeningAccomplishments:- Broke monolith vulnerability reporting automation into disparate microservices one each for ELT, Analysis and Reporting- Reduced vulnerability reporting window delay from 5 days to less than 24 hours by optimizing bottlenecks in the ETL pipeline- Implement tooling and response process for 0-day scanning and reporting using vulnerability intel sources such as Anomali, Intelgraph etc.

Research topics involved:1. Context Sensitive Auto-Sanitization 2. Context Sensitive Auto-Exploitation 3. Static Analysis of Event-Driven Web Apps such as WordPress and Drupal4. Possible refinement using Formal Techniques such as string solvers such as Z3-Str

Website content and web server troubleshooting, maintenance and migration.

1. Operations - Part of the team [of three] that captures security requirements, drafts the application's security design, performs blackbox and greybox testing of web applications as part of independent security testing, performs quarterly internal VA/PT activities, performed threat modelling and risk management for our web applications, trained the monitoring teams to perform security analysis of syslog and IDS events, setup NIDS, integrated all syslog events of multiple devices into a unified SIEM tool with help from vendors, evaluated, through cost to benefit analysis various security vendors products such as mobile device management tools, anti-virus products and SIEM solutions.2. Governance - Part of the team that drafts security policies, reviews and updates the security policies annually, performs semi-annual internal audits as per ISO 27001 and SOC 2 guidelines.3. Training - Part of team that sent out periodic news and updates to the organization to spread user awareness in security.

I worked as a network support engineer tasked with troubleshooting and mitigating issues related to network devices, active directory and client software.