Leading several security engineering teams, including the Security Automation team, Security Response team, the Citrix Crypto team, and the Open Source Compliance team. Rebuilt the Security Response team to handle hundreds of Citrix product security questions and vulnerability disclosures per quarter, coordinating the process from initial responsible disclosure through engineering patches, fix validation, writing issuing security bulletins, and risk management after public disclosure of vulnerabilities. Created a brand-new Open Source Compliance team in-house to discover latent security and legal risks through conducting open source audits and remediation. Led the Cryptographic development team at Citrix in creating the first Citrix FIPS 140-2 certified cryptographic module. Leading a team that designs, develops, tests, troubleshoots and debugs complex security components and certification projects such as FIPS, Common Criteria, and UC APL, with primary responsibility for leadership and direction of others. Recognized as a specialist in security engineering and product certifications. Responsible for communicating the strategic direction, encouraging innovation, and providing technical and project leadership to all members of the security team; coordinating and collaborating with program and product management and test engineering; full responsibility for executing to development schedules and plans, technology and architectural roadmap, and delivering compelling high quality products to market; and participating in strategic planning and risk assessment and identifying measures for building organizational capability, capacity and agility.

Member of Citrix Central Security Team implementing all phases of the Secure by Design process as a service for product development teams such as XenApp, XenDeskop, and XenMobile. Personally coordinate the global security training program. Create courses and deliver security training to hundreds of software engineers. Coordinated thousands of hours of live training across many locations. Developed and hosted a Capture the Flag contest featuring current security vulnerabilities that attracted over 600 trainees and 170 competitors. Wrote and maintain widely deployed security automation tools to perform static analysis and security scanner automation for Windows, iOS, and Android product components. File hundreds of security bugs based on conducting security testing, threat modeling, design reviews, and code audits on Citrix products for Windows, Linux, iOS, and Android. Handle security response issues arising from security researchers, customer penetration tests, and publicly reported security vulnerabilities in open source components. Member of the Common Criteria Mobility Technical Community, contributing to standards development in the Mobile Device Fundamentals Protection Profile and the Mobile Device Management Protection Profile. Mentor to several new hires in security engineering.

Developed world-class content management system software currently deployed at many educational institutions. Mentored incoming developers at multiple institutions. Worked on protecting web application, back-end databases, and application logic from well-known attacks and malicious insiders.

Created a web-based collaborative environment as part of the core development team. Integrated diverse databases through a custom scientific data portal. Worked on access control mechanisms for securing scientific data and then releasing data on a regular time schedule.