Resume

• Building end-to-end LLM-driven workflows to automate vulnerability triage and remediation, reducing manual triage load and enabling sub-linear scaling of the VM program
• Directing cross-functional infrastructure roadmaps across 4 teams to build automated security controls, reducing recurrence of systemic vulnerability classes

• Architected a unified vulnerability management platform and engineered a risk-scoring framework that reprioritized 800k+ findings using EPSS, asset criticality, and reachability, achieving a 90% signal-to-noise ratio and restoring developer trust in security findings
• Scaled the VM program across 4 M&A integrations by establishing technical playbooks and standardizing high-severity triage
• Led the design and rollout of short-lived identities across 92% of the AWS fleet, coordinating with 25+ teams to eliminate long-lived credentials and reduce incident response liability by 280+ days
• Re-engineered the developer security platform, replacing legacy scripts with a high-performance engine that reduced latency by 83% and reclaimed 6,180+ monthly engineering hours
• Implemented four guardrails — intent filtering, output validation, compliance screening, and context isolation — eliminating critical injection and data exposure risks prior to GA launch and enabling safe production deployment of LLM-powered features
• Led a 3-engineer team to architect a WebAuthn-based access platform, handling 26% of all corporate access requests and reclaiming 1,150+ monthly engineering hours
• Remediated a credential leak affecting 40+ services, authoring the response playbooks and secret infrastructure policies that reduced organizational MTTR from 14 days to 2 days

• Led the “Safety by Design” program, partnering with product teams to conduct 50+ architectural reviews in 5 months and ensuring 100% pre-production remediation of high-priority risks

• Eliminated a 90% visibility gap in global security scanning by identifying and fixing a systemic algorithm flaw; drove architectural redesign through production to ensure 100% code coverage across the enterprise

• Researched cyber threat intelligence; designed and implemented microservices to integrate threat feeds for live threat monitoring
• Streamlined the real-time configuration pipeline for enhanced reliability, minimizing failures and reducing downtime
• Spearheaded and formulated strategies to achieve a 60% reduction in CI costs through Docker images and faster build times
• Hardened IAM architecture by developing highly configurable API integration and redefined workflows for better user experience
• Performed vulnerability assessments on product API and enforced strict access control policies to reduce security risks
• Established standards for simplifying and maintaining critical scripts; refactored code to support custom logging and improve readability

• Conducted manual code reviews; identified and fixed high-risk security bugs in the e-ticketing services
• Coordinated communications between the design and development teams for migrating to Android 10

MS, Security Informatics

BE, Computer Science and Engineering

Golang, Python, Terraform, AWS, Kubernetes, Bazel, gRPC

Application Security, Vulnerability Management, Threat Modeling, IAM, Secure SDLC, AI/LLM Security, Security Architecture

Incident Response, Risk Prioritization, Penetration Testing