• Envision and execute secure SDLC practices for multi-billion dollar SaaS offerings.
  • Currently leading initiatives to securely design and develop scalable platforms that leverage AI technologies, by integrating cutting edge research with operational security.
  • Integrating tightly across the SDLC to assure e-commerce platforms, PaaS offerings, and additional internal efforts, by providing high quality SDL services.
  • Contributed to quarterly board reporting of Security Assurance outcomes.
• Building a practical vision and strategy for large organizations
  • Influenced the work and direction of 200+ individuals by defining the annual and multi-year strategy for the Security Assurance organization along with fellow leaders.
  • Leveraging latest Generative AI techniques to improve the team's operational effectiveness.
• Defined and executed a new Secure Design function from scratch.
  • Built the vision, charter and execution model for the newly formed Secure Design function in order to set up durable controls that impacted the earlier stages of the SDLC.
  • Delivered projects and programs by leveraging automation, collaborations with various teams and updated processes to enable pragmatic and scalable security services across the organization.
  • Leading international and matrixed teams of highly skilled, junior and experienced engineers and leaders that collaborate with product, engineering and security organizations.
• People-centric leadership of diverse, high impact teams with a focus on productivity, quality and wellness.
  • Fostered a culture of creativity and innovation in a 25+ person organization.
  • Cultivated a start-up mentality that adapted to a larger organization, thus allowing teams to experiment, prototype, fail fast within the team, and scale successes outside.
  • Coached first time and experienced leaders, supported their career and teams.

• Promoted shift-left best practices across the SDLC
  • Led the vision and execution of integrating various activities within Commerce Cloud, such as architecture design reviews, threat modeling, automated workflows, security champions, bug bounty, static analysis and third party security.
  • Engaged in the development of security policies and their implementation.
  • Successfully developed and grew a security champions program by partnering closely with engineering teams, as a means of multiplying the security impact.
• Provided pragmatic security services to technical teams in the Commerce and PaaS domains.
  • Domain expertise in e-commerce, digital payment workflows and payments integration.
  • Supported multiple tech stacks in both self-hosted and cloud environments.
  • Supported partner teams in compliance audits and risk prioritization conversations.
• Successfully merged new acquisitions into existing security services by balancing centralized services with customized requirements.
  • Integrated security teams, tools and processes from acquisitions through active collaboration, and lessons learned from both merging businesses.
  • Created a culture where the security team is viewed as a partner, rather than a hurdle, by product, engineering, program and customer support teams.
• Leading through changes, both internal and external to the organization.
  • Led through changes during the pandemic, balancing the needs of the team and the organization as we moved into a remote-first world.
  • Leveraged agile methodologies to efficiently operate the team, and deliver quality results.
  • Fostered innovations in tools and processes to support challenges faced by technical teams.
  • Leader of individual contributors, with a maximum span of control of 18.

• Technical Lead for application and infrastructure security efforts in Commerce Cloud. Actively collaborated with engineers and leaders from multiple teams to improve security controls. 
• Actively performed and led architecture design reviews, threat models, code reviews and pentesting for high risk projects. 
• Regularly contributed to product roadmap and security strategy, ensuring that security conversations are a part of early product plans.
• Created and presented security content to developers regularly to educate them on security issues and mitigation strategies.
• Built relationships with developers, architects, engineering and security leaders, and supported their security needs in a collaborative manner.
• Subject matter expert in time-sensitive incidents, containment and mitigation strategies.
• Mentored junior security engineers, supporting their career and technical growth.

• Primary point of contact for the application security efforts of several products in Commerce Cloud.
• Engaged in threat modeling, code reviews, automation, static analysis and developer training.
• Integrated newly acquired businesses with existing security tools and processes.
• Built internal tooling that assisted with analyzing dependencies and code flows for .Net projects.
• Supported agile efforts within the team to create efficient ways of driving and tracking work.

• Researched malware detection strategies by analyzing DNS traffic. 
• Identified new detection and mitigation techniques for web application vulnerabilities using dynamic and runtime technologies.
• Engaged in the design of a new runtime platform that created IAST and RASP capabilities.

• Researched new vulnerabilities and developed algorithms to attack, detect and protect web applications by leveraging dynamic and runtime technologies.
• Developed detection rules for various vulnerabilities using DAST and IAST tools.
• Presented at internal & external conferences on new attack and detection techniques.
• Designed and developed industry-first solutions for automating attack scenarios using DAST and IAST techniques.

• Research and Development of automating web application vulnerability detection.
• Updated various parts of WebInspect's audit engine to improve detection capabilities.
• Patented new ideas and implemented them into WebInspect's toolset.

Focused on systems and application security. Interned and co-oped at HP, resulting in a final thesis that was implemented in HP WebInspect.

Graduated by achieving the Best Outgoing Student Excellence recognition - an honor bestowed upon one male and female graduating student each year across the entire university.