Software Engineer / Manager
Working on various security initiatives: Security infrastructure (rolled out authorization to ~100s of internal services, drove TLS1.3 adoption for compliance, improved mTLS support, RPC layer validations to prevent DoS), Security features in the product (TLS encryption in Spark, storage layer key management), Application Security (co-drove a company wide effort to shift left by writing secure frameworks and static analysis checks, driving a new effort to kill security/privacy incidents), Lots of miscellaneous security work (design reviews, encryption in transit, fuzzing, taint analysis, dead code cleanup, secrets detection).
Tech lead for the dynamic analysis team. Defined and drove a multi-year strategy for fuzzing; adopted by multiple teams. Worked with teams to adopt fuzzing, built and scaled infrastructure, simplified developer tools, and achieved better results. During this time, the team had its best year in terms of usage (teams and engineers across the company) and bugs found. Explored other ways to apply dynamic analysis to security / privacy applications to solve critical problems (e.g. dynamic taint analysis for Hack code).
Tech lead manager, grew the team from 1->7 engineers as we built out a new fuzzing
platform to meet growing demand.
Primarily focused on the team: supporting people (and their career growth), hiring, resolving conflicts, defining the team charter; spent the rest of my
time on technical direction and collaboration across multiple organizations; ensuring
we had a steady flow of engineers that were happy with our platform.
Ended up building the team I always dreamed of working on as an engineer, so I transitioned back to being an engineer.
First engineer on the Dynamic Analysis team; maintaining an internal auditing and alerting system. Primary engineer responsible for Invariant Detector (IVD), which automatically learnt privacy rules and enforced them on every single write to TAO (many millions/s). Lead a small team to make it a product, vastly increasing adoption. Worked with Instagram's security team to apply IVD to their codebase; unblocking a company-wide critical migration to secure user data - the team received an IG-wide award for this work.
Delivered real time insights to advertisers, focusing on large scale data migrations, scaling challenges, and disaster recovery.
Designed and implemented usable, efficient security protocols for next-generation content-centric mobile networks. Owned testing, simulation, and analysis of realistic scenarios on both physical and virtual devices; critical for DARPA acceptance of our code. This work lead to four conference publications, and the code was open sourced. Prototyped LLVM based application specialization.