Software Engineer / Manager
San Mateo, California
Working on various security initiatives: Security infrastructure (rolled out authorization to ~100s of internal services, drove TLS1.3 adoption for compliance, improved mTLS between our control and data planes), Security features in the product (TLS based internode encryption in Spark, key management at the storage layer for a new product feature), Application Security (co-drove a company wide effort to shift left by writing secure frameworks and static analysis checks), Lots of miscellaneous security work (design reviews, encryption in transit, fuzzing, taint analysis, dead code cleanup, secrets detection).
Tech lead for the dynamic analysis team. Defined and drove a multi-year strategy for fuzzing; which was followed by our team as well as partner teams. Worked with customer teams to adopt fuzzing, built and scaled our infrastructure, simplified our developer tools, and found ways to get better results. During this period, the team had its best year in terms of usage (teams and engineers across the company) and bugs found. Explored other ways to apply dynamic analysis to security and privacy applications to solve company critical problems (e.g. dynamic taint analysis for Hack code).
Tech lead manager, grew the team from 1->7 engineers as we built out a new fuzzing
platform to meet growing internal demand.
Primarily focused on the team: supporting people (and their career growth), hiring, resolving conflicts, defining the team charter; spent the rest of my
time on technical direction and collaboration across multiple organizations; ensuring
we had a steady flow of engineers that were happy with our platform.
Ended up building the team I always dreamed of working on as an engineer, and realized I
wanted to be more hands on for a while, so I transitioned back to being an engineer.
First engineer on the Dynamic Analysis team; maintaining an internal auditing and alerting system. Primary engineer responsible for Invariant Detector (IVD), which automatically learnt privacy rules and enforced them on every single write to TAO (many millions/s). Lead a small team to make IVD a product, vastly increasing adoption. Worked with Instagram's security team to apply IVD to their codebase; unblocking a company-wide critical migration to secure user data - the team received an IG-wide award for this work.
Worked on the ads and pages reporting backend team to deliver high quality realtime insights to advertisers. I owned large scale data migrations from a legacy backend to the next-generation one, and focused on scaling challenges. I also built out a backfill system for disaster recovery.
Designed and implemented usable, efficient security protocols for next-generation content-centric mobile networks. Owned the testing, simulation, and analysis of realistic scenarios on both physical and virtual devices; critical for DARPA acceptance of our code. This work lead to four conference publications, and the code was open sourced. Prototyped LLVM based application specialization.