[email protected]

LinkedIn ~ GitHub

Experience

Head of Security, EM of Internal Systems

Pipe Technologies | 2022.06 – present

As Pipe’s first Security Engineering Lead, I was tasked with securing the firm while balancing growth and developer experience. I successfully integrated security into the company culture and served as the security spokesperson to external parties, including business partners, investors, and the Board of Directors.

I initiated and developed various security functions such as Threat Detection & Response, Application Security, Infrastructure Security, and Privacy. Our engineering-led security team adheres to the Secure by Design Philosophy, building systems and tools to ensure the fastest and most intuitive path to get stuff done is also the most secure. We empower engineers and employees to make secure choices without compromising their productivity.

A year into my role, I expanded my responsibilities to become the Engineering Manager and Tech Lead for the “Internal Systems” team, which encompasses Security, Infrastructure, Data, Developer Experience, and IT. I recruited and now manage a small yet highly skilled team of six engineers, maintaining efficiency and speed despite our broad scope of duties.

Senior Security Engineer

Robinhood Markets | 2020.03 – 2022.06

As an early member of Robinhood's Security team, I spearheaded the creation of the Detection & Response & Threat Intelligence team. Most notably, I directed all detection and response initiatives for Robinhood Crypto, one of the company's most vulnerable and valuable assets, implementing state-of-the-art monitoring and countermeasure systems.

As part of my duties, I led Incident Response for multiple Priority-0 security incidents and collaborated cross-functionally to ensure immediate containment and long-term remediation strategies. I played a pivotal role in managing the security landscape during the company's rapid expansion, supporting Robinhood's massive growth in size (10x headcount) and successful IPO.

Security Researcher - Machine Learning

PatternEx | 2018.06 – 2020.03

I lead our company's efforts in rapidly prototyping new machine learning analytics that detect malicious behaviors in enterprise environments. I managed a small team responsible for conducting our threat research, intrusion analysis, and cyber-attack simulations.

PatternEx's core product is a large-scale machine learning and graph analysis framework streamlining the detection and investigations of malicious behaviors in enterprise environments.

Security Researcher

NASA Ames Research Center | 2015.08– 2017.06

I researched and developed an Intrusion Detection System (IDS) for the E-Root name server, one of the 13 DNS root name servers worldwide. The IDS was successfully implemented, and NASA documented and published my research as an artifact.

I also designed an automated spacecraft telemetry decoder for NASA small satellite missions utilizing creative and low-cost solutions such as Google’s Gmail API.

Projects

• GitChat: GitChat is an AI chatbot that integrates with GitHub repositories to answer user queries about a codebase. It features Google authentication, user session management, and chat sharing. The app is built with Next.js and LangChain (link)
  • The project received 100k+ views on X and was reposted by the official LangChain X account as well as LangChain’s founder, who praised my method of embedding source code for efficient document retrieval.

• Slackurity: Slackurity is a Slack bot that enhances security by prompting users to share Google Drive links instead of sending files over Slack, which have minimal security controls. It uses Google Drive to manage file uploads and permissions, ensuring secure sharing within Slack channels. Most importantly, it does not block employees from sharing files via Slack, but rather gives them the context and tooling necessary to make a secure decision. (link)
  • The project was featured in popular security newsletters TL;DR Sec and Unsupervised Learning.

• PII Detective: PII Detective uses AI to identify potential PII columns in your data platform and presents its findings in a friendly UI. With human verification, PII Detective will protect your PII using the platform's built-in data masking functionality (link)
  • The project was also featured in the TL;DR Sec newsletter

• Passwordless Authentication — Moving away from Yubikeys (Blog Post): Instead of purchasing and managing hundreds of Yubikeys, we successfully implement FIDO authentication using already available built-in device keys like FaceID, TouchID, and Windows Hello. Leveraging Okta for identity management, employees can securely register their devices with minimal disruption. The initial project planning to onboard 100% of the company to passwordless authentication took less than 90 days and did not require any additional spending. (link)