| Senior Security Researcher, Adobe |
Feb 2024 – Present |
| On-site |
| » Developed the first threat intelligence pipeline based on the Model Context Protocol (MCP), leveraging Large Language Models (LLMs) to extract, enrich, and contextualize indicators of compromise (IOCs) from PDF-based threat reports, enabling structured ingestion and accelerated threat response |
|
| » Led Project Redact, a cross-functional initiative to detect and remediate sensitive secrets—such as credentials, AWS secret keys, and tokens—within security and application logs; architected and deployed scalable solutions using Cribl and data lake pipelines, significantly enhancing data hygiene and compliance |
|
| » Engaged with multiple security vendors to evaluate and benchmark advanced solutions, including threat intelligence platforms and deception technologies, to enhance Adobe's detection and response capabilities |
|
| » Authored in-depth threat intelligence reports assessing the security and data governance risks of Large Language Models (LLMs), focusing on jailbreak techniques, prompt injection vulnerabilities, and exposure of sensitive data in enterprise environments |
|
| |
|
| Cloud Security Researcher - III, Adobe |
Aug 2022 – Jan 2024 |
| » Designed and implemented an extensible, modular framework for security data schema normalization, addressing data heterogeneity across diverse security telemetry sources |
|
| » Led the end-to-end development of a scalable security metrics framework on Databricks, integrating multi-source threat intelligence with logs from endpoint detection systems, firewalls, and network telemetry to drive actionable insights |
|
| |
|
| Cloud Security Researcher - II, Adobe |
Feb 2021 – Jul 2022 |
| » Designing, building, and maintaining scalable infrastructure to detect high-risk firewall rules, evaluate them against a standardized risk matrix, and automate risk-based approvals across Adobe Firewalls |
|
| » Responding to security incidents across Adobe data centers and public cloud environments, including AWS and Azure, to ensure rapid containment and resolution |
|
| » Performing threat modeling and automating the detection of security issues across hybrid cloud environments, while developing and deploying preventive controls within Adobe's storage, network, and compute infrastructure |
|
| » Collaborating directly with the Security Coordination Center (SCC) to triage, investigate, and remediate security incidents across on-premises and cloud platforms |
|
| |
|
| Security Researcher Intern, Adobe |
May 2020 – Aug 2020 |
| San Jose, CA |
| » Team: Enterprise and Cloud Security |
|
| » Designed and implemented an intelligent system to detect firewall rule violations and security policy breaches at the DMZ layer, reducing attack surface exposure |
|
| » Developed a comprehensive violation matrix, published internal best practices guidelines, and featured on the Adobe Blog for impact-driven innovation |
|
| » Spearheaded a strategy to align AWS cloud environments with Adobe's enterprise security policies, identifying gaps in existing security controls |
|
| » Proposed and demonstrated bypass scenarios for current AWS security detections, leading to the implementation of stronger controls across public cloud infrastructure |
|
| |
|
| Software Engineer - 2, Netskope |
Apr 2018 – Jul 2019 |
| Bangalore, India |
| » Malware Efficacy Project: Developed API’s and data acquisition framework for training models on file features. Increased scalability from few hundreds to 10M samples per day, helped in reducing False Positives |
|
| » Threat Intelligence Framework: Built a proactive Threat hunting framework for insights about the latest threats using file decomposition, macro analysis and dropped file clustering, improved detection rate by 50% |
|
| |
|
| Software Engineer - 2, Netskope |
Apr 2018 – Jul 2019 |
| Bangalore, India |
| » Malware Efficacy Project: Developed API's and data acquisition framework for training models on file features. Increased scalability from few hundreds to 10M samples per day, helped in reducing False Positives |
|
| » Threat Intelligence Framework: Built a proactive Threat hunting framework for insights about the latest threats using file decomposition, macro analysis and dropped file clustering, improved detection rate by 50% |
|
| |
|
| Software Engineer - 1, Netskope |
Jun 2017 – Mar 2018 |
| Bangalore, India |
| » Developed URL Heuristics engine using Machine Learning modelled on lexical features, dropped file extract, third-party reputation which improved the efficacy by 60% |
|
| » Integrated Cuckoo Sandbox for Ransomware File Encryption system and used this in generating threat intelligence, which acted as a key differentiator for Netskope threat capabilities |
|
| » Streamlined malware analysis with a task scheduling framework, integrated signature matching, static and dynamic analysis eliminating hours of manual effort at a cost reduction of 85% |
|
| |
|
| Threat Researcher, Netskope Threat Research Labs |
Jun 2017 – Jul 2019 |
| Bangalore, India |
| » Contributed to a world-class team focused on cloud threat and malware research. Worked on building cutting-edge security products that protect enterprises from advanced threats using machine learning, heuristics, sandboxing, and other detection technologies |
|
| » Played a key role in identifying and mitigating emerging cloud-based attacks |
|
| |
|
| Student Intern, Netskope |
Jan 2017 – Jun 2017 |
| Bangalore, India |
| » Automated Malware Analysis Pipeline: Developed a scalable malware analysis service with a plug-and-play architecture, RESTful APIs, task scheduling, batch processing, and a secure file upload portal |
|
| » Built on Celery and Redis, the system efficiently scaled to handle over 1 million files per day, significantly accelerating threat detection workflows |
|
| |
|
| Summer Intern, Krify |
Jun 2015 – Jul 2015 |
| Kakinada, India |
| » Developed cross platform applications |
|
| |
|
