MS CS @ RIT | Software Engineer @ American Technology Initiative | Senior Software Engineer@ CGI
A Computer Science graduate with four years of experience as a Software Engineer, specializing in the Security domain, particularly in Application security, vulnerability management, penetration testing, and identity-related projects.
Partnered with development teams to integrate Snyk SAST into CircleCI pipelines with a fail-fast policy, enabling consistent early-stage blocking of critical vulnerabilities; drove a 30% reduction in exploitable issues in production releases.
•
Influenced DevSecOps practices by building automated Bash and PowerShell monitoring tools to validate NLP model artifacts across CI/CD, staging, and production layers; mitigated production data leakage risk by enforcing artifact consistency.
•
Automated secure token lifecycle for Google Secret Manager using resilient Golang, Python, and Shell scripting services, eliminating manual handling and improving auditability of sensitive credentials across cloud services.
•
Conducted application code reviews and worked closely with engineering teams to embed secure coding practices, improving AppSec awareness and reducing repeated security findings.
Designed and deployed a real-time threat detection pipeline on GCP, combining BigQuery-based log analysis with custom ETL to automate weekly IOC reporting; directly supported SOC team threat investigations and response.
•
Evaluated and adopted Snyk (SAST) and Invicti (DAST) in CI/CD pipelines, introduced fail-fast security gates, and reduced build-stage vulnerabilities.
•
Developed a Python-based automation tool to integrate Snyk and Jira APIs, streamlining vulnerability management workflows; cut manual ticketing effort by 90% and improved time-to-remediation tracking.
•
Collaborated with infrastructure and Development teams to implement secure SDLC practices across core AI product stack.
