I am a Software Engineer at Google, specializing in the applications of generative AI to security operations. Since joining Google in 2017, I've focused on developing new security products and services for GCP customers.

Experience

GooglePrincipal Engineer

2017 — Now

San Francisco

I am the Tech Lead for AI/ML in Google Security Operations. We provide AI capabilities that are targeted at security use cases. To do this, we use retrieval augmented generation, tools and extensions, customized prompting techniques, in-context learning, and other techniques to provide solutions that reduce toil and help improve analyst efficiency.

My initial role at Google focused on supporting the Detection and Response teams by providing systems and tools necessary for threat detection and investigation. This included responsibilities such as data processing, developing detection rule frameworks, enabling rule authoring, and collaborating with internal threat intelligence.

The second role was leading a team, which I started in 2018, that is now part of GCP's Security Command Center. Originally named Event Threat Detection, it was GCP's first managed threat detection offering. Its core capability is a highly scalable rule pipeline that processes many petabytes of logs daily, providing users with near real-time rule execution. As both threat detection and Security Command Center expanded, I became the overall technical lead for our threat detection services. In this role, I worked across GCP to understand environmental threats, identify detection opportunities, and build scalable detection systems.

DatabricksSoftware Engineer and Manager

2014 — 2017

Berkeley, CA

At Databricks, my roles evolved with the company, leveraging my expertise in security and networking. As an early-stage startup employee, I took on a wide range of responsibilities.

I began as an Individual Contributor on a full-stack web development team. Key projects included planning and executing a near-complete rewrite of the Databricks frontend, migrating to React, and significant work on the web-serving tier. I also designed and built the initial billing and registration systems before the company's first product General Availability (GA). Additionally, I improved frontend engineering quality and stability by introducing testing frameworks and hardening the build pipeline. I also collaborated closely with other Databricks teams on compliance and security initiatives.

In January 2015, I transitioned into an engineering team lead role, managing the team for about a year as it grew to 11 people. The team's focus remained on web engineering, specifically user-facing features. As the team scaled, I divided it into two and continued to manage the more user-facing and frontend-focused segment.

In March 2016, I changed roles again and was the team lead for the internal tools and infrastructure engineering team. The initial focus of this team was on improving build, test, and release stability.

UC BerkeleyResearch Scientist

2011 — 2014

Berkeley, CA

Working on a number of research projects that focus on exploring the infrastructure that the bad guys use to abuse computer systems. Primarily measurement, analysis and system building.

UC BerkeleyPostdoc

2009 — 2011

Postdoc researcher in the EECS department, doing security research.