Working on certificate and password management for VMware Cloud Foundation (VCF), an on-prem platform for managing compute, storage, and networking infrastructure.

Designing and implementing secure lifecycle workflows for certificates and credentials including rotation, validation, trust store synchronization, and maintaining PKI trust chain integrity across VCF components. Experience working with TLS certificates and internal CAs such as VMCA, along with standard OpenSSL-based tooling.

Also working on centralized password policy enforcement and secure credential lifecycle management for platform accounts.

Technologies: Java, Spring Boot, PostgreSQL

Designed and developed an Extended Detection and Response (XDR) solution that involves alert deduplication, classification, enrichment and correlation of EDR, EPP, IDS, NTA alerts. Building threat graphs by correlating enriched alert data to help visualize and triage incidents.

Designed and developed Managed Detection and Response (MDR) features like Threat Hunting that enables SOC analysts to find threats in historical data by utilizing the Carbon Black’s query language to write Indicator of Compromise (IOCs)

Led the migration of core applications from AWS to GCP after the acquisition by Broadcom, re-architecting infrastructure from AWS managed services to Kubernetes Operator-based Custom Resources (CRDs)

running on GKE.

Technologies: Java, Spring Boot, REST, OpenAPI, AWS services (SNS, SQS, ECS, Lambda, Aurora, S3, Kinesis, OpenSearch, DynamoDB), PostgreSQL, Apache Flink, Kafka, Redis, RabbitMQ, Docker, Kubernetes, Prometheus.

1. A lead engineer to build a Managed Detection and Response(MDR) platform that integrates seamlessly with Carbon Black Cloud. This is to increase efficacy of MD Analysts to be able to handle 100k endpoints per L1 Analyst.

2. Design the architecture of various micro-services involved in MDR.

3. Build features for efficient alert classification, correlation, triage and investigation and fatigue reduction.

4. Technologies: Java, Spring Boot, Python, AWS services (SNS, SQS, ECS, Lambda, Aurora, S3, Kinesis), Apache Flink, PostgreSQL

1. Lead the integration of SaltStack in vRA to enable manage software lifecycle on machines provisioned via vRA.

2. Developed port-forwarding through vRA by allowing NAT rules to be specified on network components connected to vSphere VM and NSX Load Balancers.

3. A lead contributor to the open-source project that enables integration between Terraform and VMware vRealize Automation (vRA) which allows Terraform users to request and provision vRA IaaS resources such as machine, network, load-balancer, along with initial setup of cloud accounts, zones, and projects across multiple public and private clouds.

4. Mentored a summer intern to develop an open source Visual Studio Code extension to author vRA blueprints in VS code and create and manage vRA (on-prem and cloud) deployments helping boost adoption of vRA.

Technologies: Golang, Java, Springboot, Typescript

An Open-source VMware Terraform provider for vRealize Automation (vRA) 7

1. Developed a self-contained deployable integration between Terraform and vRA 7 which allows Terraform users to provision and update infrastructure on private or public cloud. This enables developers to quickly provision infrastructure and adopt vRA without worrying about the complex UI and APIs of vRA 7

2. UI development for various features in vRA like quick setup to guide the users through infrastructure configuration. This includes adding cloud accounts, creating cloud-zones, projects, network and storage profiles, thereby, laying the foundation for infrastructure provisioning and management.

Technologies: Golang, Angular, Protractor for UI E2E