Responsible for leading designs and managing the Chrome Security Insights team - Product offering aims to empower administrators with valuable insights into high-risk activities and data exfiltration attacks.

Participated as a core member of the design team for Confidential VMs, developing the full disk encryption protocol utilizing TPM protectors. Established the provisioning process for vTpms in Confidential VMs and wrote designs for leveraging vTpm identity to attain an end-to-end hardware root of trust. This integration empowered customers with the ability to manually validate that their workloads were running on Confidential VMs or use the Microsoft Azure Attestation Service to achieve the same.

Served as an architect for the Azure trusted VM project, contributing to the design and leading a team to deliver the provisioning of Trusted VMs with virtual TPMs. Additionally, integrated with the Microsoft Azure Attestation Service and developed protocols to transmit attestation-related data to the security center, enabling the provision of attestation reports and remediation measures for policy violations.

To make Trusted VMs enabled by default in Azure, we developed secure pre-provisioning flows and AK injection techniques. This accelerated the vTPM provisioning process for TVMs, ensuring accurate identification of a vTPM provisioned AK and AK certificate to a Microsoft root CA. This was a crucial step in making Trusted VMs a default feature in Azure.

Designed the PKI infrastructure and policy engine for Azure Host Attestation. Azure hosts are provisioned by verifying their hardware reports generated by the TPM. Constructed a hyper-scale Attestation service that operates alongside the CA service to validate attestation reports, enforce policies, and establish identity using the hardware root of trust.

Led the development of platform integrity tools for Azure Host machines. These binaries ran on all Azure node machines and were responsible for enforcing code integrity using dynamic policies based on machine type.

Worked in Cognitive AI at Saffron Technology Group. Developed classification, anomaly detection solutions for customer use cases.

The saffron AI engine can analyze data in different configurations. Developed a tool that uses cross validation techniques to assess the right saffron configuration for a given data set. This helps data scientist to quickly assess which saffron configuration will work well for a customer use case.