Technical lead - cloud infrastructure security. Delivered projects and received Cloud Technical Impact awards for:

Key Rotation capability for Google Sovereign Cloud

• Technical lead for the infrastructure built to rotate cryptographic key material to meet stringent sovereignty requirements to handoff cryptographic control to partner operated, isolated, sovereign Google cloud.

• Achieved unprecedented expedited end-to-end rotation for root keys, equivalent to emergency key rotations unlocking the ability to quickly take control of such sovereign cloud universes and also for emergency responses in the event of key compromise

• Automated the process to ease usage for external partners to perform key rotations when taking over the cloud region

• Ensured rapid public key distribution to consumers of asymmetric key pairs in the production infrastructure, which requires ensuring security critical keys are rotated without compromising on reliability and availability of the fleet.

• Set the agenda for multiple teams across Google, proposed solutions and designed components to deliver this capability.

• This unblocked sovereign customer onboarding in the first Sovereign cloud offering in Paris and enabled further Google Cloud deals

Enforcing Boot Integrity on Google Production machines

• Ensured that if any data center machine boots software that deviates from the intended state, the machine cannot decrypt and perform operations with the credentials that it needs to operate within the fleet.

• Designed and developed features to trigger automated repair actions by machine management infrastructure on such machines that deviate so that they cannot participate in workload scheduling until they run the intended boot stack.

• As the technical lead of engineers on the team, led development of tools to monitor and debug machines without credentials that are otherwise unreachable through regular connectivity channels.

• Drove security and reliability reviews

Software Development of security features in VM Platform infrastructure at the Cloud Platform group. Security features include vSphere Trust authority, TPM2.0, vTPM2.0 for the hypervisor and Guest operating systems.

Designing specs for features across VMware products including VMware on AWS Cloud.

Mentored interns and engineers.

Often delivered technical presentations including talks at security conferences.

Development and testing of virtual devices, virtual firmware for Guest Operating Systems running on ESX hypervisor.

Operating System enabling for Windows OS on Intel platforms.

• Owned, developed and delivered upcoming technologies. Drove the feature to completion in collaboration with multiple teams including Intel Labs, Hardware Architecture teams among others.

• Optimization of Intel IO Virtualization and Windows virtualization and memory manager features on Intel products. Developed and validated these features.

• System software development and system validation.

• Debugging kernel internals. System, hardware and application level debug.

• Performance tuning for optimization on power and performance. Writing apps (C/C++) for performance and power analysis of OS code flows.

• Programming - C, C++, x86 assembly, driver development.

• Device driver development for new hardware/OS features.

• Multi-tasking and collaboration with hardware, software and firmware teams. Technical documentation and presentations.