Shoptaki

Shoptaki

Application Security Engineer

July 2025 – Present | New York City, NY

• Conducted secure code reviews and implemented SAST with Semgrep, scanning 15K+ lines of Python and C++ code; remediated 40+ vulnerabilities and reduced critical findings by 35%.
• Implemented SmartChain QUIC enhancements (Python, aioquic) to enable passwordless SmartID authentication, encrypted policy distribution, and low-latency TLS 1.3 communication.
• Built a Secure Data Transfer Service with SPIFFE-based mTLS and JWT authorization, enabling user-consented document exchange while ensuring compliance and privacy.

Motorola Solutions

Motorola Solutions

SOC Analyst Intern, Co-Op

April 2024 – Dec 2024 | Allen, Texas

• Ingested and analyzed security logs from Palo Alto firewalls and Docker containers for File Integrity Monitoring (FIM) using Elastic SIEM’s FileBeat and MetricBeat, enhancing incident response and threat identification.
• Created and tuned 20+ correlation rules in Elastic SIEM (KQL) to detect threats (e.g., lateral movement, credential abuse), improving alert fidelity by 40%.
• Developed a Python script to automate parsing and enrichment of log data from Elastic SIEM, reducing manual effort in daily investigations and accelerating initial triage workflows by 30%.

Cognizant

Cognizant

DevSecOps Engineer

Sep 2021 – July 2023 | Kochi, India

• Developed applications in Python and JavaScript with unit and integration tests, applying OWASP practices (input validation, encryption) and integrated OWASP ZAP/SonarQube into CI/CD to reduce vulnerabilities.
• Engineered and deployed a Threat Hunting Content Pack on Cortex XSOAR using Python, automating incident retrieval, playbooks, and dashboards for analysis.
• Resolved 300+ Jira issues and collaborated with cross-functional teams to enforce NIST, HIPAA, GDPR; contributed to Agile ceremonies and peer code reviews, achieving 100% compliance in quarterly audits.

Cognizant

Cognizant

Application Security Intern, Co-Op

Nov 2020 – Sep 2021 | Kochi, India

• Developed secure apps with JavaScript, Node.js, and Python; used Semgrep for static code analysis to fix XSS and SQL Injection vulnerabilities. Supported security reviews and research.
• Integrated Rubrik, Bitsight, and Flashpoint with Cortex XSOAR to automate workflows and enhance threat response using Python and REST API, automating security workflows and enhancing threat response capabilities.
• Conducted threat research and documented recurring vulnerabilities and secure coding practices aligned with the OWASP Top 10, building reusable knowledge bases that accelerated future security assessments.