I am a security software engineer with 5+ years of experience writing and maintaining secure code across the full development stack. I am currently a member of Microsoft's Azure Data Red Team responsible for ensuring the security of cloud products impacting millions of users. I love problem solving and deep diving to find obscure threats and vulnerabilities. I am a firm believer that quality is not an act, but a habit. As the saying goes: "Quality means doing it right when no one is looking."
I am a member of Azure Data Red Team responsible for penetration testing and red-teaming all data offerings (SQL, MariaDB, Kusto, etc). My work includes the development of testing tools and other automated software that improves the team's overall efficiency when conducting engagements. A portion of this work has been to improve open-source tools such as the REST API fuzzing tool RESTler.
I am the team leader for cyber software development on a large scale space-based program. My team is responsible for ensuring all software development meets the DoD's guidance for Software Assurance and Application Security. This includes the identification of defects through static code analysis, threat modeling, security-focused testing, and security architecture and design reviews. Since joining the program we have successfully reduced the defect density for newly introduced code by 87%, while at the same time working with relevant teams to reduce the backlog of defects at a rate that will result in zero outstanding code defects by the overall program's delivery date.
Concurrently, I am the project lead on a Python and Angular based-UI tool that provides explanations and suggests recommended code fixes for defects identified by various static code analysis tools. The purpose of this tool is to reduce the barrier for entry for developers to incorporate static code analysis into their standard development workflow. Our mission is to have developers who use this tool commit defect-free code without a reduction to their overall productivity rate and without increasing technical debt.
** From October 2021 - February 2023 worked as a part-time advisor and subject matter expert for the program.
I am a member of a small team of subject matter experts that provide software assurance and other cyber-resiliency guidance for various space and airborne programs within our division. In support of this objective my team and I have provided various ROM estimates for cyber related activities on proposals our division is bidding.
At the same time, I support an internal research and development team tasked with rapidly developing a model-driven python-based desktop application with an accompanying backend database. The goal of the application is to automate proposal documentation and to provide a standardized and unified database for all programs. Since joining the project soon after its inception, we were able to release a complete version in less than 6 months with a reported 50% drop in turn around time for document generation. One of my major milestones was implementing specific protocols to ensure the CIA triad was enforced for all data states (at rest, in transit, and in use).
Performed real-time analysis of multiple clients' networks to determine risk and vulnerability. Through the use of a proprietary SEIM system, I was responsible for analyzing logs and network traffic to determine if a network was compromised or a host was infected. In this capacity, I gained valuable insight into vendor specific logs (Splunk, Palo Alto, Fortigate, Microsoft ATA) as well as a comprehensive understanding of suspicious traffic patterns and connections.
As my role within the company expanded, I developed threat advisories and actionable mitigation steps through proactive threat hunting . To help automate that process, I created custom detection logic that was driven from vulnerability assessments of a client's environment. The result of this automation was a 60% increase in individual productivity and a sizable decrease in false negative click through.
In charge of Azure Online migration/hybridization. As part of this migration, I rolled out a unified identity solution between Azure AD and on-premise AD through federation services. I also transitioned on-premise Exchange and Skype for Business solutions to a hybrid setup allowing for higher availability and cost savings. Additionally, I wrote custom search pages to allow easier access to SharePoint documents utilizing its query API. Some other interesting projects were troubleshooting DMZ routing issues in S4B with Wireshark and Fiddler as well as writing a Powershell GUI interface to automate user creation and onboarding.
Over the course of two summers with this organization, I was able to deploy a Windows Active Directory environment from the ground up. Worked within the time frame of the internship to ensure little to no network downtime and no impact on employee efficiency. Learned how to troubleshoot problems on the fly, stay cool under intense pressure, and how to create detailed and proper documentation. In my second round as an intern, I focused on hardening the domain against infiltration and lateral movement; rolling out new policies such as admin privilege segmentation, DNSSEC, SMB signing, LAPS, and NTLM restrictions.
Worked collaboratively with a team of undergraduates to deliver proof-of-concept MRAM demonstrator in a 3-month time frame. Wrote GUI front-end using Qt framework for C++ in addition to writing hardware controller interface between the Raspberry Pi controller and an off-the-shelf touchscreen. Final design allowed users to write and read back data directly from a MRAM chip produced in the lab. Additionally assisted in hardware soldering, MRAM silicon etching, and electromagnetic modeling.
A website designed to analyze a given IP and determine its risk value and the likelihood of it being an IOC. The site pulls from a variety of publicly available APIs, feeds, and dumps and through a purpose-built algorithm is not only able to score the IP's risk factor, but also indicates the confidence of the given score. The goal of the site is to assist in DFIR as a quick litmus test to see if a given IP is worth further investigation. Although designed to help cyber security professionals, the addition of dynamic descriptions based on the score and confidence helps the average user stay safer online and perform self-tests to determine their own risk.
A fully integrated Linux TTY driver supporting the BCM2835 UART hardware controller as part of the Raspberry Pi 2/3 series of microcontrollers. The driver fully implements all functionality supported by the BCM2835 UART1 hardware controller in addition to standard UART software controlled features such as software-defined flow control and a rolling counter of all interrupts. Expanding upon normal functionality, the driver features a number of validation checks (Surendar & Gopalakrishnan 2017) including a hardware self-test to indicate any hardware failures upon driver load. Additionally, there is a remote autonomous diagnostic mode, where the receiving node can be probed to ensure hardware functionality by the sending node.
A scale model computer-controlled signaled intersection complete with working timing, vehicle sensing, and emergency vehicle override. The scale model was designed in LDraw and constructed out of LEDs and Legos. A Raspberry Pi controlled the LEDs with inputs from Hall effect sensors that would detect the cars waiting at the intersection as well as IR sensors that would detect the presence of emergency vehicles. Controller logic was modeled after a real traffic controller and was able to learn and adapt allowing longer green time for the busier street.
A complete system that allowed music being played on a computer to be visualized by a strip of LEDs (ideally placed within a windowed computer case). The project was composed of two parts: The Arduino that controlled the LEDs and the Processing program that converted the sound being played to data the Arduino could interpret. Upon sound being played, a FFT process was run on the sound, which was then processed to produce a number of frequency buckets. Each bucket was assigned a slightly different hue, such that the frequency range corresponded with a range of hue values. The hue was then broken up into its respective RGB values and transmitted over UART to the Arduino. The Arduino then took the data and displayed it visually, either as a pulse, wave, or solid color transition effect. A Processing GUI allowed for a rotation of the hue spectrum and brightness controls.
When I'm not working or studying, I enjoy spending time working on personal projects ranging anywhere from creating over the top contraptions controlled by an Arduino to building Ikea furniture. I also spend my time keeping up to date on the latest security vulnerabilities and trying new things in my home lab. To unwind I enjoy "bad" sci-fi movies (Starship Troopers and Oblivion anyone?), living a second life as a mayor / benevolent god in Cities: Skylines (aka SimCity, but actually enjoyable) and when I have time, I do my level best to not burn down my kitchen - and sometimes the food is actually really good.
When I'm not cooped up indoors, I love backpacking and camping. Living in the traffic monster that is Los Angeles, it is always magical to see the untapped majesty of our National Parks. Of course even LA can be an interesting sight from the air. Being close to the Pacific Ocean automatically makes me partial to water; I do enjoy a nice day out kayaking or paddle boarding. In general, if something is able to break me away from my normal routine, sign me up.