Spearheaded end-to-end planning, scoping, and execution of diverse security assessments for VMware's entire spectrum of business units. Conducted comprehensive testing encompassing red team, purple team, cloud (AWS/GCP/Azure), web, mobile, infrastructure, and product assessments.

Oversaw the scheduling, scoping, and execution of penetration testing and SOC audits for VMware's End User Computing (EUC) solutions, including VMware Horizon, Horizon Cloud, Workspace One, and Workspace ONE UEM.

Pioneered the development of processes and tools, significantly mitigating the risk of credential exposure for VMware in both public GitHub repositories and private source code management. Successfully identified and remediated over 200 critical secrets exposed on the internet, including valid cloud service provider access tokens, internal system credentials, and customer vCenter logins.

Led and executed a variety of technical security assessments such as, internal and external penetration testing, web application assessments, and mobile application assessments with a primary focus on red and purple team assessments.

During purple teams, I facilitated deep-dive workshops with clients’ SOC and Incident Response teams to assess and improve their detection capabilities. Provided clients with in-depth details of techniques mapped to the MITRE ATT&CK framework and indicators of compromise for each technique.

Member of malware and tool development research domain where my duties included researching and developing advanced techniques, malware payloads, a custom C2 server, and other tools to aid PwC in red team assessments.

Member of web and mobile assessment research domain where my duties included researching and developing new techniques to aid in application security testing.

Implemented Oracle IDM Suite of products including Identity Manager, Adaptive Access Manager, and Access Manager at a multitude of clients.

As part of clients’ SDLC I lead teams of onshore and offshore resources through multiple implementations and improvements to clients IDM applications.

Developed custom Java applications to integrate with Oracle’s IDM suite to integrate with Office 365, Active Directory, Amazon Web Services, and other applications.

Performed functional testing for many custom applications to ensure thousands of use cases worked as anticipated. Performed root cause analysis to understand the underlying problems by looking through code and logs to fix the issues.

Helped develop a custom REST API to interface between custom client applications and Oracle IDM application, which enabled the client to support MFA to millions of users around the world.