Google (Mandiant Cybersecurity)
Jan 2025 โ Present
Performed LLM/AI red teaming including prompt injection, guardrail bypass, and sensitive data extraction testing for a mid-size e-commerce client. Implemented SSO integrations using Okta (SAML 2.0, OAuth 2.0, OIDC) for 10+ enterprise apps. Designed M365 Security Groups and dynamic membership rules in Entra ID. Conducted web app penetration testing aligned with OWASP Top 10 (IDOR, XSS, SQLi, SSRF) using Burp Suite and custom Python/Bash scripts.
Trimlite
Nov 2024 โ Jun 2025
Built end-to-end ETL pipelines using Azure Data Factory to ingest 4.3M+ transactional records from legacy ERP systems into Azure SQL Database. Enforced RBAC at database and reporting layers. Developed Power BI dashboards for supply chain analytics, reducing reporting turnaround from weeks to minutes.
Google (Mandiant)
Jun 2024 โ Sept 2024
Built Terraform IaC on GCP for red-team environment provisioning, reducing setup time from 2 hours to 12 minutes. Performed network and infrastructure penetration testing for a national healthcare client including Active Directory exploitation and BloodHound analysis. Designed phishing simulation sites and executed 10+ vishing calls for social engineering assessments.
Deloitte
Jan 2022 โ Jul 2023
Implemented SSO with Okta (SAML 2.0, OAuth 2.0, OIDC) across 10+ enterprise apps for AIG New York. Designed RBAC policies aligned with SOX and SOC 2. Implemented MFA/Adaptive MFA per NIST 800-63. Resolved 1,000+ production access issues via ServiceNow. Monitored auth logs with Splunk. Built Python/Selenium automation for Saviynt IAM workflows, cutting manual intervention by 30%.