summary

7+ years in cloud security, AppSec, and security automation at Scale AI, Rippling, Yahoo, GoJek, and Blinkit. Building contextual cloud security and AI-powered SOC triage at Scale AI. Built AgentJail for AI agent guardrails. Founded ShipSec.ai, an AI security automation platform. Active CTF player and bug bounty hunter. Acknowledged by US DoD, Google, GM, IBM.

Projects (2)

Jan 2026 - Current
AgentJail
https://agentjail.io
  • AI Security
  • Golang
  • Linux Namespaces

Policy-driven guardrails for AI agents. Lightweight Linux sandboxes with seccomp, network allowlisting, and cgroup isolation.

  • Linux sandboxes using pivot_root, seccomp, and cgroup v2 for safe execution of untrusted code.

  • Network allowlisting via HTTP CONNECT proxy with DNS rebinding protection and phantom credential injection.

Jan 2025 - Current
Honest Privacy Policies
https://honestprivacypolicies.org
  • Privacy
  • AI
  • NLP
  • Consumer Rights

AI-powered privacy policy analyzer. Reads 525K+ words of fine print and grades companies A-F in plain English.

  • Grades corporate privacy policies A-F, translating legalese into plain English.

  • Analyzed 525K+ words of fine print across major tech companies to surface data collection practices.

Work Experience (7)

Mar 2026 - Current
Infrastructure Security Engineer
Scale AI
San Francisco, California

  • Contextual security infrastructure protecting 100s of cloud accounts and trillions of assets.

  • Supporting automated AI-context triage SOC for security alert processing and response.

May 2025 - Mar 2026
Founder & CEO
ShipSecAI
San Francisco Bay Area

  • Built OSS no-code security automation platform from 0 to 1. Led team of 4. Pitched 50+ investors, secured Draper University and Antler EIR spots.

  • 100+ customer interviews for PMF validation. Developed GTM strategy and community presence.

Jan 2024 - Current
Founder & Security Consultant
SecureMyOrg
Remote

  • 15+ clients across US, UK, Singapore, India. VAPT, cloud security audits, and security engineering.

  • 95%+ client satisfaction. Coordinated freelance engineers to scale delivery.

Aug 2023 - Dec 2023
Security Engineer ( Contractor )
Yahoo
Remote, US

  • SEA Team: Automated critical migrations for on-prem security deployments.

Feb 2022 - Sep 2023
Security Engineer
Rippling
Bangalore, India

  • InfraSec: Automated Vulnerability Management System (VMS) and security infrastructure processes.

  • Assurance: Built product security automation and automated DAST.

  • ProdSec: Threat modelling and code reviews for product releases.

Feb 2021 - Feb 2022
Senior Information Security Engineer
GoJek
Bangalore, India

  • Compliance As Code: CIS Benchmark auto-remediation in GCP using Cloud Run.

  • Red Teaming: Escalated privileges to admin access across almost all GoJek infrastructure.

  • Pentesting: Web API and Android penetration testing for feature releases.

Apr 2019 - Jan 2021
Security Engineer
Blinkit ( formerly Grofers )
Gurgaon, India

  • G-Shield Security Bot: GitHub bot scanning PRs for secrets, code smells, vulnerable images, and sensitive mounts.

  • DNS-As-Code: Terraform pipeline for Cloudflare/Route53 DNS with failover switching.

  • Temp DB Credentials: Vault + GitHub integration for team-based temporary database credentials.

Education (2)

Aug 2024 - Dec 2025
Master's degree
Privacy Engineering
Carnegie Mellon University
Grade: 3.77/4
Jul 2015 - May 2019
B Tech.
Information Technology
IIIT Allahabad
Grade: 7.95

Publications

Mar 2026
Automate Once, Run Anywhere: The Docker Moment for Security Workflows in KubeCon + CloudNativeCon Europe 2026
Jun 2024
Security Champions LeaderBoard - Gamifying Security Culture in CloudNativeSecurityCon NA 2024
Nov 2022
Enforcing Security Best Practices using CI in DevSecOps Days India 2022

Awards (5)

Discovered Critical Data Leak in India's GST Portal - 2024
Government of India
HackIM CTF - 1st ( India ), 8th ( World Rank ) - 2018
NullCon - Walmart & VirtualBox
Found IDOR Bug in Digilocker ( GoI Initiative ) - Hall of Fame - 2017
Govt of India
Reported bugs to US DoD, American Airlines, Google, GM, IBM, MakeMyTrip, Myntra, Zoho, Sony etc
CTF Competition Achievements: 5th place CSAW Finals, 1st place Terminal Tragedy (NIT Trichy), Top 20 DRDO CTF - 2017
Multiple CTF Competitions

Skills

Cloud & Product Security

Advanced
  • AWS
  • GCP
  • Kubernetes
  • Terraform
  • IAM
  • Threat Modeling
  • Security Architecture

AppSec & Security Engineering

Advanced
  • SAST/DAST
  • Web/API Pentesting
  • Vulnerability Management
  • CI/CD Security
  • DevSecOps

Programming

Advanced
  • Python
  • Golang
  • Bash
  • Rust