Experiences

Software Engineer (Full-time) | StepSecurity Inc.

July-2023 to Present

• Responsible for R&D of eBPF-based solutions for Linux based CI/CD environments. Capable of

  • Runtime monitoring of network-activity, process-activity and file-operations activity.
  • Runtime policy-enforcement at DNS and IP-layer to prevent exfiltration of information.

• Leading the R&D of eBPF based armour to detect/protect security-agents from tampering attacks.

• Led the porting of runtime-security solution to K8s environment for ARC-based self-hosted runners.

• Maintaining Harden-Runner.

---

Software Developer (Part-Time) | StepSecurity Inc.

April-2022 to June-2023

• Implemented eBPF-based HTTPS traffic interception capability in agent.

• Automated implementation of security best‑practices in GitHub Actions workflow files.

• Continued maintenance work on runtime security agent for CI/CD runners.

• Automated the manual-static-analysis process to figure GITHUB_TOKEN permissions for third-party Github Actions.

• Started contributing to Harden-Runner.

---

Software Developer (Intern) | StepSecurity Inc.

January-2022 to March-2022

• Performed source‑code‑analysis of 50+ OpenSource third-Party Github Actions for determining their GITHUB_TOKEN permissions.

  • Stored the analyzed-info in open-source knowledge-Database.

• Raised 15+ PRs in Github-Actions start-workflows to restrict permissions to least-privileges.

  • Resulting in secure-by-default starter-workflow.

• Implemented unit-tests/bug-fixes in step-security agent.