Professional Documents
Culture Documents
Currently I am responsible for architectural review and planning for Security Assurance, Application
Design Review, Security Process Creation. Review application designs submitted by members of various
teams, also design and increase the adoption of security-related processes, including Threat Modeling,
Code Review, Defect Resolution, etc. -Ensure appropriate knowledge transfer to enable technology teams
to design and implement appropriate safeguards. -Risk management through identifying vulnerabilities
and tracking / driving their mitigation.
Attacker-Centric Attacker-centric threat modeling starts with an attacker, and evaluates their goals,
and how they might achieve them. Attacker's motivations are often considered, for example, "The NSA
wants to read this email," or "Jon wants to copy this DVD and share it with his friends." This approach
usually starts from either entry points or assets.
Asset-Centric Asset-centric threat modeling involves starting from assets entrusted to a system, such
as a collection of sensitive personal information.
Solution Architect
Provides technical and business domain throughout feature development also working on pre-envisioning
phase to development and sometimes deployment.
Building integrations based on core technology, providing feedback on product features and priorities to
the product management.
1. Troubleshooting performance, scale, availability issues for integrated solutions and debugging
Production Problems
2. Hands-on engagements to implement application also Hands-on assistance with Integration (code-
reviews, code-samples etc.)
3. Positioning technology while providing prospects/customers with a framework and methodology for
evaluating Distributed Computing technology and an assessment of product fit to the customer's
enterprise/application's architectural needs.