Projects / Current Project

Privacy Deletion Service

Led architecture design and coordination of Okta's cloud-native Privacy Deletion Service (PDS) for Layer0 infrastructure. As Senior Security Engineer with architecture focus, defined distributed state machine architecture, protobuf/gRPC communication protocols, and GDPR compliance patterns to orchestrate secure deletion across thousands of Auth0 customer spaces. This project demonstrates architect-level work delivered in a Senior Security Engineer role, showing readiness for Staff-level responsibilities.

Security Infrastructure Security

Cloud Native Compliance

Challenge

Design and implement a system to monitor and enforce privacy compliance across thousands of Auth0 spaces while maintaining data integrity. Key challenges included implementing reliable state machine logic for tracking deletion status, ensuring secure communication between central control and distributed agents, maintaining high reliability for sensitive operations, and integrating with asynchronous, unreliable data cleanup workers requiring specialized risk acceptance approaches.

Solution

Developed a sophisticated command-and-control architecture:

Command-and-Control Architecture: PDS Control as central orchestrator with distributed PDS agents
Centralized Audit Trail: Immutable records of all deletions for auditor compliance
Distributed Agent Model: PDS agents in each space executing local deletions
System Integration Framework: Specialized connectors for each integrated system
Risk Management: Tailored approaches for unreliable asynchronous systems
Data Protection: Safeguards against false deletions and failed deletions
Compliance Framework: GDPR compliance with comprehensive audit trails

Key Metrics

Deployed across thousands of Auth0 spaces

Processed 10,000+ deletion requests per month with 99.9% success rate

Zero data integrity failures in compliance operations

Complete coverage of Auth0 customer base

Comprehensive audit trail for regulatory compliance

Security Impact

Established a robust privacy compliance system operating across AWS and Azure environments, managing deletions for all Auth0 infrastructure components while maintaining zero tolerance for data integrity failures. The system prevents both unauthorized deletions and compliance violations that could result in massive fines or loss of customer trust.

Results

Successfully deployed across thousands of Auth0 spaces, achieving reliable privacy compliance automation under strict regulatory requirements. Maintained user confidence through reliable deletion operations and comprehensive audit trails while preventing compliance violations and data loss.

Related Projects

OCTOPUS: Security Framework Design Study

Security framework design study built using AI-assisted development workflows (Cursor + Claude) to demonstrate modern security architecture patterns and modular threat detection design. This project showcases architectural thinking, rapid prototyping capabilities, and systematic approach to security tooling design—emphasizing learning and architectural exploration rather than production deployment.

Security AI/ML

SOAR Migration Project

Coordinated the migration of DocuSign's security orchestration platform from a custom-built Houston (forked Huginn) solution to Tines, encompassing 100+ automation workflows across multiple security teams. As Senior Security Engineer, drove architecture design, vendor evaluation, cross-team coordination, and comprehensive threat modeling while maintaining zero downtime during the transition.

Security Automation

Impossible Travel Risk Detection

Built sophisticated risk scoring system for detecting impossible travel patterns in authentication logs. Implemented weighted factor analysis with historical context validation, achieving 85% false positive reduction through intelligent threshold management.

Security Data Analysis

View All Projects