GUNA SEKHAR KOTA

• Provisioned SSH keys and Kerberos Keytab Files on production servers to enable non-interactive, password-less connectivity between service accounts
• Remediated and patched vulnerabilities in production systems to uphold security standards and protect against potential threats
• Streamline workflow by managing diverse range of technical tasks
• Ensured timely resolution / minimal disruption to services by troubleshooting production issues reported through ServiceNow
• Reduced workload / improved system response time by developing automation scripts in shell to streamline business-as-usual activities

• Managed the migration of the existing code base from ClearCase to Bitbucket and Jenkins Pipeline to streamline development processes and version control
• Developed Command Line Interface scripts to automate the migration of Luna IS6 Hardware Security Modules (HSMs) to the modernized SA7 Hardware Security Modules (HSMs)
• Created new cross-platform compatible tools and scripts to facilitate the migration of customer-specific IS6 HSMs to SA7 HSMs
• Enhanced performance by transitioning legacy software modules written in PERL, C++, and JAVA to modernized environment
• Improved functionality / user experience by developing applications for platforms through multiple programming languages

• Involved in migration of RSA Private Keys from the THALES nCipher nSolo environment to the SafeNet Hardware Security Module (HSM) by utilizing OpenSSL and various encryption, decryption, wrapping, and unwrapping methods to ensure secure key management
• Engaged in the design, development, and testing of a monitoring daemon to oversee the performance of hundreds of crypto-intensive SafeNet HSMs in a distributed environment

• Led the migration of Certificate Authority servers from HP-UX to Red Hat Enterprise Linux and transitioned the SafeNet CA4 Root Key Management System to SafeNet Network HSMs, enhancing system reliability and security
• Configured HSMs in High Availability mode to validate system robustness as part of a Proof of Concept
• Developed a monitoring application service (daemon) using PERL to track the health of Hardware Security Modules, monitor SSL certificate lifetimes, and generate event logs
• Collaborated with security operations and global security teams throughout the project lifecycle to ensure alignment with global security policies
• Automated the periodic publishing of Certificate Revocation Lists and Combined CRLs for SWIFTNet PKI Root CA using shell scripts
• Ensured the reliability and effectiveness of the monitoring application by creating and deploying automated tests
• Facilitated remediation and deployment by utilizing security tools to produce compliance / vulnerability reports
• Assured seamless transition by engaging in PoC development for data migration from SWIFTNet CA from HP-UX to RHEL
• Authored extensive Witness Ceremony Documentation (over 1800 pages) for the deployment of the newly introduced PKICA security infrastructure across various sites

• Collaborated closely with Business System Analysts to comprehend project requirements and implemented modifications to legacy multi-threaded batch processing applications
• Optimized reporting features of large text file reports by converting into PDF format
• Enhanced functionality and user experience of server-side applications by resolving defects, implementing enhancements, and deploying updates

• Played a key role in the design and development of the Command Line Interface for the Denon/HEOS Wireless Multiroom Speaker System to facilitate integration with third-party home automation control systems
• Implemented Singleton, Command, and Observer design patterns extensively to develop robust and scalable software for controlling Wireless Network Music Players
• Enabled communication with C++ Media Player SDK by utilizing Sockets, Multi-threading, and Publish/Subscribe mechanisms

• Contributed to the development of an Erlang/OTP-based PUSH messaging application capable of managing 1 million persistent HTTP connections, connecting seamlessly to cloud infrastructure platforms like apple push notification service and google cloud messaging
• Employed Erlang OTP design patterns, particularly gen_server and supervisor behaviors, to build a Push Controller Application Server
• Ensured high availability and robustness of the messaging system by implementing clustering across multiple nodes
• Promoted deployments and release management by developing shell scripts that enhance / streamline build environment

• Company Overview: (Acquired by BNY Mellon)
• Led enhancement, bug fixing, and unit testing of FDN, a C++ based sequential batch processing financial application that processes millions of records daily for wealth reporting purposes
• Directed major refactoring of 300,000 lines of core application code to improve efficiency and maintainability, including debugging interfaces and fixing errors in production environments
• Enhanced data handling capabilities by transitioning system from legacy Codebase/DBF files to scalable Faircom c-tree database
• (Acquired by BNY Mellon)

• Played a critical role in modifying and maintaining core software components across network devices and central server systems, including routing protocols, firewall implementations, database optimizations, and proxy management
• Handled migration of large source code base from CVS to SVN repositories
• Updated and converted production AAA configuration files from FreeRADIUS version 1.1.0 to 2.1.1, aligning with newer technology standards and security protocols
• Refactored numerous AWS-specific packages during the migration of AAA servers from Solaris to Linux, utilizing Test-Driven Development and Agile methodologies such as Scrum and Kanban to ensure quality and timely delivery
• Developed automated tool to log into approximately 27,000+ production Network Management Devices within AWS network
• Ensured smoother operations and system compatibility by conducting migration of production DSL Authentication, Authorization, and Accounting (AAA) servers from Solaris to Linux, specifically Debian Lenny and Debian Squeeze versions
• Improved system efficiency by overseeing migration of Dial Back Up AAA servers from older Debian Linux to Debian Linux

• Migrated the RECACC application from INFORMIX to ORACLE, leading the database conversion.
• Performed C++ code flow analysis using Source Insight and developed design diagrams with MS Visio.
• Refactored and enhanced the C++-based SMAccess Module to interact with nationwide telecom switches, executing CLI commands and collecting switch data for inventory and billing comparison.
• Redesigned the C++ Table Server Application to streamline its interactions with the JAVA GUI client.
• Utilized Oracle SQL Developer, DB Access, Aqua Datastudio, and SQL*Plus for database migration from Informix to ORACLE.
• Developed automated scripts using SSH, SFTP, Perl, and Shell (csh, ksh) to automate binary transfers and other repetitive tasks.
• Environment: Solaris, C++, ORACLE 10g, SQL, SFTP, SSH, VzDB, LibXML, Exceed, Rational Purify, SNMP, SQL*Plus, Shell Scripting (csh, ksh), Perl, Cronjobs, Telecom Switches (5ESS, GTD5, DMS10, DMS100, DCO), INFORMIX, STL.

The Management API is a set of APIs shared between appliance management software, including Web UI and CLI, and external management tools like WatchGuard System Manager (WSM). It serves as a helper function to assist management software with configuration generation and validation.

• Developed the Management API Abstraction Layer interface for managing user, user-group, physical interface, VLAN, load balance, and multi-WAN configuration objects.
• Wrote C code to handle XML configuration objects.
• Worked on an Embedded Linux platform for API development.
• Created callback routines for configuration generation, providing additional handling where necessary.
• Utilized the libxml2 open-source library for parsing and generating XML configuration objects.
• Used XPath to navigate XML documents and XBinder for encoding/decoding XML objects with XML Schema to C/C++ data binding.
• Employed the Valgrind memory analysis tool and GNU toolchain for performance optimization and debugging.
• Tested multiple scenarios using the WatchGuard Unit Test Framework to ensure reliability.
• Environment: Linux, C, libxml2, HTTPS, CLI, Web UI, XPath, XBinder, Perforce, XMLSpy, Linux, Berkeley Sockets, Valgrind, Secure Network Protocols (IPSec/IKE), Visual Studio 2005.

The MasterComm-300 (MC-300) is an embedded computer device that interfaces SAS-capable slot machines with the Slot Data System (SDS) for backend slot accounting. Internally referred to as the Game Management Unit (GMU), these devices have been utilized in SDS systems for several decades. The MC-300 is powered by a 32-bit ARM-9 microprocessor with 32 MB of RAM and 32 MB of flash memory.

• Analyzed GMU requirements and the Slot Accounting System (SAS) serial communication protocol.
• Gained proficiency in using OS abstraction layer libraries based on Bally’s advanced development framework.
• Developed a RAM file system using the resource manager framework.
• Implemented the authentication and authorization module for the MC-300.
• Created code to handle SAS serial data using asynchronous, interrupt-driven serial communication for a QNX Neutrino-based x86 target board.
• Worked on the LCD Console Utility module to display various configuration parameters.
• Developed unit test code for the modules.
• Conducted performance and memory analysis of SAX and DOM parsers using Expat and libxml open-source APIs.
• Environment: QNX Neutrino, Windows, C++, Slot Accounting System (SAS) Protocol, XML, Berkeley Sockets, TCP/IP, Serial Communication.

The project aimed to deploy a new Service Delivery Platform (SDP) that extends the capabilities of the CPE Management System (CMS). The SDP allows third-party Service Application Providers to access and perform permissioned operations on managed devices (CPE and CE devices) within the home network through the CMS. Verizon monetizes this access by charging third-party providers for the operations they are authorized to perform on the home network.

• Developed C++ modules for Service Delivery Platform (SDP).
• Utilized SQL queries to retrieve and manipulate data from tables stored in a DB2 database.
• Leveraged the XBinder XML schema to C/C++ Data Binding toolkit to generate serialization and deserialization methods.
• Updated the Interface Control Document (ICD) to reflect changes in the API.
• Tested various request/response scenarios to ensure correct functionality.
• Fixed bugs and enhanced build scripts and makefiles for streamlined development.
• Environment: Windows, Solaris, C/C++, STL, .NET, DB2, SQL, CVS, MQSeries, XML, Shell Scripting, Visual Studio 2003.

The Sea Dragon handset is a next-generation automobile diagnostic tool featuring a touch screen display for diagnosing internal vehicle modules. The system operates in a multi-threaded and multi-process environment with distinct layers, including Data Coordinator, Data Manager, Presenter, and User Interface.

• Created sequence diagrams using the UML tool, Enterprise Architect, to model system interactions for Vehicle Communication Interface (VCI) Coordinator.
• Developed code for client/server architecture utilizing TCP/IP sockets.
• Implemented concurrent server code using the select method for multiplexing.
• Developed the Protocol Data Unit (PDU) API to manage communication protocols.
• Integrated and tested the above modules to ensure proper functionality and performance.
• Used Embedded Linux OS as the base platform for the project.
• Environment: Windows, Linux, C++, Clearcase, Enterprise Architect, TCP/IP Socket Programming, POSIX Threads (pthreads), Berkeley Sockets, J2534 API DLL, Modular Vehicle Communication Interface (MVCI).

This project involved implementing compliance measures for retailers of products containing PSE (pseudoephedrine), as required by federal regulations. The system was designed to enforce a 30-day limit on PSE sold by weight per customer, a daily limit, and capture customer information such as name, address, and government-issued photo ID for identity verification. The system also needed to capture customer signatures and provide customer data, purchase logs, and signatures at the store level upon request.

• Designed and implemented a TCP/IP communication interface for the Linux-based POS server to send and receive requests/responses to and from the Java-based PSE compliance server.
• Translated use cases into code to meet functional requirements.
• Developed decoding functions to extract driver's license and state ID information from the Hypercom L4100 Magnetic Swipe Reader, in compliance with AAMVA standards.
• Implemented base64 encoding/decoding for signature images.
• Implemented 'Store & Forward' feature to handle connection loss or failover scenarios between the POS server and PSE compliance server.
• Conducted code walkthroughs with software engineers and technical leads to ensure adherence to coding standards.
• Tested various scenarios, including both successful ("happy day") and failure ("rainy day") test cases.
• Identified and fixed coding issues found during testing and production.
• Documented defects with comprehensive details and logs in ClearQuest, enabling quick diagnosis and fixes with minimal assistance from technical leads.
• Environment: Linux-based POS Server, Hypercom L4100 Magnetic Swipe Reader, TCP/IP Concurrent Client/Server, Java-based PSE Compliance Server, CVS, ClearQuest, GCC, DDD (Graphical version of GDB), C/C++/Linux System Programming, Berkeley Sockets, XML, Java, SQL, Oracle 9i.

This project focused on porting the Signaling Gateway (SGW) source code from an AIX environment to a Linux environment. SGW, a distributed architecture, consists of various components such as OMNI, ISUP Router, Transaction Control Layer (TCL), State Machine, and ING. OMNI handles the MTP Layer 1 to Layer 3, failover capabilities, gateway process management, and network configuration (DPC/OPC/Linkset/Routeset). The ISUP Router registers CICs with OMNI, reads and writes ISUP messages, and manages ISUP timers for message retransmission. The TCL manages MSP and ISUP state machines.

Signaling Gateway Hardware End of Life:

• Resolved compiler, linker, and byte-order issues while porting 0.5 million lines of C/C++ code from PowerPC (AIX OS) to x86 (Linux OS).
• Addressed OS dependencies such as differences in signal handling tables between AIX and Linux.
• Debugged issues using Ethereal (Wireshark) hex dumps.
• Integrated the system with Ulticom’s Signalware SS7 stack (Linux).
• Verified ISUP and TCAP message functionality.
• Tested and integrated the solution with Verizon/MCI network.

Supervisor Monitor Phase 3:

• Translated functional requirements into use cases for development.
• Implemented new code modifications into existing production code as per project requirements.
• Reviewed and modified the high-level design documentation.
• Enhanced the INCP XML parser by adding new code for handling additional parameters using STL sets and queues.
• Authored release notes and applied bug fixes for production issues.
• Updated build scripts to manage the release process.
• Environment: C/C++, Red Hat Linux (Version 3.2.3), AIX (Version 5), g++/gcc, x86/PowerPC, Visual Age C++/C Compiler for AIX (xlC/c), Ulticom’s Signalware SS7 (OMNI) platform, GNU GDB, GNU Make, XML, libxml, Shell Scripting, SQL, Clearcase.

• Executed weekly regression and daily sanity tests for VXSM software images.
• Conducted software upgrade testing to ensure stability and compatibility.
• Performed root cause analysis on test failures and logged defects using the Defect Distribution and Tracking System (DDTS).
• Maintained and troubleshooted Tcl/Tk scripts for test automation and system maintenance.
• Released software images to the development test team after verifying image integrity and functionality.
• Environment: Voice Switch Service Module (VXSM), MEGACO (H.248), MPEG, Audio, ATM Switching Service Module (AXSM), PXM45 Control Module, Solaris 2.6. C/C++, C/C++, Tcl/Tk and Expect, Cisco BFG/VXSM Media Gateway, Cisco MGX 8850 Multi Service Switch

This tool is designed for test automation of complete Motorola CDMA Network infrastructure (i.e., MSC, BSC & BTS) which contains several Network Elements and as many number of proprietary and standard protocols. This tool is based on “Enhanced Tool for Integrated Test Execution (ENTITE)”, is a data driven generic solution for script based interface testing of different components of a communication network.

• Customized the ENTITE code to meet project-specific requirements.
• Developed a default configuration file parser using Flex and Bison for efficient file handling.
• Optimized CLI commands to enhance performance and usability.
• Reverted pre-conditions after test case execution to ensure a clean testing environment.
• Conducted testing and monitoring of the CDMA 1X System Network under various conditions.
• Environment: Solaris 2.6, Perl, CLI, C/C++, SIT ENTITE based Test Regression and Automation (SETRA)

• Ported the existing Session Initiation Protocol (SIP) stack from RTXC to Linux.
• Developed SIP applications using the RADVISION SIP stack.
• Conducted comprehensive testing, including protocol conformance, interoperability, feature validation, and stress testing.
• Environment: Linux, VoIP, Netbricks ISDN, RADVISION H.323 and SIP stacks, GCC/g++, C/C++, Hammer Call Analyzer, Motorola PowerPC, Multiple T1/High Density VoIP Gateway

This project focused on the development of a 24-channel VoIP gateway, incorporating signaling protocols such as SIP and MGCP. The Session Initiation Protocol (SIP) is used for initiating, managing, and terminating voice and video sessions across packet networks. SIP operates through four logical entities: User Agent, Proxy Server, Redirect Server, and Registrar, each with specific functions. The Session Description Protocol (SDP) is integrated into SIP to handle multimedia session announcements, invitations, and session details.

• Created thread-safe and reentrant parser code for SIP and SDP utilizing Lex/Yacc and Flex/Bison.
• Set up, configured and loaded VxWorks Bootrom code into MTX604e Motorola PowerPC.
• Ported the SIP stack from Linux to VxWorks and Windows environments.
• Developed an abstraction layer for OS system calls to ensure portability across platforms.
• Conducted SIP Proxy Server testing and wrote test cases for SIP features, including call transfer, call cancellation, and call forwarding (busy, no answer).
• Performed interoperability testing to ensure system compatibility with other SIP-based devices and services.
• Environment: Linux, C, RTOS - VxWorks, Windows, Motorola PowerPC (MTX604e), Flex, Bison, Lex/Yacc, SIP, MGCP, Audio, Rational Purify/Quantify, GCC, GNU Make, GDB, CVS.

• Conducted hardware testing of the Geiger Muller Counting System and Gamma Ray Spectrometer.
• Performed calibration and troubleshooting of production units to ensure proper functionality.
• Managed installation and commissioning of equipment at customer premises.
• Executed linearity and performance tests to validate system accuracy.
• Troubleshot and resolved issues on-site for customers.
• Utilized Cathode Ray Oscilloscope (CRO), Logic Analyzer, and Tail Pulse Generator for diagnostics and troubleshooting of the equipment.