Summary
Overview
Work History
Education
Skills
Accomplishments
Timeline
Generic

Rahul Suraparaju

Fremont,CA

Summary

Dynamic technology professional with extensive experience in product development, specializing in enterprise networking platforms. Expertise includes foundational knowledge of FreeBSD TCP/IP protocol stacks and current innovations in security landscapes, including Zero Trust, SDN, SASE, NaaS, and cloud computing. As a ground-up architect, responsibilities involved driving innovation through proposals and proof-of-concept demos, crafting high-level and detailed designs, coding for both proofs of concept and final products, and mentoring R&D engineers while overseeing QA test plans. Committed to troubleshooting field issues and developing effective resolution strategies, complemented by authored technical documents such as Security and Interoperability White Papers.

Overview

25
25
years of professional experience

Work History

Architect

Konica Minolta
Foster City, CA
09.2017 - Current
  • Led the architecture and development of an innovative cloud-native zero-trust security solution. Guided cross-functional teams in adapting to emerging technology needs. Enhanced the solution's market presence through strategic design choices.
  • Engineered a cutting-edge, highly available, and scalable IAM solution utilizing SAML2 and OpenID Connect for PC, web, and native mobile platforms in the healthcare sector.
  • Designed and executed a comprehensive cloud printing solution, ensuring seamless integration and adherence to FedRAMP and FIPS requirements for enhanced security.
  • Led evaluations of post-quantum readiness for secure access control and data workflows, focusing on printing, scanning, and document sharing. Directed proof of concept efforts to assess technology stack modifications required for alignment with NIST standards on post-quantum cryptography. Championed initiatives to implement a post-quantum TLS client stack, enhancing overall security posture.
  • Achieved enhanced security through the deployment of advanced zero trust access control (ZTAC) powered by unique PKI and biometrics. Delivered a cohesive and adaptive security architecture that responds to user device workload. Realized a seamless, near real-time system that tunes to current context effectively.
  • Engineered a seamless and secure access control solution to meet DOD's new PKI-based SIPRNet access card requirements for integration with EntrAid using CBA.
  • Directed the implementation of an innovative SDN-overlay architecture for programmable IoT, achieving a unique blend of security and automation. Oversaw the integration of enterprise-grade IoT devices, such as advanced VSS cameras and temperature sensors, while prioritizing interoperability and performance. Championed scalability and disaster recovery strategies to enhance system resilience.
  • Developed and implemented cloud-native multi-cloud print management solutions.
  • Engineered a certificate issuance system to facilitate smart card-based Active Directory login and certificate-based authentication for Entra ID users.
  • Designed and implemented solid solution architecture to support scalability and reliability for users and devices via redundancy and clustering.
  • Managed threat modeling processes, employing OWASP STRIDE and various tools like Nessus and Nmap to fortify solutions against potential security threats.
  • Spearheaded concept creation and ownership of 'alpha access' during solution architecture rollout, overseeing deployment intricacies.

Senior Software Engineer

Avaya, Inc
Santa Clara
12.2009 - 09.2017
  • Developed Avaya SDN healthcare application to integrate network overlay with Open Networking Adapter (ONA) devices and medical equipment. Managed hardware interactions using programmable ONA hardware. Supported server fabric powered by Erlang to ensure high availability, fault tolerance, scalability, and disaster recovery in a master-slave architecture.
  • Designed and deployed network segmentation solutions to effectively isolate users and medical devices, significantly improving overall security posture.
  • Implemented security measures for captive portal using WLAN 8100 controller.
  • Implemented 802.1x protocol on access points to enhance WPA security authentication.
  • Achieved successful design of Avaya VPN Gateway (SSL VPN) through effective leadership of Erlang-based backend development. Optimized use of OTP principles and Mnesia DB for configuration state and statistics. Delivered robust master-slave architecture to improve system performance.
  • Facilitated real-world testing of wifi solutions by managing access for thousands of corporate employees through strategically deployed access points.

Senior Software Engineer

Nortel Networks
Santa Clara
05.2005 - 12.2009
  • Led the implementation of tcp splice module to optimize multiple connections for l7-slb. Oversaw high availability features across various levels of virtual rack operating system framework. Drove improvements in system efficiency and user experience.
  • Spearheaded redesign of VROS to integrate new hardware and SSL acceleration with Alteon load balancers.

Software Engineer

Inkra Networks
Fremont, CA
03.2001 - 05.2005
  • Implemented full-featured SSL acceleration and termination for virtual service modules.
  • Achieved seamless integration of OpenSSL with Cavium and Broadcom5820 chipsets through a comprehensive redesign. Delivered a non-blocking model for efficient network I/O and cryptographic operations. Enhanced system responsiveness by implementing co-design techniques for finite state machine engine, streamlining state transitions and event processing.
  • Implemented PKI security modules to enhance SSL VPN authentication services.

Education

Master of Technology (M.Tech) - Computer Science & Technology

Indian Institute of Technology (IIT)
Roorkee

Bachelor of Technology (B.Tech) - Electronics & Communication Eng.

Sri Venkateswara University
Tirupathi

Skills

  • Experience in network security protocols and cloud computing technologies
  • Operating systems expertise: Linux, Windows Server, FreeBSD
  • Proficient in multiple programming languages
  • Runtime/Platform : Net Core, JBoss EAP 714, JBoss Application Server 7, Erlang OTP, Nodejs, Kafka
  • Cloud Computing : AWS, Azure, GCP
  • Containerization : Docker, Kubernetes, CNI, Cilium/eBPF,Kubevirt
  • Cloud-workload : K8 centric automation, Scaling, disaster recovery
  • Virtualization: VMWare NSX-T SDN Enterprise Data Center, vSphere, Linux-based KVM, Hyper-V
  • Cloud-aligned arch : Microservice, cloud-native,multi-cloud, multi-tenancy
  • Microservice Arch: RESTful APIs, SOAP APIs, OpenAPI(Swagger), gRPC, GraphQL,API GW
  • Cloud Identities: EntraID, Google, Amazon Cognito
  • SaaS : Microsoft 365 (Office 365), Salesforce, Google, Box
  • IAM: SAML20, OpenID Connect, Oauth20, API Keys, SSO, Native Mobile SSO, SCIM, MDM/EDM, MAM, AAA, RBAC, ABAC, PBAC, IGA, MFA, Biometric Authentication, STS, Social login identities, Okta,Ping ID, Sailpoint, IGA etc
  • DevOps: Jenkins (CI/CD), IaC, Terraform, CloudFormation, Ansible
  • Protocols/Standards: SSL/TLS, TCP, SDN, IPv4/v6, DHCP/v6, LDAP, RADIUS, DNS, mDNS, VLAN, HTTP, Web Sockets, NETCONF, OpenFlow, MQTT, CoAP, Gossip, SNMP, RPC, SignalR
  • Network Security: PKI, Cert Mgmt, ECC, PKCS, VPN, IPsec, Firewall, API GW, IDS,DOS,DDOS, AAA, JWT, JWS, SPINet (DoD),TPM, TPM-resident private keys and Virtual Smart Card feature
  • PKI Certificate Management: Re-imagined on-the-fly programmatic cert mgmt (you can imagine this as programmatic ADCS) for users , end point devices & apps, ADCS, Bouncy Castle, EJBCA
  • ZeroTrust : ZTNA, IaaS, SWG, SASE,WAF, NGFW, SDPOther ZeroTrust(ZTNA & SASE) Solution Vendors: Zscaler , Appgate, Palo Alto networks
  • Blockchain : Hyperledger Fabric, Chaincode, Ethereum, Smart Contracts, Solidity, bitcoin etc
  • Wi-Fi : 80211a/b/g/n/ac, MIMO, WEP, WPA, 8021X
  • Web Technologies :Web3, WebSocket, ES6, AngularJS 13, Reactjs, TypeScript, KnockOutjs, Vuejs, REST, JSON, AJAX, HTML5, CSS3
  • Other JS frameworks: Mobiscroll, Ionic
  • Database : MS SQL, Always On HA, TDE(Security@Rest), MySQL, CouchDB, Mnesia, Hibernate 4
  • Build/Integration : Git, Maven, Arquillian, Selenium, TestNG, Python, XPath
  • Packet Debugging : Omnippeek, Wireshark, Tcpdump
  • Test tools : Veriwave, IxChariot, WaveApps, WaveQoE, IxWeb, IxExplorer, Spirent
  • AI/ML/DL: CNN, Transfer Learning, Keras, PyTorch, GenAI
  • Compliance : HIPAA, GDPR, PII
  • Cloud Infra: VPC, Route53, API GW, ELB, CloudFront, Azure App GW, VNET, Azure Front Door
  • On-Prem/Legacy Infra : AD, ADFS, Azure AD Connect
  • Threat Modeling Models and tools: OWASP, STRIDE, MS Azure Tool
  • Pen Testing : Lead static & runtime code analysis and tools, vulnerability, penetration testing (lead execution & fix the critical CVEs) Owns the execution of the whole process , choosing a variety of tools, writing docs on how to test, analyze the reports during every release cycle etc
  • Miscellaneous (Dev): Graph API, Microsoft Universal Print, Bonjour(mDNS), Auto Service-Discovery, Cross-Forest AD Federation and Trust, PKI-based Hybrid SSO (Entra ID and AD)

Accomplishments

  • Implemented my patent end-to-end to achieve Zero Trust centric Native Mobile SSO on IOS and Android devices.
  • Accomplished a complete re-design of OpenSSL to make it work with HW accelerators.
  • Played pivotal role in the execution [Architecture, Design and Implementation] of Virtual Rack Operating System - an overlay-style software abstraction fabric
  • Architected a Programmable IOT via IOT-centric SDN-Overlay solution(resilient, scalable) towards IOT-as-a-Service model, with POC, where Security meets Automation, Performance and Interop.
  • Contribute (to company) several cutting-edge patents include Intelligent Adaptive Security, Cohesive Access Control, and coined a concept called Virtual Security-Wall.
  • Instrumental in the solution architecture and design of massive scale data networking infra for Sochi 2014 Winter Olympics and Avaya Soccer Stadium( now Paypal Park).
  • Instrumental to help achieve the strategic transformation vision of Konica Minolta

Timeline

Architect

Konica Minolta
09.2017 - Current

Senior Software Engineer

Avaya, Inc
12.2009 - 09.2017

Senior Software Engineer

Nortel Networks
05.2005 - 12.2009

Software Engineer

Inkra Networks
03.2001 - 05.2005

Bachelor of Technology (B.Tech) - Electronics & Communication Eng.

Sri Venkateswara University

Master of Technology (M.Tech) - Computer Science & Technology

Indian Institute of Technology (IIT)

Similar Profiles

CREATE PROFILE
Rahul Suraparaju