Sachin Tolay

1. Led the planning and execution of a cross-functional initiative to develop an in-house Single Sign-On

(SSO) solution with OpenID Connect (OIDC). Aligned the project with a pivotal initiative to cross-sell

SignalFx services to the established Splunk customer base. Successfully implemented the solution,

currently reaching approximately 30% of the customer base as of the latest update.

2. Led the end-to-end development effort of building an in-house Customer Identity and Access

Management (CIAM) solution and migrating away from Keycloak (open-source CIAM solution). This

initiative addressed multiple critical security vulnerabilities and overcame operational complexity and

scalability challenges inherent in Keycloak.

3. Led the development of a System for Cross-domain Identity Management (SCIM) solution to address

a critical security risk by efficiently deprovisioning Splunk users, including their access tokens, upon

deactivation in Splunk customer's Identity providers. This initiative has garnered the highest votes for

several years.

Notable Projects in AWS EBS

1. Led the development of a garbage collection system of EBS snapshots from scratch, orchestrating the

release of unreferenced S3 storage (approximately 20 petabytes across 18 AWS regions). It involved building

several map-reduce jobs based on Mark and sweep algorithm and an orchestrator service to coordinate the

jobs. This initiative resulted in a substantial monthly cost reduction of $150k across all AWS regions.

2. Led a cross-functional initiative aimed at securing the communication across all EBS control plane services

by enforcing Authn/Authz and encryption. Built an EBS-wide Auth helper library to ease the migration

of 28 EBS services. Key features included dynamically configurable authz whitelists, caching of auth

results and whitelists, gradual dial-up provision and the incorporation of metrics support to track the auth

results/latencies across communication links.

3. Actively participated in design and code reviews, providing constructive feedback and mentoring team

members to enhance code quality and promote a collaborative learning environment.

4. Facilitated and orchestrated knowledge-sharing sessions to eliminate team silos and address on-call hotspots.

Notable projects in AWS ELB

Designed and implemented a client TLS certificate rotation system which distributes (and rotates) client

certificates to the ELB hosts to make API calls to ELB control plane services. This initiative was geared towards

minimizing downtimes attributed to expired certificates.

• Built batch scheduler framework on top of Quartz framework with additional functionalities like support for job retries, persistence of job statuses and intermediate data, splitting a single job execution into multiple atomic executions etc. This framework is used by more than 5 teams under Seller Platform org in Flipkart.

• Designed and implemented consignment scheduling engine for sellers to create draft consignments and book time slots for sending consignments to Flipkart warehouses while managing the limited resources (warehouse capacity and warehouse ops capacity) and the priority of the sellers and their consignments in the backend.