security engineering

Kamal Kumar

Staff Security Engineering Manager

Building AI-powered tools & platforms that secure the enterprise

Platforms I've Built

DataCraft

Enterprise data intelligence platform built at Tesla. Databricks-like lakehouse architecture running Apache Spark on Kubernetes with integrated secret management, RBAC, and data governance. Ingests 300+ GB daily, serving as the foundational intelligence layer powering all AI security tools across the organization.

Spark • Kubernetes • Secret Mgmt • RBAC • 300+ GB/day

click to see details →

DataCraft click to go back

Architecture: Databricks-like lakehouse with Spark on Kubernetes
Scale: 300+ GB daily ingestion, high availability
Data Governance: RBAC, cryptographic secret management, end-to-end lineage
Consumers: Cross-functional — security ops, threat intel, compliance, ML teams
Pipelines: Real-time ingestion, canonical datasets, batch & streaming
Impact: Foundational data layer powering all 4 AI/ML security platforms

Threat Intelligence Center

Centralized threat intelligence platform built at Tesla for proactive threat detection, IOC correlation, and automated incident response across cloud and on-premises environments. Aggregates feeds from multiple intel sources, enriches alerts with context, and drives real-time security operations.

Threat Feeds • IOC Correlation • SIEM • Incident Response • Real-time

click to see details →

Threat Intelligence Center click to go back

Feeds: Aggregates multiple threat intel sources & OSINT feeds
IOC Correlation: Proactive indicator matching across cloud & on-prem
Alert Enrichment: AI-powered context injection into security alerts
Incident Response: Automated playbook execution & orchestration
Coverage: Unified view across AWS, Azure, and on-premises environments
Impact: Drives real-time security operations and threat hunting

AI Helpdesk Platform

Enterprise-grade, self-service AI helpdesk platform built at Tesla. Organizations configure their own integrations (email, Slack, ticketing systems) and plug in knowledge sources (Confluence, SharePoint, policy docs, mailboxes). Resolves 65% of tier-1 security tickets without human intervention.

LLMs • Multi-Tenant • Configurable Integrations • Knowledge Pipelines • Admin Console

click to see details →

AI Helpdesk Platform click to go back

Architecture: Multi-tenant SaaS with admin console
Integrations: Email, Slack, ticketing systems, configurable per tenant
Knowledge Sources: Confluence, SharePoint, policy docs, mailboxes
AI Pipeline: LLM-powered ingestion, indexing, and response generation
Capabilities: Auto-classify, draft responses, intelligent escalation
Impact: 65% of tier-1 security tickets resolved autonomously

Security & Compliance Posture Platform

Enterprise IT and OT security posture management platform built at Tesla. Monitors 300K+ assets against 300+ policies across cloud, on-prem IT, and OT environments. Unified compliance tracking — single pane of glass for leadership.

300K+ Assets • 300+ Policies • IT/OT • NIST • CIS • SOC 2

click to see details →

Posture Platform click to go back

Scale: 300K+ assets monitored 24/7
Policies: 300+ rules across CIS, SOC 2, NIST, internal standards
Coverage: AWS, Azure, on-premises IT, and OT environments
Automation: Policy evaluation, drift detection, one-click remediation
Reporting: Single pane of glass for leadership visibility
Impact: Transformed compliance from manual to continuous monitoring

AI Agents Platform

Enterprise AI agents platform built at Tesla, powered by Graph RAG. Autonomous agents auto-triage tens of thousands of findings monthly, reducing MTTR by 90%. Human-in-the-loop guardrails for high-risk actions.

Graph RAG • Knowledge Graphs • AI Agents • 90% MTTR Reduction • Human-in-the-Loop

click to see details →

AI Agents Platform click to go back

Architecture: Graph RAG with entity-rich knowledge graphs
Data Sources: Vuln scans, asset inventories, remediation playbooks
Graph Model: Services → Vulnerabilities → Owners → Remediation steps
Agents: Autonomous triage of tens of thousands of findings/month
Safety: Policy-based control plane with human-in-the-loop review
Impact: 90% reduction in mean-time-to-remediate

PacBot Open Source

Continuous security & compliance platform built at T-Mobile. Policy-as-code engine enforcing thousands of policies across 500+ accounts, auto-remediating tens of thousands of violations. 1,300+ GitHub stars, 280+ forks.

AWS • Lambda • Policy-as-Code • AutoFix • Multi-Account

click to see details →

PacBot click to go back

Philosophy: Assess → Report → Remediate → Repeat
Scale: Thousands of policies across 500+ AWS accounts
AutoFix: Tens of thousands of violations auto-remediated
Community: 1,300+ GitHub stars, 280+ forks, Apache 2.0
Spinout: Paladin Cloud — $3.3M seed (Samsung Next, T-Mobile Ventures)
Press: pacbot.org • TechCrunch • SC Magazine

Application Security Threat Modeling Vulnerability Management AWS / Azure Kubernetes AI / ML Security Google Vertex AI AWS Bedrock Infrastructure Security Shift-Left Security

Credentials

Leadership & Management In Progress

Wharton Online (UPenn)

Machine Learning

University of Washington

Engineering Leadership

Cornell University

AWS Solutions Architect

Amazon Web Services

Generative AI Fundamentals

Databricks

Business Analytics

Harvard Business School Online

Recognition

Jeff Barr

VP & Chief Evangelist, AWS

Very cool - PacBot (Policy as Code Bot) - Continuous compliance monitoring, reporting, and security automation from T-Mobile! ‘Assess → Report → Remediate → Repeat’ is PacBot's philosophy.

Product Advisory Council

Armis

Invited member of Armis Product Advisory Council — advising on product strategy for the leading asset intelligence and OT/IoT security platform.

Speaker: CityU Cloud Security Meetup • Published: Medium (PacBot deep-dive) • Featured in: TechTarget • Kali Linux Tutorials • Golem.de

Download Resume Get in Touch

LinkedIn GitHub