Dr. Prajit Das - Security Researcher & Software Engineering Leader

About Me

I am a Security Researcher & Software Engineering Leader at Cisco's Security Business Group (SBG), where I lead a talented team focused on the Secure Firewall Management Center. Our work centers on building core platform components like Authentication, Authorization, and Auditing (AAA), REST API frameworks, and cloud service integrations. I am deeply committed to driving security-focused development and have led several key initiatives around SAML SSO, external authentication, and software compliance standardization.

A core part of my role is leading the engineering response to complex, critical vulnerabilities. For example, for the Blast-RADIUS (CVE-2024-3596) CVE, my team was instrumental in the triage and effective remediation efforts across Cisco. This experience demonstrates my proficiency in managing high-stakes situations, combining deep technical knowledge with a strategic, collaborative approach to crisis management.

With over 18 years of combined experience across industry and academia, I bring a unique perspective to software development—grounded in deep technical knowledge and a passion for security and scalable systems. My expertise includes developing solutions for Single Sign-On (SSO) and Multi-Factor Authentication (MFA), and deploying technologies using modern infrastructure like Docker and Kubernetes. My Ph.D. in Computer Science from the University of Maryland, Baltimore County, and internships at Apple, Samsung, and Symantec have uniquely prepared me to build secure, reliable, and user-centric systems.

Today, I am interested in Senior Leadership positions where I can drive delivery across multiple teams, influence architectural direction, and mentor the next generation of engineering talent. While cybersecurity is my core domain, I am always open to exploring new problem spaces where I can bring value through thoughtful leadership, technical vision, and a commitment to building and delivering high-quality software.

Work Experience

Software Engineering Leader - Cisco Systems Inc.(October 2021 - Present)

As a Software Engineering Leader, I lead a team of developers on the Secure Firewall Management Center, driving the design and delivery of critical security solutions for Cisco's product portfolio. My responsibilities span the entire software development lifecycle, from automated testing and continuous integration to deploying both on-premise and massively scalable containerized solutions.

I specialize in leading high-impact initiatives and complex projects, with a track record of excellence in:

Generative AI Integration: Led the development and integration of an OpenAI-based LLM AI assistant into the Secure Firewall Management Center. This initiative leveraged natural language processing to empower administrators by providing contextually-relevant answers, streamlining policy creation, and simplifying complex troubleshooting, representing a major step toward AI-driven security operations.
Security Incident Response: Led my team's rapid and effective response to the Blast-RADIUS (CVE-2024-3596) vulnerability. This involved expedited triage, cross-functional collaboration with Cisco's PSIRT and Talos teams, and architecting a robust solution that addressed the immediate threat and strengthened the product's long-term security posture.
Core Platform Development: Delivered key features for essential platform components including Identity & Access Management (IAM), Network Configuration Management, REST API Frameworks, and Cloud Services Integration, all using agile software development practices.
Strategic Compliance & Outreach: Ensured compliance with rigorous third-party software security reviews and led internationalization efforts to expand the market reach of Cisco's products.

My leadership style is centered on coordinating work across multiple product areas and cross-functional teams to build the next generation of firewalls.

Technical Product Manager - Cisco Systems Inc.(Jan 2019 - September 2021)

Led the development of the key feature of Single Sign-on using SAML2. Helped bring in $11 million in revenue by delivering high-priority customer requests quickly.

Software Engineer - Cisco Systems Inc.(September 2017 - December 2018)

Worked on design, development and testing of software solutions for Cisco's Secure Firewall Management Center.

Graduate Research Assistant - Ebiquity Research Group (August 2012 - September 2017)

Doctoral research work with the goal of achieving context-driven access control on mobile platforms.

Research Intern - Samsung Research America (June 2014 - August 2014)

Created privacy control systems on the Android platform for protecting user personal or sensitive data.

PhD Intern - Apple Inc. (June 2013 - August 2013)

Data analytics project with a goal of identifying areas of accuracy improvement for Siri.

Intern - Symantec Corporation (June 2012 - August 2012)

Development of server side scripts for reporting automated test results of nightly builds of Symantec products.

Intern - Symantec Corporation (May 2011 - August 2011)

Development of server side scripts for reporting automated test results of nightly builds of Symantec products.

Graduate Teaching Assistant - University of Maryland, Baltimore County (August 2010 - June 2012)

Assisting students with their coursework and grading projects, homework, quizzes and exams

Software Engineer - Tata Consultancy Services (September 2007 - April 2010)

Worked as designer, developer, offshore team lead and billing estimation expert for telecom project.

Projects

MITHRIL - PhD dissertation project

As part of my Doctoral dissertation, I built Mithril, a framework for capturing user access control policies that were fine-grained, context-sensitive and were represented using Semantic Web technologies and thereby managed access control decisions for user data on mobile devices. Read the paper from IEEE CIC 2016 here
Check out presentation to find out more
Slides also available on SlideShare
See demo video here

Heimdall - System call analysis project

The Heimdall project focused on the analysis of system calls with a goal of classifying apps into their perceived behavior category. Thereby it enabled detection of outlier apps that tried to do more than described in Google Play Store or what was informed to the user. Read the paper here Check out presentation to find out more Slides also available on SlideShare

CARLTON - Google Physical Web project

CARLTON was a Google Physical Web based context aware privacy managed question answering system. With the advent of the Internet of Things we faced certain significant privacy and security concerns. CARLTON was a framework for managing data privacy for entities in a Physical Web deployment using Semantic Web technologies. It used context-sensitive privacy policies to protect data privacy. Check out presentation to find out more Slides also available on SlideShare App source

BaeBots - Coding-free platform to build smart, cuddly chatbots

BaeBots was a platform to build chatbot interfaces to Institution specific information about people, places and events. Simply put, users of the chatbot could ask questions like "Who is Dr. Suess?", "Where is Dr. Suess's office?", "When is University Health Services open?" and get answers! Oh and it required no coding! Check out video to find out more App source

Mobipedia.link! - A Mobile Applications Knowledge Base

We presented Mobipedia, a Linked data cloud with knowledge on mobile devices. The knowledge base contained information such as application data, and developer meta-data, permissions used (in android), similar apps etc. Our data cloud made it easier to build tools, perform studies and run analyses. By using semantic techniques knowledge in the endpoint was linked with other Linked Data sources such as DBpedia. Find out more

Safepod - Safer together

SafePod was a mobile app that let your selected friends know if you hadn't reached a specified place at a specified time. SafePod also provided a forum for victims to share traumatic experiences anonymously. Remember that person who assumed the role of the caretaker when you went out partying? SafePod brought that experience to your mobile phone! The goal of SafePod was to create an open community of developers to build technology that made the world a safer place. App source

Face-Block.me! - Privacy-Aware Pictures for everyone

FaceBlock was a proof of concept implementation of a system that could create Privacy-Aware Pictures using smart devices. The pervasiveness of Privacy-Aware Pictures could have been a right step towards balancing privacy needs and comfort afforded by technology. Thus, we could get the best out of Wearable technology without being oblivious about the privacy of those around you. Read the blog to find out more Watch the demo video

Publications

[1]	Leon Garza, Anantaa Kotal, Aritran Piplai, Lavanya Elluri, Prajit Kumar Das, and Aman Chadha. Prvl: Quantifying the capabilities and risks of large language models for pii redaction, 2025. [ bib \| arXiv \| http \| Abstract ]
[2]	Sofia Dutta, Sai Sree Laya Chukkapalli, Madhura Sulgekar, Swathi Krithivasan, Prajit Kumar Das, and Anupam Joshi. Context sensitive access control in smart home environments. In 2020 IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), IEEE Intl Conference on High Performance and Smart Computing, (HPSC) and IEEE Intl Conference on Intelligent Data and Security (IDS), pages 35--41, 2020. [ bib \| DOI \| Abstract ]
[3]	Prajit Kumar Das, Dibyajyoti Ghosh, Pramod Jagtap, Anupam Joshi, and Tim Finin. Preserving user privacy and security in context-aware mobile platforms. IGI Global Scientific Publishing, 2017, pages 166--193. [ bib \| DOI \| http \| Abstract ]
[4]	Prajit Kumar Das, Anupam Joshi, and Tim Finin. App behavioral analysis using system calls. In 2017 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pages 487--492, 2017. [ bib \| DOI \| Abstract ]
[5]	Prajit Kumar Das. Context-Dependent Privacy and Security Management on Mobile Devices. PhD Dissertation, University of Maryland, Baltimore County, 2017. [ bib \| http \| Abstract ]
[6]	Prajit Kumar Das, Anupam Joshi, and Tim Finin. Personalizing context-aware access control on mobile platforms. In 2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC), pages 107--116, 2017. [ bib \| DOI \| Abstract ]
[7]	Prajit Kumar Das, Sandeep Narayanan, Nitin Kumar Sharma, Anupam Joshi, Karuna Joshi, and Tim Finin. Context-sensitive policy based security in internet of things. In 2016 IEEE International Conference on Smart Computing (SMARTCOMP), pages 1--6, 2016. [ bib \| DOI \| Abstract ]
[8]	Sudip Mittal, Prajit Kumar Das, Varish Mulwad, Anupam Joshi, and Tim Finin. Cybertwitter: Using twitter to generate alerts for cybersecurity threats and vulnerabilities. In 2016 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM), pages 860--867, 2016. [ bib \| DOI \| http \| Abstract ]
[9]	Prajit Kumar Das, Abhay Kashyap, Gurpreet Singh, Cynthia Matuszek, Tim Finin, and Anupam Joshi. Semantic Knowledge and Privacy in the Physical Web. In Proceedings of the 4th Workshop on Society, Privacy and the Semantic Web - Policy and Technology (PrivOn 2016) co-located with the 15th International Semantic Web Conference (ISWC 2016), Kobe, Japan, October 17, 2016., volume ISWC 2016, 2016. [ bib \| .pdf \| Abstract ]
[10]	Prajit Kumar Das, Anupam Joshi, and Tim Finin. Capturing policies for fine-grained access control on mobile devices. In 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC), pages 54--63, 2016. [ bib \| DOI \| Abstract ]
[11]	Primal Pappachan, Roberto Yus, Prajit Kumar Das, Sharad Mehrotra, Tim Finin, and Anupam Joshi. Building a Mobile Applications Knowledge Base for the Linked Data Cloud. In Proceedings of the 1st International Workshop on Mobile Deployment of Semantic Technologies (MoDeST 2015) co-located with 14th International Semantic Web Conference (ISWC 2015), Bethlehem, Pennsylvania, USA, October 11th, 2015., volume 1486, pages 14--25. CEUR Workshop Proceedings (CEUR-WS.org), 2015. [ bib \| .pdf \| Abstract ]
[12]	Primal Pappachan, Roberto Yus, Prajit Kumar Das, Sharad Mehrotra, Tim Finin, and Anupam Joshi. Mobipedia: Mobile Applications Linked Data. In Proceedings of the ISWC 2015 Posters & Demonstrations Track co-located with the 14th International Semantic Web Conference (ISWC-2015), Bethlehem, PA, USA, October 11, 2015., volume 1486, pages 2--5. CEUR Workshop Proceedings (CEUR-WS.org), 2015. [ bib \| .pdf \| Abstract ]
[13]	Roberto Yus, Primal Pappachan, Prajit Kumar Das, Eduardo Mena, Anupam Joshi, and Tim Finin. Demo: FaceBlock: Privacy-Aware Pictures for Google Glass. In The 12th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys'14, Bretton Woods, NH, USA, June 16-19, 2014, page 366, 2014. [ bib \| DOI \| Abstract ]
[14]	Roberto Yus, Primal Pappachan, Prajit Kumar Das, Tim Finin, Anupam Joshi, and Eduardo Mena. Semantics for Privacy and Shared Context. In Proceedings of the 2nd Workshop on Society, Privacy and the Semantic Web - Policy and Technology (PrivOn 2014) co-located with the 13th International Semantic Web Conference (ISWC 2014), Trento, Italy, October 20, 2014., volume 1316. CEUR Workshop Proceedings (CEUR-WS.org), 2014. [ bib \| .pdf \| Abstract ]
[15]	Primal Pappachan, Roberto Yus, Prajit Kumar Das, Tim Finin, Eduardo Mena, and Anupam Joshi. A semantic context-aware privacy model for FaceBlock. In Proceedings of the 2nd Workshop on Society, Privacy and the Semantic Web - Policy and Technology (PrivOn 2014) co-located with the 13th International Semantic Web Conference (ISWC 2014), Trento, Italy, October 20, 2014., volume 1316, pages 64--72. CEUR Workshop Proceedings (CEUR-WS.org), 2014. [ bib \| .pdf \| Abstract ]
[16]	Prajit Kumar Das, Dibyajyoti Ghosh, Anupam Joshi, and Tim Finin. Acm hotmobile 2013 poster: an energy efficient semantic context model for managing privacy on smartphones. SIGMOBILE Mob. Comput. Commun. Rev., 17(3):34–35, November 2013. [ bib \| DOI \| http \| Abstract ]
[17]	Prajit Kumar Das, Anupam Joshi, and Tim Finin. Energy Efficient Sensing for Managing Context and Privacy on Smartphones. In Proceedings of the 1st Workshop on Society, Privacy and the Semantic Web - Policy and Technology (PrivOn 2013) co-located with the 12th International Semantic Web Conference (ISWC 2013), Sydney, Australia, October 22, 2013., volume 1121. CEUR Workshop Proceedings (CEUR-WS.org), 2013. [ bib \| DOI \| .pdf \| Abstract ]

In the News...

Prof. Anupam Joshi quoted in Nature news article on wearable technology

Nature News Article

The Trouble with Wearables - by Kat Austen

View PDF Article

Was a finalist for the 3 Minute Thesis competition in the 38th UMBC Graduate Research Conference, 2016. Check out my talk in the video below:

3 Minute Thesis competition video thumbnail

Click to play video

Skills

I am a Security Researcher & Software Engineering Leader with extensive R&D experience in the Mobile Computing, Network Security and Cybersecurity domains. I have held positions with varying levels of responsibility including Software Engineer, Software Engineering Leader, Security & Privacy Researcher, Project Auditor, research & teaching assistant. The highlights of my skills are listed below.

AndroidExpert

Mobile ComputingPro

RDBMS: MySQL, OraclePro

JavaPro

PythonExperienced

Machine LearningExperienced

Semantic WebExperienced

Web DevelopmentExperienced

Other Projects

Semantics for Privacy and Shared Context

We presented the Triveni system for cross-device context discovery and enrichment which represented context in RDF and OWL and reasoned over context models to infer additional information and detect and resolve ambiguities and inconsistencies. Read the paper

A Semantic Context-Aware Privacy Model for FaceBlock

We presented an extended context-aware privacy model represented using OWL ontologies and SWRL rules that can help FaceBlock to generate Privacy-Aware Pictures depending on context and privacy needs of the user. Read the paper

Energy efficient sensing for managing privacy on smartphones

We presented the COMMAND (COntext-aware Middleware for MANaging Data) system that will reduce energy costs by reasoning about what context information is known, what additional information is needed, how accurate it must be and how to efficiently acquire it. Read the paper

Travel awards received

ISWC Travel Grant 2016

Awarded the Student Travel Award for 2270 USD for presenting a paper at the PrivOn workshop in the 15th International Semantic Web Conference (ISWC), 2016.

SMARTCOMP Travel Grant 2016

Awarded the NSF Student Travel Award for presenting a paper at the SmartSys workshop in the 2nd IEEE International Conference on Smart Computing (SMARTCOMP 2016).

ISWC Travel Grant 2015

Awarded the Student Travel Award for 1427 USD for presenting a paper at the MoDeST workshop in the 14th International Semantic Web Conference (ISWC), 2015.

ISWC Travel Grant 2014

Awarded the Student Travel Award for 2200 USD for presenting a paper at the PrivOn workshop in the 13th International Semantic Web Conference (ISWC), 2014.