Before product, I was the engineer in the room. This is where my technical fluency was built, and where I first led a team.
IoT connection performance directly shapes customer experience and trust in Cisco's platform; slow, less-secure connections are a competitive liability in an enterprise market where security posture is a top purchase criterion. Meanwhile, every open vulnerability in WebEx, a widely-used enterprise calling product, was both a customer risk and a reputational one.
Fixing these issues wasn't optional scope, it was foundational: any future feature work sits on top of the protocol and infrastructure layer, so weaknesses here would resurface as customer-facing problems repeatedly if left unaddressed.
I led a team of 5 engineers to develop an IoT security protocol using Google's QUIC, aligning the technical approach with business objectives and product vision. In parallel, I partnered with a cross-functional team of 8 engineers to resolve 100+ security vulnerabilities in WebEx calling applications.
I also owned the architecture redesign of the Webex Calling User Portal (CUP), refactoring database connection handling to improve efficiency by 25% and stabilize a high-traffic, user-facing surface for enterprise customers.
The team evaluated transport-layer options for rebuilding the IoT security protocol, weighing maturity, performance ceiling, and integration effort.
| Option | Connection Speed | Security Ceiling | Integration Effort | Verdict |
|---|---|---|---|---|
| Extend Existing Legacy Protocol | Low ceiling | Limited by legacy design | Low | Rejected, doesn't solve root cause |
| Custom Transport Protocol | High potential | High, but unproven | Very high | Rejected, too slow to harden and ship |
| Google's QUIC | High, proven at scale | High, modern security primitives | Moderate | Selected |
Building on QUIC gave the team a mature, widely-adopted foundation, letting us focus engineering effort on IoT-specific security hardening rather than reinventing transport-layer fundamentals.
Led a 5-engineer team building the new IoT security protocol, benchmarking against existing connection time and transfer speed.
Partnered with an 8-engineer cross-functional team to triage and resolve 100+ security vulnerabilities in WebEx calling applications.
Refactored the Calling User Portal's database connection handling, stabilizing a high-traffic surface for enterprise customers.
Contributed to release-gate reviews, applying the same regression-benchmarking discipline across every workstream.
Security work is never "done," it's triaged, prioritized, and continuously resolved. That mindset now shapes how I think about governance in product.
Leading engineers as an engineer taught me that technical credibility is earned through clear tradeoff reasoning, not authority.
Infrastructure-level fixes have outsized, compounding leverage, they quietly prevent dozens of future customer-facing issues.
Not everyone agreed QUIC was the right call - some of the team wanted a custom transport layer for tighter control. I pushed benchmarking data on connection time and security ceiling over intuition, and we aligned once the tradeoffs were quantified rather than argued qualitatively.
Every vulnerability fix and CUP change went through regression benchmarking against the existing performance baseline before release, this is the same "measure before you ship" discipline I now apply to product rollouts, not just code.