Hi 👋🏻,

I am currently working as an AI Platform Security Engineer at Charles Schwab, focusing on securing enterprise AI platforms, tool integrations, and AI-enabled systems. My work spans AI guardrails, platform security, observability, policy enforcement, and incident response for AI workloads, combining security engineering with production-scale platform operations.

Previously, I worked as a Site Reliability Engineer at Charles Schwab, where I built strong experience in cloud infrastructure, automation, observability, incident management, and vulnerability compliance. This SRE background allows me to approach AI security with a production-first and reliability-driven mindset.

Before joining the industry, I completed my MS and Ph.D. in Computer Science at the University of Houston (August 2019 – May 2024), where I served as a Graduate Teaching and Research Assistant. During my Ph.D., I conducted research in cybersecurity with a focus on cyber deception, adversarial reconnaissance, privacy, and IoT security, working with Dr. Omprakash Gnawali in the Networked Systems Laboratory and Dr. Aron Laszka in the Resilient Network and Systems Lab.

Earlier in my career, I worked as a Lecturer in the Department of Computer Science at Green University of Bangladesh (May 2016 – July 2019). I completed my MS and B.Sc. in Information Technology at the Institute of Information Technology, Jahangirnagar University, Bangladesh.

I am particularly interested in AI platform security, adversarial ML, secure AI system design, and bridging academic security research with real-world, enterprise-scale systems.

• Web: shantoroy.me
• Tech Blog: shantoroy.com
• Travel Blog: digitalnomadgoals.com
• LinkedIn: shanto-roy
• Scholar Profile: Google Scholar
• Credly: shantoroy

• My recent certifications:
  1. GCP Associate Cloud Engineer
  2. Professional Scrum Master™ I (PSM I)
  3. AWS Certified AI Practitioner
• I have started a project for Certification Preparation where you can prepare for different certification exam by going through practice questions.
• I have started my #100daychallenge for learning and sharing resources on Site Reliability Engineering. I will be sharing my journey as a blog post under the tag '#100daysofSRE' on my blog. You can navigate the list of contents on my Medium post or this GitHub Repo.
• We have submitted a new paper entitled "SoK: The MITRE ATT&CK Framework in Research and Practice" at a cyber security conference. The preprint is [available on Arxiv].(https://arxiv.org/abs/2304.07411). In this work, we explored the use cases and applications of MITRE ATT&CK in Academic Research and Industry. Feel free to read and cite the work if relevant.
• I joined as a Site Reliability Engineer at Charles Schwab in Texas, US.
• I started writing on the Medium Blog Platform. Follow me here.
• You can check out my GitHub Repository entitled CyberSecurity Concepts in Python that provides different security concepts in Python. Blog Posts are also available alongside codes. Please find the links in the README.md file. Find more posts on my blog shantoroy.com.

• Primary research interest: Cyber Security
• Industrial Interest: DevSecOps, Site Reliability Engineering (SRE) and Network/Information Security Analysis/Engineering
• Currently Working on Cyber Deception
• Currently exploring how Honeypots can be utilized for further Deception
• Other Interests: Blogging, Traveling, Cycling, Hiking, and Music

• AI won’t replace us, but a person using AI will!
• How to Avoid Phone/Email Scams!
• Write a Reverse Proxy Server in Python: Part 1 (Reverse Proxy Server)
• Introduction to Reinforcement Learning (Part 01: Basic Concepts)
• Write a Simple Virus in Python
• Write a Worm (Malware) in Python
• Write a Backdoor in Python
• A Basic Keylogger in Python
• Passive Operating System Fingerprinting by Analyzing PCAP files

👉     read more bog posts...