Post Job Free
Sign in

Senior Principal Engineer

Location:
Austin, TX
Posted:
August 17, 2025

Contact this candidate

Resume:

Christian Lita

Dripping Springs, TX, ***** *********.****@*****.*** 512-***-****

SENIOR SECURITY ENGINEER/ARCHITECT

Security professional with extensive experience in architecture and implementation responsibilities. Ability to operate effectively on a 24x7 basis in crisis situations. Experience with system engineering using RHEL, SLES, Ubuntu and various other Linux distros as well as vSphere products. Excellent communication skills, known as a team player with excellent logical and analytical abilities. Passion for learning new technologies. Looking for a position to apply security technologies combined with AI/ML neural networks for threat prevention/detection/mitigation.

CORE COMPETENCIES

Security Architecture Troubleshooting and Problem-Solving Security Risk Assessment and Mitigation Crisis Management Cloud Computing Analysis Cryptography HSMs FIPS

PROFESSIONAL EXPERIENCE

Dell Technologies Inc. Round Rock, TX 2021 – Feb. 2025

Security Champion/Business Unit Advisor (Telco BU)

Defined security architecture roadmap and requirements.

Performed threat modeling of cluster and microservice components.

Defined component security requirements based on identified threat surfaces.

Developed control verification testcases.

Provided guidance and reviewed existing security technologies for product adoption with an eye for operational security risk.

Performed vulnerability and malware scanning of containers and hosts.

Provided risk assessment and mitigation plans to management and development teams.

Built and maintained automation framework for security scans and Jira ticket tracking.

Performed digital signing and packaging of product releases.

Interfaced with Security Resilience Office (SRO) and Product Security Incidence Response Team (PSIRT) groups for customer advisories and mitigation plans.

VMware Inc. Austin, TX 2016 – 2021

Product Security Architect (vSphere)

Reviewed security architecture and feature designs for multiple business units.

Involved in cryptographic code review and certifications such as FIPS, NIAP, and BSI.

Provided concrete implementation for specific security requirements related to TPM.

Part of VM lifecycle team (CPBU)

oResponsible for design, implementation and maintenance of various components related to virtual machine management such as power, migration, cloning, deletion, etc.

oDevelopment encompassed vSphere Center as well as ESXi server code.

Cisco Systems Inc. Austin, TX 2011 – 2016

Advanced Security Initiative Group

Part of security team evaluating/red-teaming various Cisco products for security gaps.

Products/components targeted ranged from:

oUEFI firmware and SMM

oTelephony protocols (SIP, Call Manager, ASA)

oClear-text protocols such as ARP, DHCP, NTP, SNMP, IPMI

oSecure storage

oVirtualization, developed in-kernel virtualization driver in support of KVM and QEMU (memory page measurements)

oBoot-loaders for various devices (C9000, desktop phones, femto cells)

oTLS, PKI, X-509 certificate validation, cryptographic and entropy algorithms.

IBM, Austin, TX 2005 – 2011

AIX Security, Cryptography Software Engineer

Developed PKCS#11 V2.20 library and kernel driver with virtual and physical token support.

Added support for hardware acceleration for IBM 4764 (XCrypto) and4765 (Y4) fast-path interfaces in support of symmetric key and hash engines.

Developed load-balancing support as well as fallback to soft-crypto as to provide a consistent user-space capability.

Member of the FIPS 140-2 Level 4 certification team.

Developed support for in-core and in-nest crypto acceleration.

Technical contributor for IBM Power7+ and Power8 cryptographic engines

IBM, Austin, TX 1996 – 2005

Software Security Engineer

Access Manager for Business Integration

Responsible for implementing message protection and authentication for data and message queues for MQSeries in C and Java. PKCS#7 was used to protect queue data, while SSL/TLS with X509 certificate mutual authentication was used to implement channel authentication and authorization.

Crypto Performance

Performance analysis for WebSEAL, TAMeB on MQSeries. Analyzed TLS and RSA performance of products such as GSKit, OpenSSL and direct PKCS#11 interfaces. Analyzed hardware accelerators from IBM (4758/4960), NCipher (nFast/nShield) and Rainbow.

Internet Solutions/Appliances

Developed SOCKS and caching HTTP proxy for set-top box project. Developed code to control presentation of Netscape browser frames/windows, etc. and reformat for TV display. Developed caching transcoding proxy with content capability negotiation (CC/PP) in support of light-weight browsers and WAP gateways over HTTP. Developed code for patch manager for JavaOS.

Other Achievements

I have been granted 20 patents, a few more pending (https://patents.justia.com/inventor/christian-lita)



Contact this candidate