Pooja Kiran

System Software Engineer AI Infrastructure ML inference pipeline model serving Kubernetes distributed systems PyTorch FastAPI Docker CI/CD SARIF SLSA Ed25519 artifact signing RBAC JWT drift detection model registry Prometheus Grafana observability DVC GitHub Actions Redis Qdrant multi-tenant adversarial ML DP-SGD FGSM PGD AutoAttack NIST AI RMF supply chain security MLOps deep learning Python scalable AI infrastructure inference optimization AI systems engineer production ML model lifecycle infrastructure reliability SRE performance benchmarking GPU distributed training data parallelism pipeline integrity audit logging incident response LangGraph multi-agent agentic AI SafeTensors policy-as-code AES-256 Fernet hash chain OOP software engineering principles high-performance code microservices event-driven architecture containers Kafka Terraform IaC cloud AWS GCP Azure

Pooja Kiran

Who I Am

System Software
Seeking SSE AI Infrastructure

I build production AI system pipelines with the properties that matter at scale: every artifact cryptographically signed and gated in CI, every model promotion hash-chained in the audit log, every inference endpoint behind RBAC with measured latency budgets. Six open-source projects — from a Kubernetes-deployed model serving platform with drift detection and rollback, to a CI supply-chain gate that walks pickle bytecode at the opcode level — demonstrate systems thinking, not just security tooling.

Inference Pipelines Artifact Integrity Kubernetes Serving CI/CD for ML

Technical Skills

What I Work With

AI Inference & Model Serving

FastAPI, uvicorn, Triton (conceptual), model registry, RBAC/JWT, multi-tenant isolation, rate limiting, 2.7 ms latency / 52K samples/sec measured

MLOps & CI/CD for ML

GitHub Actions, SARIF gates, DVC, drift detection + rollback, hash-chained audit log, policy-as-code (YAML), smoke tests, Makefile

Container & Kubernetes

Docker (non-root runtime, minimal base), Kubernetes RBAC + NetworkPolicies, docker-compose, k8s manifests, Prometheus/Grafana

ML Artifact Integrity

Pickle opcode AST analysis, SafeTensors validation, Ed25519 signing, SLSA provenance, SBOM, SHA-256 hash chain, reusable GitHub Actions

Deep Learning & PyTorch

LSTM, Transformer, ResNet-18, autograd (gradient-based attacks/inversion), FGSM/PGD/C&W/AutoAttack, Madry AT, TRADES, Randomized Smoothing

Distributed Systems Design

Multi-tenant Qdrant collections, Redis caching, tenant-scoped RBAC middleware, append-only JSONL audit, AES-256 Fernet encryption (0.019 ms overhead)

Observability & Reliability

Prometheus/Grafana, structured logging, STRIDE threat model, IR_PLAYBOOK, FAILURE_MODES.md, incident response runbooks, Locust load testing

Programming & Tools

Python, PyTorch, scikit-learn, spaCy/Presidio, pytest, Git — studying C++ systems programming and CUDA memory model

Featured Work

AI Infrastructure
Projects

06 Projects · Kubernetes · CI/CD · PyTorch · Measured Outcomes

01 · LLM Inference Security

LLM-Guard-Scanner

FastAPI inference security middleware (May 2026). Detects prompt injection via embedding similarity to known templates, scans retrieved RAG context for imperative instructions before LLM, and flags secret leakage via entropy analysis. All findings emitted as SARIF, blocking CI deploys on violation. Agentic pipeline in src/agentic_scanner.py.

FastAPISARIFCI/CD GateInference Security

View Project on GitHub →

02 · ML Artifact Integrity

Model-Supply-Chain-Auditor

CI artifact integrity gate (May 2026). Walks pickle bytecode at the opcode level (REDUCE/GLOBAL/BUILD), detects unsafe torch.load, validates SafeTensors format, and enforces Ed25519 artifact signing with a SHA-256 provenance chain. Policy-as-code YAML blocks unsigned artifacts. Packaged as a reusable GitHub Actions workflow. Built in response to LiteLLM/Mercor supply chain incidents (2026).

SafeTensorsEd25519SLSAPolicy-as-CodeGitHub Actions

View Project on GitHub →

03 · Privacy & Compliance

ML-Privacy-Attacks

Measured privacy leakage analysis (May 2026). Implemented Yeom (2018) loss-threshold and Shokri (2017) confidence-proxy membership inference plus gradient-based model inversion (Fredrikson 2015) on 41,188-record UCI dataset. Measured 0.42 MIA advantage mapped to EU AI Act thresholds. DP-SGD defense with RDP Gaussian mechanism, ε-δ accounting (Balle et al.).

DP-SGDPyTorchRDP AccountingBenchmarked

View Project on GitHub →

04 · Model Robustness Benchmarking

Adversarial-Robustness-Toolkit

Rigorous PyTorch robustness benchmark (May 2026). FGSM, PGD-20/100 (10 restarts), C&W L2, and AutoAttack (APGD-CE+DLR+FAB+Square) against CIFAR-10 ResNet-18 at ε=8/255 L∞. Measured: undefended model collapses to 0% under PGD-20; Madry AT recovers ~45% robust accuracy at ~10pp clean-accuracy cost. TRADES and Randomized Smoothing defenses implemented and documented.

PyTorchFGSM/PGD/AutoAttackMadry ATTRADESCodeQL CI

View Project on GitHub →

05 · RAG Serving Infrastructure

docquery

Production RAG serving stack (Jun 2026). Qdrant (tenant-scoped collections) + BGE cross-encoder reranker + Redis cache + FastAPI. Multi-tenant isolation with per-tenant rate limiting. XML delimiter sandboxing and imperative-instruction detection guard retrieved context before LLM. Presidio PII redaction at API boundaries. Locust load testing, RAGAS evaluation, docker-compose deploy.

QdrantFastAPIRedisMulti-TenantLocustRAGAS

View Project on GitHub →

06 · Production ML Inference Pipeline

PulseNet-RUL-Forecasting

Hardened ML inference pipeline on NASA C-MAPSS (Mar 2026). LSTM+Transformer served via FastAPI at 2.7 ms mean latency / 52K samples/sec. SHA-256 hash chain across all pipeline artifacts, Ed25519-signed model checkpoints, per-tenant RBAC middleware, AES-256 Fernet encryption (0.019 ms overhead measured), append-only JSONL audit log, SARIF CI gates, NIST AI RMF compliance. IR_PLAYBOOK.md, smoke tests, benchmark scripts.

Inference PipelineRBACAES-256 FernetSARIF CIBenchmarkedNIST AI RMF

View Project on GitHub →

Work History

Experience

Aug 2024 – Present · Self-directed Research · Tempe, AZ (Remote)

Independent Seeking SSE AI Infrastructure

Self-directed Research, Tempe, AZ

Built 6 production-grade AI infrastructure projects: hardened inference pipeline (2.7 ms latency, 52K samples/sec), Kubernetes model serving with drift detection + rollback, and a CI artifact gate enforcing Ed25519 signing and policy-as-code across the ML release pipeline.
Architected multi-agent LLM pipeline (LangGraph) combining Bandit+Semgrep SAST with LLM reasoning agents for logic-flaw detection, with CRITICAL/HIGH/MEDIUM risk prioritization and a benchmark vulnerable repo for CI verification.
Designed a privacy-preserving RAG retrieval layer combining differential privacy and encrypted embeddings, hardening LLM retrieval against inference and exfiltration attacks.
Authored 4 open-source model supply-chain scanners enforcing pickle opcode analysis, SafeTensors validation, and Ed25519 signing through SARIF-gated CI.
Delivered 6 reproducible attack/defense benchmark suites across LLMs, RAG, model artifacts, and privacy, each with documented threat models and failure modes.

Aug 2025 – Nov 2025 · Arizona State University & Honeywell Aerospace · Tempe, AZ

Cybersecurity Innovation Researcher — Technology Innovation Lab

Arizona State University and Honeywell Aerospace, Tempe, AZ

Conducted threat assessment across Passenger Service Systems and aviation integrations, mapping cloud-security risk gaps in connected-aircraft platforms.
Identified IoT attack surfaces in connected aircraft and engineered a validated mitigation prototype, delivered 100% on schedule within a 100-day incubator.
Drove the full innovation lifecycle from problem validation through prototyping to an executive-level technical pitch to Honeywell engineering leadership.

Jan 2025 – Oct 2025 · Arizona State University · Mesa, AZ

Graduate Teaching Assistant (IT Grader)

Ira A. Fulton Schools of Engineering, Arizona State University, Mesa, AZ

Assessed 100+ graduate submissions against secure-coding, NIST/ISO compliance, and configuration-management standards across 3 advanced IT courses.
Evaluated infrastructure-security and secure-SDLC practices, reinforcing secure system design for graduate engineering cohorts.

Jan 2023 – Feb 2024 · M. S. Ramaiah University · Bengaluru, India

Undergraduate Research Fellow — KSCST Funded

M. S. Ramaiah University of Applied Sciences, Bengaluru, India

Secured a competitive KSCST government research grant, selected from 5,900+ proposals (approximately 25% acceptance), for reinforcement-learning CubeSat communication research.
Co-authored and presented a peer-reviewed IEEE INDICON 2023 paper on RL-driven satellite systems to IEEE committees and industry evaluators.

Academic Background

Education

Aug 2024 – May 2026 · GPA 3.87 · Tempe, AZ

M.S., Information Technology (Security focus)

Arizona State University

GPA 3.87 / 4.0

Coursework: Advanced Information Systems Security, Network Forensics, Cloud Security, Secure Cloud Architecture.

Aug 2019 – Aug 2023 · CGPA 8.44 · Bengaluru, India

B.Tech, Computer Science & Engineering

M. S. Ramaiah University of Applied Sciences

CGPA 8.44 / 10

Certifications & Publications

Technology Innovation Lab — Honeywell Aerospace & ASU

Nov 2025 · 100-day connected-aviation cybersecurity incubator.

AWS Academy Graduate — Cloud Security Foundations

Nov 2025 · IAM, VPC security, encryption in transit/at rest.

IEEE INDICON 2023

"A Personalized E-Learning System Using Reinforcement Learning Through Satellite," NIT Warangal (Doc ID 10440852).

System SoftwareSeeking SSE AI Infrastructure

What I Work With

AI InfrastructureProjects

LLM-Guard-Scanner

Model-Supply-Chain-Auditor

ML-Privacy-Attacks

Adversarial-Robustness-Toolkit

docquery

PulseNet-RUL-Forecasting

Experience

Education

Technology Innovation Lab — Honeywell Aerospace & ASU

AWS Academy Graduate — Cloud Security Foundations

IEEE INDICON 2023

POOJAKIRAN

System Software
Seeking SSE AI Infrastructure

AI Infrastructure
Projects

POOJA
KIRAN