David Solodukhin — Production Engineer, Network Infrastructure Security

Experience

Meta/Production Engineer, Network Infrastructure Security Engineering

New York, NY · Jul 2020 — Present

Architected and scaled a real-time malicious-traffic (DDoS) detection and mitigation system distributed across a 100K+ host fleet, optimizing for high throughput under strict low-latency constraints. Partnered with security, host-platform, and networking teams to drive the system from MVP to production for L7.
Optimized low-latency packet-processing pipelines at the host kernel level (eBPF, XDP, TC) for detection and mitigation protocols, across varied host and NIC hardware (Broadcom, Mellanox).
Developed quantitative anomaly-detection models using time-series analysis, signal processing, and supervised ML to identify asymmetric network threats from high-volume telemetry.
Established triage and response processes for DDoS and edge-security incidents. As primary on-call in a 24/7 SOC rotation, assessed dozens of high-profile external security & infra events per shift — drove MTTD down to p50 <1 min via automated anomaly alerting, and MTTR to p50 <3 min (from 10–30 min) via automation and pre-staged mitigation runbooks.
Mentor junior engineers — onboarding and building the technical skills required for network-security incident response.

Amazon Lab126/SDE Intern, Consumer Devices

Sunnyvale, CA · Sep — Nov 2019

Designed a high-performance, adaptive, portable service to stream and transcode sensor data from a prototype consumer device, letting developers diagnose low-level hardware sensor issues faster — cut device disk usage by 30% and average time-to-dump-state by 90%.

VMware/Software Engineer Intern, VM Platform

Palo Alto, CA · May — Aug 2019

Designed and built a scalable, container-runtime-independent solution for managing containers inside a Linux VM, gathering container stats by talking directly to the exposed Linux kernel APIs that make containerization feasible.

Georgia Tech/Research & Teaching

Atlanta, GA · Aug 2016 — May 2020

Undergraduate Researcher — Dr. Taesoo Kim · Fuzzification: Anti-Fuzzing Techniques

Designed and evaluated anti-fuzzing techniques to slow modern fuzzers and protect software from malicious fuzzing. Paper accepted by USENIX Security.

Undergraduate Researcher — Dr. Joy Arulraj · Accelerating Data Analytics with Logical Zone Maps

Aided design of new logical indexing structures for caching statistical aggregates over subsets of data.

Undergraduate Teaching Assistant — Design & Analysis of Operating Systems

Taught operating-systems concepts and kernel programming; graded and maintained assignments.

Projects & Publications

Fuzzification: Anti-Fuzzing Techniques. Jinho Jung, Hong Hu, David Solodukhin, Daniel Pagan, Kyu Hyung Lee, Taesoo Kim. In Proceedings of the 28th USENIX Security Symposium, Santa Clara, CA, Aug 2019.

Systematic Derivatives Trading.Schwab Developer Program
Engineered a quantitative framework to model SPX dealer-hedging flows and aggregate gamma exposure, using the output to generate intraday directional signals. Executed 0DTE vertical credit spreads against modeled liquidity constraints under strict tail-risk parameters.

Linux Kernel Modules.kernel v4.15.18
Built a module that starts a kernel daemon to transmit OS stats; implemented a kernel module for artificial network-traffic throttling and proxying.

Wolfram Alpha SSRF. Found an SSRF vulnerability in the Wolfram Alpha API granting free access to premium features; reported it to the WA team and the exploit was patched.

Education

Georgia Institute of Technology

B.S. in Computer Science · Atlanta, GA

Aug 2016 — May 2020

Skills

Languages

C++CPythonJavaGo(PL)SQLJavaScriptx86/64 ASM (GAS, FASM)

Systems & Tools

eBPFXDPTCGCPAWSOracle CloudLLVMOpenMPMPIDockerKuberneteslibcontainerKVM/QEMUlibvirtGitReverse EngineeringFuzzingVirtualization

Languages (spoken)

EnglishRussian — Native