FIELD // KHUSHI SHAH

Hi, I'm Khushi.

I like to build inside messy technical environments.

By titles, I'm a Security engineer and product-minded builder working across customers, systems, data, and operational constraints.
By practice, I learn how the system actually works, find where people get stuck, and turn fragmented reality into reliable workflows they can use.

How I work in the field

01

Map the environment

Understand the systems, constraints, users, and handoffs already in play.

02

Find the real bottleneck

Separate the stated request from the thing slowing people down.

03

Build the smallest useful bridge

Integrate what exists, prototype what is missing, and make the workflow usable.

04

Learn from use

Watch what gets adopted, what gets ignored, and what should become reusable product capability.

When teams call me in

These are the situations where someone needs to learn the environment first and not just PR against a spec.

  • Fragmented data across tools, vendors, and spreadsheets
  • Customers with a real workflow problem but no clean requirements
  • High-stakes decisions that need usable context
  • AI or automation that needs human boundaries
  • A one-off implementation that needs to become repeatable

Selected field work

What I learned when the system met reality. Each case study maps how fragmented environments became usable workflows — and what became repeatable.

01 / FIELD DEPLOYMENT · SECURITY OPERATIONS

Spotlight Security

Deploying a usable security workflow across fragmented customer environments.

Unified host telemetry, multi-vendor firewall data, and customer context into findings teams could prioritize, remediate, and follow through on.

THE ENVIRONMENT

IT and OT telemetry · three firewall ecosystems · inconsistent configuration formats · customer-specific baselines · security teams across consoles, tickets, and spreadsheets

WHAT WAS BREAKING

Teams had data everywhere but no consistent path from scattered evidence to a trustworthy action.

WHAT I DID IN THE FIELD

Mapped customer decision workflows, normalized multi-vendor data, built context-aware detection, and connected deployment into the product.

WHAT CHANGED

~60% reduction in manual audit effort · prioritized findings with credible next actions

WHAT BECAME REUSABLE

A finding was only valuable with customer-specific context and a credible next action — not merely a severity label.

FRAGMENTED ENVIRONMENTSUSABLE FINDINGSOPERATIONAL ACTION
READ FIELD CASE STUDY →
HOST AGENTSFIREWALL CONFIGNETWORK CONTEXTNORMALIZE + DETECTPRIORITIZED FINDINGACTION + FOLLOW-THROUGH

02 / FIELD DISCOVERY · MISSION-CRITICAL SYSTEMS

Friend / Foe

Field discovery in a time-critical military workflow.

Through 30+ interviews, simulator observation, and live-exercise shadowing, we found friendly-force information already existed — but lived outside the commander's sightline.

THE ENVIRONMENT

M1 Abrams tank crews · JMRC Germany · DCTC Poland · BFT, MFoCS, and JBC-P battlefield systems · ≤5 seconds to identify a target

WHAT WAS BREAKING

The information already existed. The problem was that it was not available where the decision happened.

WHAT I DID IN THE FIELD

30+ stakeholder interviews, simulator and live-exercise observation, assumption reversal, and integration into the commander's existing display.

WHAT CHANGED

Reframed from 'better interface' to placing the right signal inside the operational display crews already use.

WHAT BECAME REUSABLE

Operators won't leave the sight picture under fire — we need to surface friend-or-foe inside the display they already trust, not add another system to check.

FIELD RESEARCHASSUMPTION REVERSALINTEGRATED DECISION SUPPORT
READ FIELD CASE STUDY →
FIELD RESEARCH // JMRCDECISION LATENCY // OBSERVEDEVIDENCE_01

03 / CLIENT WORKFLOW DEPLOYMENT

RiskLink

Deploying AI into an expert intake workflow without replacing human judgment.

Turning expert intake into a repeatable handoff system — the first conversation should collect context, not consume all the expert time.

THE ENVIRONMENT

Cyber-risk insurance intake · client owner and downstream underwriting team · ~2 hour first calls · eight security domains

WHAT WAS BREAKING

Expert time was spent repeatedly gathering foundational information before the team could focus on judgment.

WHAT I DID IN THE FIELD

Mapped client workflow with the owner, constrained the MVP, built voice-led intake, structured outputs, and designed human handoff boundaries.

WHAT CHANGED

Reduced average intake from ~2 hours to ~30 minutes with structured handoff reports.

WHAT BECAME REUSABLE

Repeatable intake structure: domain prompts, clarification logic, structured outputs, report generation, and a safe handoff boundary.

CLIENT WORKFLOWMINIMUM INTERVENTIONHUMAN HANDOFF
READ FIELD CASE STUDY →
"Tell me about your...""Can you clarify...""One more thing..."JSON OUTPUTGENERATED REPORTTEAM FOLLOW-UP →

Field Notes

The parts of my work that live outside a deployment story but shapes how I think.

012026 – Present

Verified by the Kids

Facebook Community Initiative · Online

Founded a community initiative teaching parents practical cyber safety — translating security know-how into guidance families can actually use.

  • Launched a community-facing page focused on parent cyber safety education
  • Share practical tips on online threats, privacy, and safer digital habits for families
02June 2025

H4D Success Story: Friend or Foe

Hacking for Defense (H4D) · United States

Project on reducing friendly fire in armored warfare published on the official H4D success stories site.

  • Selected into the Defense Innovation Scholar Fellowship–Cohort (DISF-C)
  • Recognition as a featured H4D success story
03May 2024

Poster Publication at USENIX 2024

USENIX SOUPS · Philadelphia, PA

Poster on privacy preferences in multi-user smart personal assistant settings.

  • Presented multi-institutional privacy research on SPAs
  • Surveyed 90+ participants and evaluated leading SPAs
04November 2024

Military Innovation Research Project

JMRC / Lean Innovation Lab · Poland & Germany

On-site research with JMRC as part of CMU's Lean Innovation Lab, evaluating operational technology in real-world military training.

  • Worked with military teams and participated in simulator drills
  • Collaborated with international forces for technology evaluation
05April 2025

Alumni Talk at Ahmedabad University

Ahmedabad University · India

Speaker on college-to-career stories and reflections with prospective students.

  • Spoke on career decisions, education paths, and student life
  • Engaged with audience on life beyond the classroom

I like building with teams that care what happens after the product meets the real world.