Ashish Srivastava

Senior Team Lead at Thales building identity & access management systems. 13+ years across Java/Spring, AWS, and security protocols (OAuth2, OIDC, SAML, ForgeRock, Keycloak). I like quiet systems that just work.

What I do

I'm currently a Senior Team Lead at Thales in Noida, working on identity, access management, and security tooling. Most of my career has been spent close to the protocol layer — designing Identity Providers and brokers, integrating SSO across SAML, OAuth 2.0, and OIDC, and wiring federated identity into products built on ForgeRock, Keycloak, and CAS.

On the platform side, I design Java/Spring services that run on AWS and OpenStack — microservices, gRPC and GraphQL APIs, event-driven pipelines on Lambda and SQS, and the data models that hold them together. I'm an AWS Certified Solutions Architect.

Before Thales, I was an Associate Architect at Nexgen IOT Solutions and a Senior Software Engineer at IDEMIA. Earlier roles at Oniondev, Debug Design, Hovel, and Dynakode gave me time across the full stack — from JSP and JVM internals to Angular front-ends and Django services.

How I think about engineering

• Security is a property of the whole system — not a feature you bolt on after launch.
• Boring beats clever — well-understood patterns, clear contracts, and small services age better than novelty.
• Own the lifecycle — design, build, ship, monitor, and on-call for what you build.

Education

• B.Sc. — Information Technology — Kuvempu University (2011 — 2014)
• Diploma — Software Engineering — NIIT (GNIIT) (2011 — 2013)

Certifications

• AWS Certified Solutions Architect — Associate — Amazon Web Services
• Conversation on Cryptography: A Total Course — Mike Meyers

Outside of work

I read, tinker with side projects, and write the occasional note here. Always interested in talks on cryptography, distributed systems, and the messier corners of identity.