May 2024 – Present · 1 yr 11 mos

• 1. Lead multi-cloud security initiatives across Azure, AWS, and GCP focused on CSPM, CWPP, identity security, and cloud governance.
• 2. Conduct end-to-end threat modeling for cloud architectures, identifying risks and recommending zero-trust aligned mitigations.
• 3. Enhance CSPM accuracy by refining posture detections, improving rule logic, and reducing false positives at scale.
• 4. Design and implement identity-based authentication for serverless functions, eliminating secrets and strengthening access security.
• 5. Build cross-cloud enforcement automations using cloud functions to validate and enforce configuration baselines and network security controls.
• 6. Lead cloud vulnerability remediation programs across multiple business units, significantly reducing aging issues and improving compliance with CIS/NIST guidelines.
• 7. Implement cloud governance policies for hybrid environments, supporting secure onboarding and strengthening workload protections.
• 8. Support application and infra teams by reviewing and tuning cloud configurations, resolving misconfigurations, and improving operational security.
• 9. Enhance SIEM monitoring by improving query logic and onboarding cloud/network metadata for more accurate dashboards and investigations.
• 10. Contribute to identity-based policy exemption workflows to modernize cloud governance and align policy models across Azure, AWS, and GCP.
• 11. Collaborate with cloud, infra, networking, and operations teams to drive runtime security improvements across containers, ECS workloads, and serverless platforms.
• 12. Continuously support automation improvements and cloud operations refinement for better performance, stability, and resilience.

Nov 2023 – Present · 2 yrs 5 mos

• As an Identification Engineer, I focus on identifying security gaps within Application Security Posture Management (ASPM) and Cloud Security Posture Management (CSPM) frameworks. My responsibilities include enhancing data quality, performing gap analysis, and developing automation solutions to enforce security best practices and policies across both cloud and application landscapes.

Nov 2022 – Nov 2023 · 1 yr

• 1. Ensure application code compliance with industry-standard regulations through static and dynamic scanning tools, such as Checkmarx and Invicti.
• 2. Lead the External Threat Management process, guiding a team of Information Security Specialists in analyzing attack vectors and collaborating with application teams on remediation efforts.
• 3. Collaborate with application teams on cloud vulnerability remediation using tools like Wiz to ensure secure cloud configurations.
• 4. Support application teams in remediating potential open secrets and conducting reviews of open-source software within the GitHub Enterprise instance, utilizing GitHub Secret Scanner and Dependabot to ensure security and compliance.
• 5. Developed and implemented an audit process called 'Trust but Verify,' where tasks related to the Software Development Life Cycle (SDLC) are systematically verified by an outsourced engineering team to ensure compliance and quality assurance.

Apr 2021 – Nov 2022 · 1 yr 7 mos

• 1. Part of Global engineering team. Produce enterprise-level designs (HLD and LLD) for Azure AD SSO Apps for global initiatives following those through to implementation via collaboration with project and support teams.
• 2. Identify opportunities to innovate, extend and enhance service delivery everywhere possible.
• 3. Own Root Cause Analysis and Problem Management for corporate Identity Management environment.
• 4. Serves as escalation point for application support and troubleshooting, provides guidance and direction in resolution of escalated issues and/or complex production, application or system problems.
• 5. Serves as the first line of escalation support for domain technology issues that cannot be resolved by tier one and two server support.
• 6. Install, configure, and maintain on-premise servers for the technologies maintained by the team and third-party software utilities for hardware systems within company operational guidelines.
• 8. Improve existing processes through solutions to recurring problems and enhancements to existing solutions or documentation.
• 9. Manage customer satisfaction through effectively communicating and managing customer expectations
• 10. Provide support, implementation, and design services for Microsoft Active Directory SSO and On-premise SSO across the enterprise, including directory and identity management solutions.
• 11. Resolve and appropriately complete assigned cases and change requests and acts as an escalation for support issues.
• 12. Applies new solutions through research and collaboration with team and determines course of action for new application initiatives.