Skills
Key Skills & Experience:
Security Architecture & Engineering: Designing and implementing security frameworks, conducting penetration testing, and building secure CI/CD pipelines.
Cloud Security & Compliance: Proficient in securing cloud infrastructure using AWS, Docker, Kubernetes, and other related technologies.
Security Automation & DevSecOps: Skilled in automating security testing and response using tools like Jenkins, Ansible, and Terraform.
Threat Management & Incident Response: Expertise in threat hunting, log analysis, and incident response using platforms like Splunk and GrayLog.
Bug Bounty & Ethical Hacking: Extensive experience in identifying and reporting vulnerabilities to leading bug bounty platforms such as HackerOne and BugCrowd.
Team Leadership & Consulting: Successfully led multiple security teams and collaborated with development and operations teams to align security goals with business objectives.
About
I am an experienced DevSecOps engineer and penetration tester with over 20 years of expertise in managing, securing, and consulting on cloud infrastructure and security operations. As a recognized BlackHat Speaker and researcher, I have delivered talks on application security and vulnerability assessments. Additionally, I have identified multiple critical vulnerabilities leading to CVE assignments, which have been acknowledged by industry leaders. My primary focus is on cloud security, infrastructure hardening, and integrating security into CI/CD pipelines, ensuring that all aspects of development and deployment are robust and secure.
Profile Photo
