About Me

profile image
About Me
I'm a

Cloud Security Engineer specializing in secure, compliant cloud/hybrid architectures. I integrate IAM, Zero Trust, and automation to reduce risks while optimizing costs (20-40% savings). Expert in DevSecOps and audit-ready systems that balance security with agility.

Download CV

Core Expertise

    📜 Compliance & Risk Assessment
    • Compliance: NIST 800-53/37 ➤ FedRAMP ➤ RMF ➤ SOC 2 ➤ ISO 27001 ➤ PCI DSS ➤ HIPAA ➤ GDPR
    • Assessment Tools: Tenable Nessus ➤ NMAP ➤ AWS Inspector ➤ SCAP Compliance Checker ➤ eSTIG

    🔐 Identity & Access Management (IAM)
    • Enterprise IAM: AWS IAM ➤ Azure AD ➤ SailPoint ➤ RBAC/ABAC ➤ Zero Trust Architecture
    • Authentication Protocols: PKI ➤ SAML ➤ RSA SecurID ➤ OAuth2 ➤ OpenID Connect ➤ RADIUS ➤ TACACS+

    Cloud Security & Containerization
    • Cloud Security Tools: AWS KMS ➤ CloudTrail ➤ EventBridge ➤ Step Functions ➤ Control Tower ➤ Athena ➤ AWS Config
    • Machine Learning: Trained and evaluated Logistic Regression, K-Nearest Neighbor (KNN), Support Vector Machine (SVM), and Random Forest models.
    • SIEM & Logging: Splunk ➤ AWS GuardDuty ➤ Macie ➤ Audit Manager ➤ CloudWatch ➤ Security Hub
    • Operating Systems & Containerization: Windows ➤ UNIX ➤ Linux ➤ VMware ESXi ➤ Docker

    🛡️ Infrastructure & Network Defense
    • Network Security: McAfee ePO Antivirus ➤ DLP ➤ Forcepoint NGFW ➤ IDS/IPS ➤ Cisco/InfiniBand Routers/Switches
    • Automation Tools: Terraform ➤ CloudFormation ➤ Lambda Function ➤ GitHub Actions CI/CD
    • Scripting & Data Formatting Tools: Python ➤ Bash ➤ JSON ➤ YAML ➤ HTML ➤ CSS

Key Achievements

    🔐 IAM & Zero Trust
    • Designed AWS IAM policies for fine-grained access control—enforcing least privilege across multi-account environments.
    • Implemented zero-trust architecture across multi-cloud environments—reducing security incidents by 78%
    • Automated IAM lifecycle using Terraform/Lambda—cutting manual provisioning by 90%.

    🚀 Cloud Security & Automation
    • Built real-time threat detection with AWS Lambda—improving response time by 92% ($150K annual savings).
    • Led hybrid cloud migration using AWS Well-Architected Tool—accelerating deployment by 30%.
    • Integrated GuardDuty + Security Hub—boosting threat visibility by 75%

    📜 Compliance & Risk Reduction
    • Remediated 200+ vulnerabilities using AWS EventBridge rules, Systems Manager, Lambda function, & Step Functions—ensuring 100% audit readiness.
    • Streamlined RMF processes, using the NIST 800-53—reducing security gaps by 45% for mission-critical DoD systems.
    • Developed incident response playbook—slashing system recovery time by 60%.

    ⚙️ Machine Learning
    • Developed a machine learning-based phishing URL detection system to enhance cybersecurity and prevent phishing attacks.
    • Trained and evaluated four machine learning models: Logistic Regression, K-Nearest Neighbor (KNN), Support Vector Machine (SVM), and Random Forest.
    • Designed an interactive, real-time phishing detection dashboard with live learning capabilities for continuous threat adaptation, leveraging the Kaggle Phishing URL Dataset: (View Dataset).
    • Achieved a 97% classification accuracy using the Random Forest model for phishing website detection.

Education & Certifications