● Perform an overall assessment of the company's assets, products, supporting platforms, existing on-premises infrastructure, networks, data storage, and web applications to understand the environment as a basis for the design of the AWS Security Architecture.● Securing Kubernetes workloads by implementing secrets , OIDC , configMaps etc. 
● Securing container images by doing proper scanning , hardening images by using secured base images. Using Inspector to scan images. ● Used Dependabot on Github to scan codes pushed into GitHub to detect package vulnerabilities. ● Performed SAST, DAST, SCA, and IAC security testing on applications and performed False positive analysis.● Deployed control tower to govern AWS accounts using guardrails to prevent and detect actions in AWS.● Integrated AWS SSO with active directory for onboarding users into AWS SSO for access into AWS accounts. ● Created quality profiles and quality gates for ensuring proper code scanning for bugs , code coverage , vulnerability checks etc.● Perform continuous in-depth monitoring of cloud applications (CloudWatch, CloudTrail, VPC Flow Logs, Config, etc.) and provide recommendations for minimizing loss and destruction, mitigating exploited or exploitable weaknesses, and minimizing impact to service/returning to normal service as quickly as possible.● Leveraged different design principles for security in the cloud and implemented various AWS services to improve the security posture for Authentication, Authorization, Monitoring, Auditing, Encryption ,and Data path security.● Implemented security best practices in AWS, including multi-factor authentication, access keyrotation, role-based permissions, enforced strong password policy, configured security groups and NACLs, S3 bucket policies, and ACLs.● Develop a FedRAMP system security strategy that integrates FedRAMP-specific information, such as revising control implementation statements, writing security control implementation statements, etc

● Assess and support the integration of new security features (CSP security tools, Snyk, Veracode, Palo ,Alto Prisma, etc.) into existing infrastructures, provide gap analysis of cybersecurity features, and relate the existing system to future needs and trends.● Applied security and software assurance best practices for the integration of security into thesoftware development lifecycle and automating and enforcing those checks in pipelines● Expands the usage of security monitoring tools to improve the environment's security based on business use cases or changes in the threat landscape, root causes from security incident response, or output from security analytics.● Provide Cloud expertise on methodical architecture evaluation, networking and firewall ruleevaluation, and intrusion detection and prevention sensor (IDPS) deployment in cloud environments that enable continuous monitoring.● Provide technical and thought leadership within SOC by teaching other SOC analysts about static and dynamic ways to detect, analyze, and mitigate security incidents and other anomalies.● Regularly recommending new SOC practices and approaches to addressing program improvement. ● Review of available logs to confirm there are adequate quantities and content to provide Security Monitoring usefully● Engaging in all forms of communications (e.g., phone calls, instant messaging, web page updates) to ensure cases are efficiently investigated by all approved parties, regardless of what company,

● Implemented security best practices in AWS, including multi-factor authentication, access keyrotation, encryption using KMS, firewalls- security groups and NACLs, S3 bucket policies and ACLs,mitigating DDOS attacks, etc.● Served in vendor risk management, application development, network, cloud-based services, and platform (operating system) efforts, helping comply with enterprise and IT security policies, industry regulations, and best practices.● Work closely with CloudOps, DevOps, and IT Engineers on technologies like FWs, ACLs, WAFs, IAM roles and permissions, Vulnerability management and hardening, threat, and Intrusion detection,and Container Security.● Perform daily Splunk Enterprise Security log review, monitor, and investigate IDS alerts from Palo Alto firewall, Web Proxy servers, DNS server, HIPS logs, Syslog for malicious activity, and Cisco IronPort logs.● Perform daily Splunk Enterprise Security log review notable events and alerts for malicious activity such as SSH Scans, Network Trojans, Administrative Privileges escalation, Privacy Violations, Code Injection, and web application attacks.● Perform daily Splunk Enterprise Security monitoring of Local and International VPN users, respond to potential cyber incidents, and coordinate response actions according to incident response procedures (NIST SP 800 61).● Analyze Splunk threat intelligence dashboards, investigate web proxy server logs to keep abreast of mail gateway security trends, and modify existing capabilities based on threat assessments to improve or strengthen security posture.● Work with developers to find the vulnerabilities, produce code to secure products/software, broaden developer awareness of secure software development best practices and act as anInformation/Application Security subject matter expert on product development matters.