• Re-architected an existing software system to be modern and container-friendly.• Participate in MVP solution architecture & design activities, creating security solutions and security controls for different projects including SSO (single sign-on), ADFS, OAuth2.0,Service Mesh, Kubernetes, IAM(Okta),terraform, Splunk SIEM Sourcefire/snort, Devops CI/CD pipeline, API Gateway, threat protection, end point security.• Architected Privileged Access Management (PAM), CyberArk Vault Central Policy Manager, Privileged Access Manager, PVWA, and Private Ark.• Helped to develop backup and recovery strategy for applications and database on virtualization platform.• Involved in building security model, VPC, Terraform,ansible,Elastic IP for databases on Cloud platform.• Provide design-time assessments and guidance to teams building and deploying new technology.• Designed public and private facing websites on AWS Cloud, focusing on high availability, fault tolerance, and auto scaling.• Design security controls for proposed solutions to meet relevant IT Security policies, standards and guidelines, as well as Enterprise Security Requirements, regulatory, legislative, scheme and application specific requirements including the SABSA,PSD2 and PCI• Apply security compliance, government policy and industry frameworks including SABSA, NIST, ISO 27001• Key project including information security risk management, governance, business continuity management and business resiliency issues and threats surface.• Working on HMG Security Policy Framework/Risk Management/Vulnerability Management/Protective Monitoring/Security report analytics.• Architect of Sophos UTM in both VMware environment features including Mail Proxy, IPS, Web

• Involved in building security model, VPC, Terraform,ansible,Elastic IP for databases on Cloud platform.• Provide design-time assessments and guidance to teams building and deploying new technology.• Participate in solution architecture & design activities, creating security solutions and security controls for different projects including SSO (single sign-on), SAML, ADFS, IAM(Forgerock), Service Mesh including microservices, SIEM Solutions including logrhthm and Splunk, Hper-V and VMware • Devops CI/CD pipeline, API Gateway, threat protection, end point security.• Identify and communicate new security threats and design Security Architecture elements to mitigate threats as they emerge.• Provide cloud cost expertise, advice, direction and help to our clients to realise their cost optimisation aspirations• Deliver and contribute to the development of the tooling and capabilities needed to enable our cloud financial management roadmap• Support the needs of Cloud Migration Programmes from a cost perspective• Identifying continuous improvement opportunities• Collaborate with vendor partners whilst actively developing and maintaining strategic relationships

• Designing and implementation of public and private facing websites on AWS Cloud.• Migrating from On-Premise Infrastructure to AWS Cloud.• Focusing on high-availability, fault tolerance, and auto scaling using AWS Cloud Formation . • Configured and managed various AWS Services including EC2, terraform, RDS, VPC, S3, Glacier, Cloud Watch, Cloud Front, and Route 53 etc.• Configured various performance metrics using AWS Cloud watch & Cloud Trial• Worked on configuring Cross-Account deployments using AWS Code Pipeline, Code Build and Code Deploy by creating Cross-Account Policies & Roles on IAM.• Written various Lambda services for automating the functionality on the Cloud.• Used AWS Route 53 for configuring the High-Availability and Disaster recovery to make the environment up and running in case of any unexpected disaster.• Maintained the user accounts (IAM), RDS, Route 53, VPC, RDB, Dynamo DB, SES, SQS and SNS services in AWS cloud. • Involved in setting up builds using Chef as a configuration management tool• Created and executed a smooth supply chain process placing in applicable procedures, linking procurement, operations & sales, and developing interaction between functions.• Led and managed a team of engineers. Mentored and empowered direct reports to independently manage projects.

• Vulnerability management and penetration testing tools and processes using Qualys• Architect AuthN/AuthZ such as OpenAuth and SAML.• Experience in containerisation (eg Docker) and container security• Notably technologies designed to complement the Microsoft Azure stack and the Amazon AWS technologies.• Designing the security mechanisms for cloud deployments• Designed Network Security Groups (NSGs) to control inbound and outbound access to network interfaces (NICs), VMs and subnets.• Setup Azure Virtual Appliances (VMs) to meet security requirements as software-based appliance functions (firewall, WAN optimization and intrusion detections).• Leveraged VNET system routes and underlying route table that holds Local VNet Rules, On-premise Rules, Internet Rules and IP Forwarding as a design basis.• Designed User Defined Routes with custom route tables for specific cases to force tunneling to the Internet via on-premise network and control use of virtual appliances in the customer’s Azure environment.

• Designing, planning, and implementing network infrastructure to meet organizational requirements.• Evaluating and recommending network technologies and solutions to enhance network performance and security. Designing, planning, and implementing network infrastructure to meet organizational requirements.• Evaluating and recommending network technologies and solutions to enhance network performance and security.• Developing and maintaining user manuals and training materials.

• Led and supported in developing and sustaining Network. Oversaw and managed day-to-day operations of service infrastructure to reduce cost. • Installed and analysed customer site to improve end user experience. Steered and provided field support for equipment operation/troubleshooting to enhance equipment reliability.• Fostered and sustained professional relationship with overall hardware/software vendors and service providers for projects.• Procurement - Managed vendor relationship with all hardware/software vendors and service providers for projects.• Provided field support for equipment operation/troubleshooting.• Assisted in planning and general maintenance of the Network and Security components