Security Architect
Current• Re-architected an existing software system to be modern and container-friendly.• Participate in MVP solution architecture & design activities, creating security solutions and security controls for different projects including SSO (single sign-on), ADFS, OAuth2.0,Service Mesh, Kubernetes, IAM(Okta),terraform, Splunk SIEM Sourcefire/snort, Devops CI/CD pipeline, API Gateway, threat protection, end point security.• Architected Privileged Access Management (PAM), CyberArk Vault Central Policy Manager, Privileged Access Manager, PVWA, and Private Ark.• Helped to develop backup and recovery strategy for applications and database on virtualization platform.• Involved in building security model, VPC, Terraform,ansible,Elastic IP for databases on Cloud platform.• Provide design-time assessments and guidance to teams building and deploying new technology.• Designed public and private facing websites on AWS Cloud, focusing on high availability, fault tolerance, and auto scaling.• Design security controls for proposed solutions to meet relevant IT Security policies, standards and guidelines, as well as Enterprise Security Requirements, regulatory, legislative, scheme and application specific requirements including the SABSA,PSD2 and PCI• Apply security compliance, government policy and industry frameworks including SABSA, NIST, ISO 27001• Key project including information security risk management, governance, business continuity management and business resiliency issues and threats surface.• Working on HMG Security Policy Framework/Risk Management/Vulnerability Management/Protective Monitoring/Security report analytics.• Architect of Sophos UTM in both VMware environment features including Mail Proxy, IPS, Web