Hamed Javam, Cissp Email & Phone Number

Vancouver, British Columbia, Canada

London, UK

• Led the security strategy for Azure cloud environments, focusing on identity management, network security, and data protection.
• Managed security monitoring and incident response using Azure Security Center, Azure Sentinel, and Microsoft Defender for Cloud.
• Designed IAM policies and managed Entra ID for secure access management, including MFA and conditional access policies.
• Developed ARM templates and Azure Blueprints for secure resource provisioning and enforced security policies using Azure Policy
• Ensured secure connectivity between on-premises infrastructure and Azure cloud resources through architectural best practices.
• Supported the migration of on-premises applications to Azure, ensuring security best practices were followed throughout the transition.

• Developed comprehensive security strategies for AWS and Azure cloud environments, enhancing identity management and network security.
• Conducted security monitoring and incident response with AWS CloudWatch, CloudTrail, and AWS Config for resource compliance.
• Managed IAM roles and permissions, utilized AWS KMS for key management, and leveraged AWS Security Hub for alert management.
• Successfully architected and implemented GRC-compliant infrastructure, integrating NIST CSF, CIS Controls, and NIST SP 800-53 to enhance organizational security and risk management.
• Architect distributed and hierarchical on-premises SIEM by Splunk Enterprise and Splunk Enterprise Security with more than 10 instances of Splunk.
• Lead a high-performance SOC team through mentorship and close collaboration.

• Led a high-performance Infrastructure team, consists of Linux admin, Server Virtualization, NOC/SOC, DB, Network and vendor.
• Architected the security of firm infrastructure aligned with security frameworks, compliance requirements, and business needs.
• Architect and deploy SIEM solution using Splunk Enterprise Security Application and NSM SO.
• Intergrade Splunk with multiple security tools and data sources including firewalls, VPNs, IDS, IPS, and WAFs from vendors such as Cisco ASA, FortiWeb, FortiGate, Zeek, Suricata.
• Reduce total cost of ownership (TCO) by deploying Open-Source Solutions in like Zeek, Suricata, HA-proxy.
• Reduce unauthorized access to our infrastructure by 95% through centralized Identity and Access Management (IDAM) using Active Directory, FreeIPA, Auditd, and Splunk.

• Fortify Web Application Security by WAF Appliance deployment in reverse mode proxy.
• Fortify Datacenter Servers by NGFW deployment with multiple zones
• Conduct quarterly vulnerability assessments of 50+ Linux and windows servers

• Worked closely with stakeholders to architect and implement SOC and SIEM solution that aligns with Governance, Risk, and Compliance (GRC) requirements.
• Enhance SIEM insight with application layer data from traffic sensors, direct DBMS queries, threat intelligence feeds, and asset-related vulnerability lists, along with user privileges.
• Spearheaded SIEM projects using Splunk Enterprise Security.
• Conduct Vulnerability assessment and applications and eliminate all high+ vulnerabilities.
• Hands-on experience in deployment of various security appliances like firewall, VPN, IDS, IPS, WAF from different vendors like Cisco, Palo Alto, Juniper, Fortinet, F5.

• Conducted comprehensive audits for ISMS ISO 27001 compliance, ensuring adherence to information security management standards.
• Designed and deployed secure infrastructures for 25+ enterprises, adhering to Cisco best practices and utilizing security tools including firewall, VPN, IDS/IPS, WAF.
• Conducted vulnerability assessments and implemented remediation solutions to enhance security posture.

• Teach Computer Programing, Networks and Security courses to undergraduate students.

Master Of Science - Ms, Computer Engineering

Bachelor'S Degree, Computer Engineering