Responsibilities • Utilized threat modeling tools and methodologies to identify potential vulnerabilities and attack vectors (Microsoft Visio to draw and analyze (DFD) Data flow Diagram)• Conducted thorough assessments to identify the components and boundaries of the systems/Application under consideration. Applied the STRIDE framework to categorize threats into different main categories.• Identify and assess security risk and vulnerability, taking into account potential threats and their impact on the organization.• Utilized threat modeling tools and methodologies to identify potential vulnerabilities and attack vectors (Microsoft Visio to draw and analyze (DFD) Data flow Diagram)• Ensure that cloud infrastructure and applications comply with relevant regulations, standards, and internal policies (e.g., GDPR, HIPAA, SOC 2, ISO 27001).• Collaborated with Solution Architects and development teams to design and implement mitigation strategies based on the identified threats.• Engaged with customers and stakeholders on successful planning and execution of validation engagements.• Develop action plans to address compliance gaps and vulnerabilities and work with relevant teams to implement corrective measures.• Integrate security measures into the entire software development lifecycle and infrastructure provisioning process.• Implement risk mitigation strategies and work with IT teams to address critical security vulnerabilities and exposures. • Assess and select security tools, technologies, and services that enhance the security posture of the cloud environment. • Maintain relationships with cloud service providers (e.g., AWS) to understand their security offerings and ensure alignment with organizational security requirements.• Stay informed about emerging security threats and vulnerabilities, and proactively adapt security measures to address them.

Responsibilities • Maintained core body of knowledge on emerging aws cloud security risks and vulnerabilities. • Analyzed penetration test results and engaged with technology partners and business units to resolve identified vulnerabilities using aws best practice. • Met with variety of stake holders weekly to prioritize and remediate vulnerabilities for the customer.• Engaged with application and product teams to improve DevOps hygiene as it relates to application and vulnerability management.• Managed security vulnerability lifecycle from detection to notification and closure within the customer security engineering team• Defined, accessed and reported vulnerability and threat program roadmap, status, and metrics.• Ensured appropriate operational hygiene is in place for OS/Application patching and vulnerability remediation, adoption of latest images, etc.• Ensure implementation of security and compliance requirements are met and maintained • Identified gaps in vulnerability management tooling and worked with our technical partners and clients to assist with remediation of cloud vulnerabilities. • Performed research and analysis of cloud vulnerability assessments to meet with industry best practices• Acted as mentor and leader to team members and actively engage senior leadership with new updates, strategy, plans and procedures. • Monitored and reviewed Cloud vulnerability and compliance scan results and determined best strategy to drive remediation.

• Architecting and deploying secure and robust applications using AWS services tools such as VPC, IAM, KMS, Lamda, S3, DynamoDB, RDS, API Gateways, SNS, Route 53 e.t.c • Build and maintain infrastructure as code automation for network and security components and configuration. • Provide technical mentoring and knowledge transfer to other Technology resources.• Enhance and maintain Continuous Integration and Continuous Delivery pipelines (CI/CD)• Actively troubleshooting any issues that arise during testing and production, catching and solving issues before launch • Develop security architectures for AWS cloud.• Build security tool kits to monitor and protect cloud infrastructure

• Facilitate IAM and support the overall IAM strategy in collaboration with IT Operations. • Provides oversight, guidance, and design support of security-related initiatives such as network segmentation, IAM, and cloud. • Develop security designs and solutions based on sound best practices. • Assess, design, and implement network and security solutions for various client sizes and industries.

✯ Conducted internal and external inspections of pressure vessels, towers, heat exchangers, piping, heaters and other miscellaneous equipment to determine the condition of the equipment during the fall 2017 turnaround.✯ Prepared all reports in a timely manner, making repair recommendation and following up the repairs when necessary. ✯ Reviewed repair/replacement package, cleared all NDE performed and approved hydrotest. ✯ Inspected piping components, welding, and Mechanical work, including witness testing such as Hydrostatic testing on piping and Vessels and Bolts Torqueing during this turnaround. ✯ Inspected and verified both in-process and completed work activities and reviewed all documentation as well as field verification prior to sign off for closure and release to production.