Sr. Cloud & Application Security Engineer
Current• Led cloud security initiatives, reducing vulnerabilities by 30% across AWS and Azure environments.• Conducted security evaluations and penetration tests of cloud systems, implementing OWASP Top 10 risk mitigation strategies.• Orchestrated vulnerability management using Nessus, Qualys, Fortify, IBM AppScan, and Nexus.• Designed IAM solutions and PKI, enhancing secure access within cloud platforms.• Leveraged SIEM platforms for real-time log analysis, improving incident detection by 25%.• Managed endpoint security tools, reducing security incidents by 40%.• Implemented DLP, VPNs, and IDS/IPS systems to safeguard cloud assets.• Configured VPCs, subnets, and firewalls for secure cloud communication.• Automated security processes using Python and PowerShell, reducing manual tasks by 50%.• Contributed to secure CI/CD pipeline development, enhancing SDLC security by 40%.• Managed access recertifications and provisioning using Jira and ServiceNow.• Developed audit-ready documentation for access management processes.• Led enhancements to access control workflows, optimizing efficiency using Jira.• Applied security best practices to AI projects, focusing on data and algorithm protection.• Participated in incident response efforts, reducing resolution time by 25%.• Implemented cloud security controls aligned with NIST, ISO 27001, and MITRE ATT&CK frameworks.