About
Highly accomplished Senior DevSecOps Engineer with over 5 years of experience in architecting robust cloud security solutions, enhancing system uptime, and leading critical compliance initiatives. Proven expertise in reducing vulnerabilities by up to 95% and mitigating 275K+ attacks, driving significant improvements in security posture and operational efficiency across diverse cloud environments. Adept at implementing zero-trust architectures, automating security pipelines, and ensuring PCI DSS, SOC2, and GDPR compliance for high-transaction platforms.
Work
Remote, India, India
→
Summary
Led the architecture and implementation of secure, highly available cloud infrastructure and DevSecOps pipelines for a healthcare platform, ensuring robust security and operational excellence.
Highlights
Architected highly available, fault-tolerant cloud infrastructure serving 200K+ healthcare users, achieving 99.99% uptime through zero-trust principles and Infrastructure as Code (IaC).
Engineered DevSecOps CI/CD pipelines with SAST/DAST scanning across 25+ microservices, eliminating 95% of security incidents via automated orchestration.
Deployed DDoS mitigation and WAF blocking, successfully defending against 275K+ attacks using advanced threat intelligence.
Implemented robust container security controls, reducing vulnerabilities by 92% across 15+ Kubernetes clusters.
Delhi, Delhi, India
→
Summary
Spearheaded security governance and DevSecOps maturity for an e-commerce platform, ensuring PCI DSS compliance and significantly reducing critical security metrics.
Highlights
Established a comprehensive security governance framework for an e-commerce platform processing millions of transactions daily.
Implemented a DevSecOps maturity model with SAST/DAST integration, significantly reducing Mean Time to Remediate (MTTR) by 75%.
Achieved PCI DSS Level 1 compliance through the deployment of automated security controls and continuous monitoring.
Conducted 25+ detailed risk assessments and threat modeling sessions, enhancing security posture for critical cloud applications and microservices.
Deployed infrastructure-as-code solutions to manage 500+ cloud resources, ensuring consistent and secure configurations.
Delhi, Delhi, India
→
Summary
Enhanced cloud security posture and compliance through benchmark implementation and automated vulnerability management, ensuring robust defense mechanisms.
Highlights
Implemented CIS Level 1 and 2 benchmarks, achieving a 95% security posture improvement.
Developed a cloud-native AMI hardening pipeline utilizing immutable infrastructure for enhanced security and consistent deployments.
Reduced container vulnerabilities by 90% through the implementation of automated compliance monitoring.
Led successful SOC2 Type II and GDPR audits, achieving zero findings by deploying automated security controls.
Mumbai, Maharashtra, India
→
Summary
Secured a large-scale gaming platform, enhancing threat detection, incident response, and conducting comprehensive vulnerability assessments for 100M+ users.
Highlights
Secured a gaming platform supporting 100M+ users and 5.5M concurrent connections, safeguarding critical user data.
Developed an intelligent WAF with machine learning capabilities, reducing false positives by 85% and enhancing threat detection accuracy.
Built an enterprise SIEM system with automated incident response capabilities, improving security visibility by 70%.
Conducted 40+ penetration tests and vulnerability assessments using OWASP methodologies, identifying 200+ critical security issues.
Languages
English
Hindi
Skills
Languages
Python, Go, Node.js, Java, JavaScript, Bash, C/C++, SQL.
Cloud and DevOps
AWS, GCP, Azure, Kubernetes, Docker, Terraform, Ansible, Helm, Jenkins, GitHub Actions, Bitbucket Pipelines, ArgoCD.
Databases and Infrastructure
MongoDB Atlas, PostgreSQL, MySQL, Redis, Packer, Fluent Bit, Graylog.
Security Tools
SonarQube, Checkmarx, Veracode, Trivy, GitLeaks, AWS WAF, GuardDuty, OWASP ZAP, Burp Suite, Metasploit, Nessus.
Monitoring and Compliance
Prometheus, Grafana, ELK Stack, Splunk, ISO 27001, PCI DSS, SOC2, GDPR, CIS Benchmarks, OWASP Top 10.