π Cybersecurity Engineer | Application Security | Penetration Testing | DecSecOps | Cloud Security
With 10+ years of experience in software development and 10+ years in cybersecurity, I bring a unique ability to bridge security and engineering. My deep understanding of software architecture, secure coding, and application security allows me to design and implement robust, scalable, and secure systems. Experienced in threat modeling, vulnerability assessments, DevSecOps, penetration testing, and cloud security, I ensure security is not just an afterthought but a core part of the development lifecycle. Passionate about solving complex security challenges, mentoring teams, and driving a security-first culture while maintaining high-performance software solutions.!
- Programming Language: Python, TypeScript, JavaScript, Shell Scripting
- Threat Modeling & Risk Assessment: Microsoft Threat Modeling Tool, OWASP Threat Dragon
- Vulnerability Management: Nessus, OpenVAS, Qualys
- Incident Response: Splunk, Sentinel, IBM QRadar, Security Onion
- Secure Coding Practices: SonarQube, Checkmarx, Synk, Nessus (library repo)
- Identity and Access Management (IAM): AWS IAM, Okta, Microsoft Azure Active Directory
- Encryption and Cryptography: OpenSSL, AWS Key Management Service (KMS), HashiCorp Vault
- Patch Management: WSUS, Qualys Patch Management, SCCM
- Penetration Testing: Burp Suite, Metasploit, OWASP ZAP, Kali Linux
- Cloud Security: AWS Security Hub, Azure Security Center
- Security Automation: Ansible, Terraform, Jenkins, GitLab CI, GitHub Actions
- SAST: OWASP Dependency-Check, Snyk, Black Duck, Fortify, AppScan
- DAST: OWASP Zap Proxy, BurpSuite, Qualys Web Application Scanning (WAS)
- Mobile App Security: NowSecure, MobSF
- Compliance and Policy Development: NIST CSF, ISO/IEC 27001, CIS Controls, GDPR
- Security Audits: AuditScripts, Nessus, OpenSCAP
- Log Management: Sumo Logic, Mix Panel
- Database Monitoring: Sentry One, Datadog, Prometheus, Grafana
- π CompTIA Security+ β CompTIA - 2022
- π CompTIA Pentest+ - CompTIA β 2023
- π CompTIA CASP+ - CompTIA - 2024
- π CompTIA Network+ - CompTIA- 2022
- π CompTIA CNVP (Network Vul. Assessment) β CompTIA - 2023
- π IBM QRadar SIEM Foundation β IBM - 2021
- π Splunk Core Certified User β Splunk 2022
- π Palo Alto β Networks Academy Cybersecurity Foundation - 2019
- π Falcon Responder, Crowdstrike - 2022
- π SAA-C02 (AWS Solutions Architect), AWS
- π CJE (Certified Jenkins Engineer)- Cloud Bees
- π DOP-C01 (AWS Certified DevOps Engineer), AWS
- π OCA (Java Developer 8 Programmer) - Oracle
- π PCAP (Certified Professional Python Programming) - Python Institute
- π PCEP (Certified Entry Level Python Programming) - Python Institute
- π CTFL-AT (Agile Tester) β ISTQB
- π CTFL (Certified Tester Foundation Level) β ISTQB
- π Gatling Pro Performance Testing - Gatling
- Languages: Python, JavaScript, TypeScript, Bash
- Security Tools: Burp Suite, OWASP ZAP, Nmap, Metasploit, Wireshark, Nessus, Kali Linux
- Cloud: AWS Security Hub, AWS IAM, Azure Security Center
- DevSecOps: GitHub Actions, Docker Security, Kubernetes Security, Terraform Security
-
OWASP Zap Proxy Security Scanning
GitHub Repository
Brief description of the project. -
Brute_F XSS
GitHub Repository
Brief description of the project. -
Mac Query with Python
GitHub Repository
Brief description of the project. -
Mock API
GitHub Repository
Brief description of the project.
β‘ Fun Fact: Cybersecurity is not just about breaking things, it's about securing them before others do! π₯