The Privileged Access Management (PAM) product serves as an essential tool for managing privileged access within an enterprise, specifically catering to critical administrative users. I had the honor of spearheading the design and overseeing the development of the PAM solution, which includes key features such as a robust password vault, sophisticated workflow user management capabilities, and seamless integration with prominent platforms like LDAP, AWS, Azure, as well as various network and database tools for administrative users.

I strategically designed the AWS system and services in accordance with the established on-premises requirement, effecting a seamless migration to AWS, while diligently validating the system's functionality. Skillfully deployed the CIS benchmark standards, empowering the AWS monitoring services including CloudTrail, CloudWatch, Security Hub, and the web application firewall (WAF).

Executed the incorporation of DevSecOps practices by utilizing the CD/CI Jenkins pipeline. Orchestrated the deployment of CheckMarx, Black Duck, OWASP ZAP, Nessus, and PrismaCloud, contributing to the implementation of SAST, DAST, container scan, network scan, and vulnerability management components within the Business As Usual framework. Collaborated closely with the development team to proactively address and resolve crucial and significant vulnerabilities.

Accomplishments: - Spearheaded the development of policies concerning microservices, DevSecOps tooling standards, and security incident management. - Successfully integrated GCP Security Command Center with Jira to centralize security incident management. - Implemented Lacework to bolster threat detection capabilities and enhance compliance monitoring. - Efficiently deployed SonarQube for comprehensive code quality assessment and vulnerability scanning. - Demonstrated competence in handling third-party library scans through Graye to prevent potential vulnerabilities. - Successfully implemented Reblaze's WAF technology for robust web application security. - Effectively managed log data using DataDog for enhanced monitoring and incident response. - Showcased proficiency in managing GRC and ISO27001 controls to ensure regulatory compliance.

Key Contributions: - Oversight of operational security for platforms such as Datadog, GCP security command center, and SonarQube. - Execution of ISO 27001 implementation. - Proficient management of risk assessment and mitigation. - Collaboration on diverse projects involving the integration of DevSecOps tools and vulnerability in the CI/CD pipeline. - Conducting comprehensive reviews of code utilizing SonarQube and performing meticulous manual testing through Burp Suite.

Duties include: - Automating the integration of various vulnerability sources (Qualys, DevSecOps scan, and cloud projects) into the Central repository. - Coordinating with client risk management to establish mapping. - Prioritizing vulnerabilities based on risk assessment. - Ensuring compliance with company policy violations. - Identifying control weaknesses through mapping. - Implementing automation through the Jira ticket system. - Collaborating with asset owners and cross-functional teams to remediate vulnerabilities.

Contributions: Established a GitHub repository to serve as the centralized location for hosting the project's source code and configurations. Efficiently managed access control for the repository, facilitating developer permissions. Implemented a robust CI/CD pipeline utilizing GitHub Actions, enabling seamless automation of builds and deployments. Configured distinct workflows for development, testing, and production environments to uphold code quality and reliability. Successfully integrated the project with Google Cloud Platform services, ensuring seamless collaboration. Effectively utilized GCP Cloud Run for the deployment and scaling of containerized applications, while leveraging GCP Cloud Build to automate build processes and resource provisioning. Engineered an approval workflow within GitHub, facilitating controlled code promotion. Additionally, designed a comprehensive system for code reviews and approvals, ensuring the smooth transition of code changes across environments.