- Capabilities
- 5
- Tools & platforms
- 5
- Discipline
- Security
Drive cloud security posture across AWS and Azure environments — from infrastructure hardening to IAM governance and workload isolation.
- AWS and Azure security controls
- IAM policy design and enforcement
- Workload segmentation and isolation
- Centralized logging and audit pipelines
- Control gap assessment and remediation
The stack behind the work.
The tools I reach for day to day — with a rough sense of where my depth sits.
AWS IAM
ExpertLeast-privilege roles & policy design
Azure AD
AdvancedIdentity, SSO & conditional access
AWS Security Hub
AdvancedPosture management & findings
CloudTrail
AdvancedAudit logging & threat detection
Terraform
ProficientPolicy-as-code & guardrails
Projects that put this to work.
Enterprise AppSec Migration
Driving tiered application onboarding into a unified AppSec program with automated CI/CD gating.
IAM Least-Privilege Redesign
Role redesign and policy enforcement program reducing over-privileged access across cloud accounts.
CI/CD Security Automation
Embedded SAST, DAST and SCA gates into shared CI/CD pipelines for automated pre-deployment validation.
AI/LLM Security Guardrails
Secure-by-design review and guardrail program for AI/LLM-integrated services across the platform.
Application Security
Embedding secure-by-design into the SDLC.
SAST
Static analysis that finds flaws in source before it ships.
DAST
Dynamic testing that probes running apps like an attacker.
DevSecOps
Automating security as code into every pipeline.