Cloud Security Wizard!
Key Projects
Welcome to my Projects Page, where I showcase my valuable experience in managing and implementing secure cloud-based systems.
​
Here are the main objectives I accomplished during my experience:
-
Ensured project deliverables met high-quality standards
-
Helped with assessing and planning for application improvements
-
Implemented security measures for cloud environments
-
Automated security processes and controls
-
Evaluated and met client requirements
-
Implemented security measures for various cloud platforms
Securing Serverless APIs with APIM and Azure B2C
The main aim of this project was to set up an Azure API Management instance to protect an API. I used the Azure AD B2C SPA (Auth Code + PKCE) flow to acquire a token, alongside API Management, to secure an Azure Functions backend using EasyAuth.
We have a simple app with a simple secured API. Website: Link
​
Here's an illustration of the components in use and the flow between them.
Scale Set Agent for Azure DevOps
As part of the effort to meet the growing demands for infrastructure deployment using DevOps, the main aim of this project was to set up self-hosted agents that can be autoscaled. The essential advantage was that this elasticity reduces the need to run dedicated agents constantly and will provide flexibility over the size and the image of machines on which agents run.
​
Here's an illustration of the components in use and the flow between them.
Migration Of Core Applications to Cloud
This was one of the most significant projects in my career; I was part of a three-member team migrating the core applications to Azure Cloud. The critical work areas under this project were to deploy the infrastructure using IaC (Terraform and Azure DevOps) and set up monitoring/observability with alerting. The scale of this project was deploying 80+ APIs (WebApps & Function Apps) and managing them using APIM.
Automated Reporting of Critical System Performance
As we migrated the core applications to the cloud as part of this effort, the leadership team wanted quick access to the critical system performance data. This project aimed to send daily reports to the key stakeholders and leadership team about the Critical System hosted in the Azure Cloud; this was automated using the Azure Logic Apps, a cloud platform where you can create and run automated workflows with little to no code.
Container Security
Configured various tools to enable teams to build containerized applications without risks rapidly. Holistically secure containers, Kubernetes, and cloud environments from build-time to real-time. This project provides complete visibility across containers, Kubernetes, and cloud environments to detect real-time malicious behavior for rapid response. Enable a partnership between developers and security to shift left and resolve issues across the containerized application lifecycle.
Cloud Security Compliance Audit
Conducted regular audits of our cloud environment and workloads to ensure they meet relevant compliance standards, such as PCI DSS and GLBA. This project involves reviewing policies and procedures based on stakeholder interviews conducted by both internal and external audits and analyzing security controls. This process also involved configuring various tools to Maintain automated compliance against industry standard regulations and benchmarks.
Cloud Security Posture Management (CSPM)
Configured various tools to continuously detect and remediate misconfigurations from build time to runtime across your hybrid clouds. This project provided complete visibility and actionable context on our most critical misconfigurations, which helped our teams proactively and continuously improve your cloud security posture.
IaC Scanning
The need for enabling security early in the SDLC begins with Infrastructure deployed across cloud environments. I had worked on integrating tools and processes early in our development workflows to detect vulnerabilities, secrets, and misconfigurations in laC templates, container images, and VM images. This project simplifies cloud security operations by providing a single policy for developers and security teams that spans from source code to running environments. Developers get security inputs immediately in code, while security teams can enforce and prioritize policies in the pipeline based on the risks in production.