Sief A.

Transformed the security posture for over 60+ customers through security assessments and tailored implementations, resulting in a remarkable 95% improvement in overall cybersecurity resilience. Engineered scalable and secure GCP network architectures utilizing Zero Trust principles coupled with Infrastructure as Code (IAC) using Terraform, contributing to the protection of data for 60+ cloud-based applications. Implemented diverse security controls in cloud environments, encompassing IAM, DLP, DR, ZTNA, SIEM, SOAR, Mandiant, and EDR fortifying the security of 60+ cloud infrastructures. Expertise in implementing authentication mechanisms such as OIDC, SAML, OAuth Expertise in managing secrets using industry-leading tools like HashiCorp Vault, GCP Secret Manager, and GCP KMS. Skilled in Container security ( Docker, Kubernetes) Proficient in Ansible for configuration management, automation, and orchestration tasks. Ensured strict compliance with industry standards like CIS Benchmarks, NIST, and PCI DSS, leading compliance initiatives for 40+ GCP environments. Skilled in designing and testing disaster recovery plans and conducting playbooks to ensure business continuity during security incidents. Familiarity with security frameworks such as MITRE and SP800-218, OWASP TOP 10 Conducted numerous security posture reviews to improve infrastructure security for SMBs. Expertise in managing Microsoft 365 and Google Workspace (Gsuite) Proficient in ISO 27001, FedRAMP, StateRAMP, PCI-DSS, NIST CSF, and CIS, with familiarity in security frameworks like MITRE and SP800-218. Designed compliance security policies, procedures, and incident response plans, benefiting 30+ organizations. Conducted 20+ internal and external ISMS audits and risk assessments. Proficient in implementing CI/CD pipelines using GitHub, Jenkins, and Google Cloud Build Implemented DevSecOps practices and tooling (Threat modeling, SAST, DAST, SCA) to enhance security measures across 60+ projects. Led multiple threat modeling sessions and risk management initiatives utilizing various frameworks, including STRIDE, PASTA, and FAIR