Yadan A.

June 2023 - GSoft Innovation Till Date DevOps Engineer | DevSecOps Engineer | Internal Security Team Member Deployed three application solutions using a serverless architecture, leveraging the scalability and cost-efficiency of cloud services. Utilized IaC tools such as Terraform, and CloudFormation to automate and standardize the deployment of infrastructure components across environments. Implemented CI/CD workflows to enable seamless integration and delivery of code changes, encompassing security reviews, software deployment, infrastructure deployment, unit testing, ensuring faster and more reliable software releases. Created comprehensive documentation for deployment processes, infrastructure setup, and troubleshooting guides, enabling smooth knowledge transfer and ensuring accelerated onboarding of new team members. Successfully developed production deployments and efficiently resolved environment issues, ensuring minimal downtime and optimal system performance. Successfully configure and maintain a robust network infrastructure consisting of over 50 servers, ensuring a remarkable 99% uptime. Skillfully collaborate on multiple projects simultaneously, handling up to three projects concurrently, showcasing exceptional multitasking abilities. Develop and optimize Dockerfiles to enhance containerization efficiency and streamline application deployment processes. Streamline pipelines and configurations to significantly reduce deployment times from 30 minutes to a mere 1 minute, resulting in accelerated release cycles. Implement Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) methodologies to identify and mitigate potential security vulnerabilities. Offer insightful recommendations and actionable security measures to safeguard the supply chain against potential cyber-attacks. Proficiently troubleshoot issues related to Linux, web applications, and CI/CD processes, swiftly resolving any technical challenges that arise.September 2021 - June 2023SITRANS IPS Critical Infrastructure Head of Cybersecurity Group August 2018 - September 2021SITRANS IPS Critical Infrastructure Cybersecurity Specialist Dedicated cybersecurity leader with a proven track record of strategically managing and strengthening the security posture of critical infrastructure systems. Recognized for my ability to lead teams effectively, devise comprehensive security strategies, and ensure compliance with regulatory requirements Spearheading strategic initiatives to enhance cybersecurity resilience, resulting in a significant reduction in security incidents. Successfully delegating tasks and responsibilities within the cybersecurity group to optimize efficiency and maximize results. Leading audits for companies to issue Internet Dictum, ensuring compliance with industry standards and regulatory mandates. Orchestrating incident response efforts to minimize the impact of security breaches and maintain business continuity. Establishing robust information security governance frameworks to safeguard sensitive data and assets. Promoting the integration of security practices within DevOps and DevSecOps environments, fostering a culture of proactive security. Experience in identifying and addressing security vulnerabilities across diverse systems and platforms. Skilled in conducting thorough vulnerability assessments, penetration testing, and implementing effective security measures. Conducting comprehensive vulnerability assessments and penetration testing activities to identify and mitigate security risks. Specializing in assessing the security of Container environments, including Docker, and implementing proactive measures to ensure data integrity. Proficiency in both Windows and Linux environments, enabling tailored security configurations and assessments. Expertise in digital signatures and cryptography, ensuring secure communication and data integrity. Collaborating with cross-functional teams to implement security best practices and mitigate emerging threats effectively.