About
Security Engineer experienced in multi-cloud security, CSPM, and vulnerability management. Identified and reduced attack surface risks, ensured SLA-driven remediation, and partnered with engineering teams to strengthen cloud security posture. Proactively validated configurations and security controls to detect gaps early and improve overall risk visibility.
Skills & Expertise (27)
Work Experience
Security Engineer
Tata Digital
Aug 2023 - Mar 2026
Assisted with hardening of Windows & Linux OS as per Azure benchmark and validation for the same. Drove end-to-end vulnerability lifecycle management across cloud and on-prem environments, performed vulnerability assessments using Tenable and Defender for Endpoint to identify, prioritize, and track risks, coordinated remediation tracking with asset owners and reported status to meet defined SLAs. Patching activities verified device health, EDR connectivity, and security agent onboarding across environments, KQL queries to identify unpatched Windows and Linux VMs and monitor patch compliance. Led end to end security configuration reviews and control validation across Azure, AWS, and GCP resources against CIS Benchmarks, NIST, and ISO 27001 standards. Led managing posture, compliance and remediation within Microsoft Defender for Cloud. Participate in onboarding new services and architectures under existing baseline controls. Support ongoing monitoring of external exposure using BitSight and CloudSEK. Review and validate reported findings and coordinate with asset owners to address identified risks. Contribute to the deployment of Azure Policies to enforce security controls. Assisted in automating exception management workflows using Power Automate and Logic Apps to streamline governance and compliance tracking. Security related data (vulnerability, risk exception, project status update) collection, validation, analysis and presentation to management for strategic decision making.
Cyber security Intern
Tata Digital
Oct 2022 - Jul 2023
Assisted in designing automation using Logic Apps to support alerting and compliance workflows in a GRC automation project. Utilized Log Analytics and KQL to extract relevant data for compliance reporting and policy validation. Assisted Vulnerability management teams to close Critical, High Vulnerabilities in Cloud and On-prem devices.
Education
M. Tech, Computer Engineering - VJTI
2021 - 2023 · Afghanistan
B. Tech, Information Technology - KJSCE
2015 - 2019 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Depends on Offer
Skills (27)
Click a skill to find developers with the same skill
