About
Application Security & Cloud Security Engineer with around 3 years of enterprise experience in secure SDLC, DevSecOps, and cloud security within large-scale environments at TCS. Hands-on experience in SAST/DAST integration, CI/CD security, vulnerability management, and IAM hardening across Azure and AWS. Strong exposure to ISO 27001, SOC 2–aligned security controls and cloud security best practices. Microsoft Azure Security Engineer (AZ-500) certified.
Skills & Expertise (54)
Work Experience
Assistant System Engineer
Tata Consultancy Services (TCS)
Nov 2021 - Jul 2024
Implemented application security controls across the SDLC using SAST and DAST (SonarQube), identifying and remediating high and medium-risk vulnerabilities across 25+ application releases. Integrated automated security checks into CI/CD pipelines using Jenkins, Git, and Maven, enforcing secure deployment standards and improving security compliance from 70% to 95%. Performed secure code reviews and vulnerability analysis aligned with OWASP Top 10, working closely with development teams to drive secure-by-design practices. Supported cloud security initiatives during AWS and Azure migrations by implementing IAM RBAC, least-privilege access, and secure configuration baselines. Conducted vulnerability assessment and remediation activities, supporting ISO 27001 and SOC 2 audit readiness with 95%+ clean code and compliance reports. Owned security alert validation and application-related incident triage, coordinating remediation efforts and reducing MTTR by 30%.
Education
MBA Cyber Security Management - National Forensic Science University
2024 - 2026 · Afghanistan
B.Sc. MPCs - Bhavans Vivekananda College of Science, Humanities and Commerce
2018 - 2021 · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Citizen
Relocation
Depends on Offer
Skills (54)
Click a skill to find developers with the same skill
