About
Cloud Security Engineer with hands-on experience securing enterprise web applications and cloud workloads using Cloudflare WAF, Zero Trust, and Azure-native security controls. Proven expertise in mitigating OWASP Top 10 vulnerabilities, Layer-7 DDoS attacks, and automated bot abuse through managed rules, custom firewall policies, rate limiting, and virtual patching. Experienced in deploying and managing Microsoft Azure Firewall, NSGs, and ASGs to enforce network segmentation and secure hybrid cloud architectures.
Skills & Expertise (22)
Work Experience
Cloud Security Engineer
EMERSON
Mar 2022 - Present
Configured and fine-tuned WAF managed rules, custom firewall rules, rate limiting, and bot management to mitigate Layer-7 DDoS attacks, automated bot abuse, and application-layer threats. Designed, implemented, and managed Cloudflare WAF to secure enterprise web applications against OWASP Top 10 vulnerabilities, including SQL Injection, Cross-Site Scripting (XSS), Remote File Inclusion (RFI), and command injection attacks. Integrated Cloudflare and Azure security logs into Microsoft Azure Sentinel SIEM to enable centralized log ingestion, threat detection, incident correlation, and automated alerting using KQL analytics rules. Deployed and managed Azure Firewall policies to enforce network segmentation, control inbound and outbound traffic, and secure cloud and hybrid workloads. Implemented Azure network security controls including Network Security Groups (NSGs) and Application Security Groups (ASGs) to ensure secure communication between Azure resources. Monitored real-time application traffic, WAF logs, firewall events, and threat intelligence feeds to proactively identify Indicators of Compromise (IOCs) and suspicious activities. Investigated and responded to security incidents across SIEM, WAF, and firewall platforms, conducting root cause analysis, impact assessment, and implementing effective remediation actions. Continuously tuned and optimized WAF and firewall rules to minimize false positives, enhance threat detection accuracy, and ensure optimal application performance and availability. Maintained comprehensive security documentation including WAF configurations, firewall rules, incident reports, and SOPs to support compliance and audit requirements. Collaborated with cloud engineering, SOC, and application teams to implement security best practices and continuously enhance the cloud security posture. Performed regular vulnerability assessments and mitigated identified risks through WAF virtual patching, firewall policy enhancements, and coordinated remediation with cross-functional teams. Analyzed SIEM alerts and correlated security logs across multiple sources to detect advanced threats, anomalies, and unauthorized access attempts. Provided escalation support for critical and high-severity security incidents, coordinating with SOC, cloud, and infrastructure teams for timely containment and resolution.
Education
B. Tech: MECH - Sri Chaitanya Engineering College
- 2021 · Afghanistan
Interested in this developer?
Profile Score Breakdown
Profile Overview
Availability Details
Visa Status
Need Sponsorship
Relocation
Open to Relocation
