About
Cloud DevSecOps Engineer with hands-on experience in Azure, AWS, Kubernetes, CI/CD, Jenkins, Azure DevOps, and Infrastructure as Code using Terraform and Ansible. Skilled in designing and implementing secure, scalable, and automated cloud-native environments by embedding DevSecOps principles throughout the development lifecycle. Strong foundation in cloud architecture, security automation, system reliability, and monitoring. Passionate about driving automation, improving security posture, and delivering high-performing cloud solutions. Always eager to learn, collaborate, and solve real-world challenges in Cloud and DevOps.
Skills & Expertise (61)
Work Experience
Cloud DevSecOps Engineer
Welspun Transformation Services Limited (Welspun GCC)
May 2024 - Present
Enterprise-grade B2B SaaS and Industry 4.0 platforms with AI/ML-enabled services, deployed across multi-cloud (Azure & AWS) production environments. Spearheaded infrastructure automation using Terraform and Ansible across Azure and AWS, reducing provisioning time by 60% and manual errors by 80%. Managed Azure DevOps governance including YAML/classic pipelines, service connections, agent pools, RBAC, branch policies, and approval gates, improving compliance by 35%. Developed scalable, gated CI/CD pipelines in Azure DevOps and Jenkins, using Docker-based and self-hosted agents, supporting monolith and microservice architectures in hybrid multi-cloud setups, accelerating deployments by 45%. Embedded full DevSecOps practices into CI/CD by integrating Vault, Azure Key Vault, SonarQube, Gitleaks, Trivy, OWASP ZAP, SBOM generation and security gates for SAST, DAST, and SCA, achieving zero production-critical vulnerabilities across the SDLC. Deployed and managed large-scale containerized applications using Docker and Kubernetes with deployment strategies, autoscaling, and mTLS/SSL encryption, improving availability and security posture by 30%. Implemented centralized logging and monitoring with ELK Stack, Prometheus, Grafana, and Azure Monitor, reducing MTTR by 40% through automated alerting, metric-driven monitoring, and root-cause analysis (RCA). Delivered secure, version-controlled releases across Dev, QA, UAT & Production; led cross-functional teams to establish CI/CD & security guardrails for a large-scale AKS/EKS microservices platform, standardizing release, security, and observability, and ensuring 99%+ application uptime through Git workflows & automated rollbacks.
Cloud DevOps Engineer
DataFactZ
Feb 2022 - Feb 2024
Cloud-native applications and internal platforms deployed across AWS and Azure environments, supporting scalable microservice-based architectures. Managed and optimized AWS & Azure cloud infrastructure, ensuring secure networking, identity management, fault-tolerant architecture, and high availability across 10+ environments. Designed and maintained standardized CI/CD pipelines embedding secrets management, RBAC, and compliance gates to enforce DevSecOps principles throughout development and release workflows. Provisioned and configured multi-cloud infrastructure across AWS and Azure using Terraform and Ansible, standardizing environment setups and eliminating configuration drift by 50%. Containerized and deployed multiple microservices with Docker and Kubernetes, enabling horizontal scalability and reducing cloud resource consumption by 30%. Implemented comprehensive monitoring, alerting, centralized logging using Prometheus, Grafana, CloudWatch & automated log backups to S3, improving incident detection & disaster recovery readiness by 35%. Led production releases and incident response efforts for 15+ critical services; maintained Git workflows and branching strategies, authored run books, and enhanced operational efficiency by 25%.
Education
Master of Science (M.Sc.) in Information Systems - Nizam College
2019 - 2021 · Afghanistan
Bachelor of Computer Applications (B.C.A.) - Nizam College
2016 - 2019 · Afghanistan
