About
Results-driven Cybersecurity Analyst with 2+ years of hands-on experience in Cloud-Native Security (Microsoft Azure), DevSecOps automation, SOC operations, and Zero-Trust architecture. Expertise in vulnerability management, Identity & Access Management (IAM), and incident response. Proven track record achieving ~95% regulatory compliance and embedding security across CI/CD pipelines. Holds CompTIA Security+. Open to domestic and international opportunities.
Skills & Expertise (36)
Work Experience
Cybersecurity Engineer
Kshema General Insurance Limited
Aug 2024 - Present
Monitored and investigated cloud security incidents across Azure, Microsoft 365, and hybrid environments; analyzed Defender XDR and Entra ID logs to detect identity-based threats and misconfigurations mapped to MITRE ATT&CK framework. Spearheaded the organization’s DevSecOps initiative; integrated IaC (Checkov), ACR/container (Trivy), Kubernetes (kube-bench), and VM vulnerability scans into CI/CD pipelines — significantly reducing production-level security defects. Developed Python & PowerShell automation scripts for Azure DevOps (ADO) portal workflows and Keycloak identity management, reducing manual effort and improving team throughput. Led internal VAPT assessments for web applications and hybrid infrastructure using Burp Suite, OWASP ZAP, and Fortify; enforced OWASP Top 10 compliance; collaborated with developers to triage, remediate, and verify all findings end-to-end. Managed deployment, configuration, and troubleshooting of security tools including Zscaler, Microsoft Intune, Defender for Endpoint, and SSO integrations (SAML, OAuth 2.0, OpenID Connect).
Cybersecurity Analyst – Intern
Kshema General Insurance Limited
May 2024 - Aug 2024
Managed end-to-end user lifecycle in Microsoft Entra ID: secure provisioning/de-provisioning, role assignments, and access reviews to enforce least-privilege access. Implemented application registrations and SSO integrations (OAuth 2.0, OpenID Connect, SAML); configured MFA, conditional access policies, and token-based authentication to harden identity security posture. Served as primary IAM point of contact for IRDAI and ISNP regulatory audits; coordinated with auditors, submitted technical evidence, and resolved identity control gaps — achieving ~95% compliance for the organization. Led the Security Risk Assessment project: identified and prioritized risks across cloud and on-premises environments, presenting actionable remediation strategies to senior leadership.
Education
B.Tech – Computer Science & Engineering - Sathyabama Institute of Science & Technology
- · Afghanistan
Certifications
No certifications added yet
Interested in this developer?
Profile Score Breakdown
Profile Overview
Skills (36)
Click a skill to find developers with the same skill
