Led cloud security architecture on AWS for a multi-region payments platform, managing all infrastructure as code (CloudFormation / Terraform) with full PCI-DSS compliance.
Security & Compliance
- Built an automated compliance platform for SOC 2 and PCI-DSS: aggregated evidence from AWS, Azure DevOps, GitHub/GitLab, Cloudflare, and Azure Monitor/Defender; mapped controls; generated auditor-ready reports — reducing prep cycles and external audit costs.
- Automated secrets rotation and certificate renewal in Go and Python.
- Created repository-wide mega-linter and policy checks to enforce secure coding standards in every pipeline.
- Reduced critical CI/CD vulnerabilities by 90%.
CI/CD & Automation
- Scaled Azure DevOps pipelines for 200+ services, cutting deployment time by ~60–70% and improving release reliability.
- Delivered serverless handlers on AWS Lambda and containerized services on Amazon ECS.
Observability & Incident Response
- Implemented observability with Amazon CloudWatch (metrics/logs), AWS X-Ray (distributed traces), and Cloudflare Analytics — reducing incident response time by 65%.