01 / ARCHITECTURE
Zero-Trust Infrastructure
▸ Hover to verify clearance
Designing a comprehensive, multi-cloud ZT framework using automated policy enforcement. Deployed identity-aware proxies, mTLS service mesh across 600+ endpoints. Reduced lateral movement surface by 94%.
Zero TrustmTLSZTNA
↗
02 / IT/OT CONVERGENCE
IT/OT Security
▸ Hover to verify clearance
Secured converged IT/OT environment across hospital network. Isolated legacy devices using unidirectional gateways, deployed ICS-aware IDS (Dragos), achieved NIST 800-82 compliance without disrupting clinical workflows.
ICSHIPAADragos
↗
03 / DETECTION
Threat Intel Pipeline
▸ Hover to verify clearance
Built end-to-end threat intelligence pipeline ingesting 40+ OSINT feeds mapped to internal asset inventory. Reduced mean time to detect from 72h to under 4h across Palo Alto and Splunk stack.
SplunkSOAROSINT
↗
04 / ADVERSARY SIM
Red Team Framework
▸ Hover to verify clearance
Built internal adversary simulation capability from scratch. Isolated attack lab, full OWASP Top 10 coverage, AD exploitation, C2 infrastructure. Delivered 12 purple team exercises with measurable control improvements.
Red TeamC2AD
↗
05 / CLOUD
Cloud Security Hardening
▸ Hover to verify clearance
Hardened multi-cloud environment (GCP + AWS) using CIS benchmarks, enforced least-privilege IAM, deployed CSPM (Prisma Cloud), built security-as-code pipeline for infrastructure drift detection.
GCPAWSPrisma
↗
06 / INCIDENT RESPONSE
IR Playbook Automation
▸ Hover to verify clearance
Designed and automated 24 IR playbooks in XSOAR. Reduced analyst decision fatigue, cut MTTR by 61%, integrated with SIEM, EDR, and communication channels for full-loop containment.
XSOAREDRMTTR
↗