Zeehan
Security Engineer
8
+
Years of Exp.
Technical Skills
1. Secure DevOps Practices
2· Threat Intelligence Analysis
3· Cloud-native Security Solutions
4· Container Security (e.g., Docker, Kubernetes)
5· API Security
6· Security Assessment Automation
7· Mobile Device Management (MDM)
8· Cloud Network Security (e.g., Azure Firewall, NSG)
9· Advanced Persistent Threat (APT) Detection
10· Microsoft Defender for office & Endpoint Detection
11· Security Metrics and Reporting
12· Azure Cloud Security
13· Microsoft 365 Security
14· Cloud App Security (CASB)
15· Azure Purview
16· Compliance Manager
Professional Summary
Responsibility
- 1. Collaborate with development teams to integrate secure coding practices into the software development lifecycle.
2. Microsoft 365 solutions for diverse clients, ensuring alignment with business goals and industry best practices.
3. Collaborated with cross-functional teams to gather requirements, analyze needs, and design tailored Microsoft 365 solutions, optimizing productivity and user experience
4. Monitor and analyze threat intelligence sources to proactively defend against emerging threats.
5. Implement and manage security solutions tailored for cloud-native environments.
6. Ensure the security of containerized applications through robust container security measures.
7. Develop and enforce API security best practices.
8. Automate security assessments to improve efficiency and effectiveness.
9. Oversee Mobile Device Management (MDM) solutions to secure mobile endpoints.
10. Implement and manage cloud network security solutions, such as Azure Firewall and Network Security Groups (NSG).
11. Created and customized SharePoint Online sites and pages to meet clients' collaboration needs.
12. Developed governance policies and best practices to maintain data integrity and security.
13. Assisted in troubleshooting technical issues related to Office 365 applications and services.
14. Provided ongoing client support, addressing user inquiries and technical challenges.
15. Collaborated with cross-functional teams to integrate Office 365 with existing systems and processes.
16. Conduct advanced persistent threat (APT) detection and response activities.
17. Establish and maintain comprehensive security metrics and reporting mechanisms for stakeholders.
18. Conduct regular security assessments and audits.
19. Implement encryption technologies to protect sensitive data.
20. Develop and enforce security policies and standards.
21. Developed and maintained container security protocols for Docker and Kubernetes, ensuring secure containerization.
22. Configured Office 365 security settings and compliance measures, including data loss prevention and encryption.
Projects
Cloud-Native Application Security
Global Network Security Enhancement
1. Architect and implement security measures for a cloud-native application leveraging microservices architecture.
2· Conduct threat modelling and risk assessments for each microservice to identify potential security vulnerabilities.
3· Implement container security measures using tools like Docker Bench for Security and Kubernetes Pod Security Policies.
4· Develop and enforce API security best practices for secure communication between microservices.
5· Implement and configure a robust security orchestration solution to automate security processes within the DevOps pipeline.
6· Collaborate with development teams to integrate security into the Continuous Integration/Continuous Deployment (CI/CD) pipeline.
7· Monitor and respond to security incidents specific to the cloud-native application environment.
8· Implement serverless security measures for serverless functions within the application.
9· Conduct regular penetration testing and code reviews to ensure the ongoing security of the cloud-native application.
10· Train development teams on secure coding practices for cloud-native applications.
1. Lead a global initiative to enhance network security across multiple geographically distributed offices.
2· Implement and configure Azure Firewall and Network Security Groups (NSG) for cloud-based network security.
3· Conduct a comprehensive audit of existing network security infrastructure and recommend improvements.
4· Implement advanced threat detection and response capabilities at the network perimeter.
5· Lead the deployment of a Virtual Private Network (VPN) solution for secure remote access.
6· Develop and enforce network segmentation strategies to contain potential breaches.
7· Collaborate with third-party vendors to assess and enhance the security of Wide Area Network (WAN) connections.
8· Implement and manage intrusion detection and prevention systems (IDPS) across the global network.
9· Guide secure wireless network configurations and access controls.
10· Conduct regular security awareness training for employees on global network security best practices.
Regulatory Compliance and Auditing
1. Lead a project to ensure compliance with industry-specific regulations and standards (e.g., GDPR, HIPAA, ISO 27001).
2· Conduct a thorough audit of existing security controls and processes to identify compliance gaps.
3· Implement and configure Compliance Manager to track and manage regulatory compliance requirements.
4· Develop and maintain documentation for compliance policies, procedures, and controls.
5· Collaborate with legal and compliance teams to interpret and apply regulatory requirements to security measures.
6· Implement and manage security controls to protect sensitive customer data in alignment with regulatory mandates.
7· Conduct regular internal audits to assess compliance with established security policies.
8· Guide internal teams on compliance-related matters and security best practices.
9· Liaise with external auditors to facilitate and support compliance audits.
10· Implement continuous monitoring and reporting mechanisms to ensure compliance with regulatory standards.
Education
B Sc – from Marathwada University
Certificate
Microsoft Certified: Azure Security Engineer Associate
Microsoft Certified: Security, Compliance, and Identity Fundamentals
Microsoft Certified: Identity and Access Administrator Associate
Microsoft Certified: Security Operations Analyst Associate
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)