Resolving our backlog of security vulnerabilities amounting to 60+ by applying the appropriate patches and fixes, communicating with developers on some security fixes on their side.
Configured our AWS GuardDuty for threat monitoring in our production environments in AWS, alerting is handled by a bot that will be sent to our Slack Channel. This allows us to gain visibility towards unauthorized subjects infiltrating the infrastructure.
Troubleshooting deployment issues and providing support to development teams
Spearheaded and orchestrated the SOC2 compliance initiative for our startup that led to successful attainment of SOC2 Type 1 and Type 2 report Designed and optimized existing company security policies based on Trust Services Criteria (TSC). Presented findings
and room for improvements in the upper management
Provided information about our existing security controls to Vendor’s Security Questionnaires, maintaining and constantly improving trust processes and customer security.
Ensured alignment with industry standards and best practices for enhanced data security and risk mitigation.
Curated cybersecurity exercises and security awareness training for the company on a continuous basis.
Staying up to date with industry trends and best practices by upskilling and taking more security certifications.
Regular risk assessments on information security issues and market trends and developments. IT Risk Assessments (ITRAM) performed to Identify Assets, Impacts, Threats, and Vulnerabilities which will define a plan to reduce or accept risks.