๐ผ Work
Professional experience, newest first.
Sr. IT/OT Cybersecurity Consultant โ GRC, Risk & Assurance
- โน Leading OT/ICS cybersecurity governance, risk, and compliance initiatives across critical infrastructure environments, ensuring alignment with ISA/IEC 62443, NIST SP 800-82, NIST CSF 2.0, ISO 27001:2022, and regional regulatory frameworks.
- โน Conducting risk-based OT cybersecurity assessments and audits across industrial networks, control systems, and supporting IT environments, covering OT security controls, policies, segmentation, access control, monitoring, and incident readiness.
- โน Performing integrated OT/IT risk assessments aligned with IEC 62443 security levels, zone & conduit models, and enterprise risk management practices, identifying systemic gaps and defining practical remediation roadmaps.
- โน Advising clients on OT cybersecurity compliance strategies, CSMS development, risk treatment plans, and policy frameworks, bridging engineering, operations, IT, and governance teams.
- โน Evaluating OT/IT governance, infrastructure, applications, and IAM controls, including RBAC for OT environments, privileged access, and identity boundaries between IT and industrial networks.
- โน Developing OT-specific SOPs, cybersecurity management procedures, and assurance artifacts; testing ITGCs and application controls where IT systems support OT operations.
- โน Preparing executive-ready OT cybersecurity audit and assurance reports, translating technical findings into risk-based insights for leadership, regulators, and external auditors.
- โน Leveraging prior cloud security and DevSecOps experience to support secure-by-design principles for industrial digitalization, OT-adjacent platforms, and enterprise integration layers.
DevSecOps Engineer
- โน Linux server installation, administration, hardening, performance tuning, and patching.
- โน Managed AWS resources and worked on IaC tools including Terraform, Ansible, and CloudFormation.
- โน Designed, implemented, and maintained AWS cloud solutions to meet client requirements.
- โน Built and maintained CI/CD pipelines to automate the deployment process and improve release management via Jenkins.
- โน Optimised Kubernetes infrastructure for application deployment; scaled and managed containerised applications on Kubernetes clusters.
- โน Maintained infrastructure as code scripts for provisioning and configuration management.
- โน Applied security best practices to safeguard applications and data across cloud infrastructure.
Cloud Security Engineer | Secure Application Development
- โน Architected and deployed security-hardened AWS infrastructure (EC2, VPC, S3, CloudFront, Lambda) with CIS benchmarks alignment.
- โน Led end-to-end development and cloud deployment of the world's largest online fairy tale library, managing codebase, performance, and scalability for global traffic.
- โน Built and automated CI/CD pipelines using Jenkins & GitHub Actions enabling zero-downtime deployments and rapid release cycles.
- โน Implemented IAM policies, security groups, and network segmentation for multi-tier cloud applications.
- โน Established CI/CD security gates via Jenkins/GitHub Actions, ensuring automated vulnerability scanning pre-deployment.
- โน Designed monitoring and audit logging (CloudTrail, CloudWatch) to support security incident response and compliance evidence.
- โน Secured cloud-native platform serving a global user base with 99.9% uptime, automated threat detection, and zero critical security incidents.
Application Security & Platform Engineer | Secure Web Architecture
- โน Engineered secure custom web applications and CMS platforms, implementing input validation, authentication controls, and secure API integrations.
- โน Conducted security-focused code reviews and vulnerability remediation in PHP/JavaScript environments.
- โน Managed secure site migrations and infrastructure hardening, reducing attack surface and improving resilience.
- โน Implemented SEO and performance optimisation with security considerations (HTTPS, secure headers, access controls).
- โน Integrated security checkpoints into development lifecycle, ensuring consistent hardening standards across all deliverables.
Senior Project Manager
- โน Led secure delivery of 20+ web platforms for US, European, and Australian clients across diverse industry verticals.
- โน Functioned as client-facing technical advisor on security-conscious platform decisions and web architecture.
- โน Managed distributed development teams executing projects with embedded security and quality standards.
- โน Built long-term client partnerships through transparent communication, risk mitigation, and consistent delivery excellence.
- โน Established foundational delivery methodologies and security practices adopted in subsequent organisational growth.
Research Associate
Managed editorial and research operations for a peer-reviewed medical journal, ensuring rigorous documentation standards and compliance with publication ethics. Led data analysis and technical reporting for research initiatives, while coordinating proposal development and stakeholder submissions.
Program Coordinator
Coordinated multi-phase development programs, managing documentation, stakeholder reporting, and proposal development (RFPs). Built early capabilities in project governance, data management, and cross-functional communication.
Customer Service Officer
Managed customer-facing operations for telecom services, handling account provisioning and technical support via web-based systems. Developed foundational skills in process adherence, data handling, and service delivery in a regulated technology environment.