- π 4+ years securing cloud-native platforms across AWS and GCP, with a focused specialism in LLM/AI security.
- π‘οΈ Building security frameworks for LLM-powered SaaS β prompt-injection mitigation, adversarial red-teaming, vector DB hardening.
- βοΈ Hands-on Kubernetes, Terraform, and GitOps engineering with zero-trust by default.
- π Track record: 75% workflow optimisation Β· 40% efficiency gains Β· 99.99% uptime through secure automation.
- π AWS Security β Specialty Β· GCP Professional DevOps Engineer certified.
- π Open to relocation Β· visa sponsorship required.
βοΈ Cloud & Platform
π¦ Containers & Orchestration
ποΈ IaC & GitOps
π‘οΈ DevSecOps
π€ AI / LLM Security
π» Languages
End-to-end security layer for an LLM-powered SaaS, mapped to OWASP LLM Top 10 & MITRE ATLAS.
- ~92% reduction in successful prompt-injection attempts in red-team exercises.
- Real-time mitigation pipeline: input sanitisation, semantic firewalls, classifier-based detection (direct + RAG vectors).
- Adversarial testing harness as a CI/CD release gate (jailbreak, role-play, encoding attacks).
- Vector DB hardening (Pinecone, Weaviate) β tenant isolation, embedding-poisoning detection.
- Verifiable supply-chain integrity via ArgoCD + Cosign/Sigstore + SBOM generation.
- Admission controllers reject unsigned or vulnerable artefacts.
- ERP/CRM workloads migrated to EKS/GKE with namespace isolation, network policies, zero-trust ingress.
- 99.99% uptime across multi-AZ workloads with auto-scaling and resilient RDS topologies.
- Manual operational toil halved via Terraform + GitHub Actions deployment gates.
πΈπ¦ Arabic (Native) Β· π¬π§ English (C1) Β· π«π· French (Working) Β· π©πͺ German (Elementary)
"Secure by default. Automated by design. Adversarial by mindset."