AI Security Engineer and Cloud Security Architect with 8+ years in enterprise cybersecurity — spanning XDR deployment, Zero Trust architecture, CNAPP governance, and AI platform engineering.
I design and build production AI-powered cybersecurity platforms at $0 cloud cost using local LLMs, edge computing, agentic AI orchestration, and serverless edge primitives. Six production AI security platforms shipped solo — spanning multi-VM on-prem SOC, autonomous pentest (x86 + Jetson edge), agentic GRC, multi-agent personal AI, and serverless security awareness — plus a public Android fintech project. Zero vendor lock-in. Consistent multi-agent + policy-gate architecture pattern proven across enterprise, edge, and personal-scale deployments.
| Role | AI Security Engineer · Cloud Security Architect · Production AI Platform Architect |
| Certifications | CISM · OCI Multicloud Architect · OCI Gen AI Professional · OCI AI Foundations · AZ-900 · Cisco Ethical Hacker · Cisco Cybersecurity Analyst · Cisco Network Defense · Cisco Endpoint Security · CWHH · C-WAST |
| Education | M.Sc. Cyber Forensics & Information Security — First Class (76%) |
| Specialisation | XDR · CNAPP · Zero Trust · CTEM · Agentic AI Security · Multi-Agent Orchestration · Voice AI · Edge Compute · Serverless Security · AI Red Teaming · DevSecOps · GRC Automation |
| Frameworks | NIST CSF 2.0 · ISO 27001:2022 · MITRE ATT&CK · CIS v8 · OWASP · MASVS L1 · GDPR · NIS2 · DORA · SAMA · EU AI Act |
| Languages | English (Professional) · Tamil (Native) · Hindi (Conversational) · Arabic (Basic) |
| Capability | Impact | Details |
|---|---|---|
| AI Security Platforms | $200K+/yr saved | Built autonomous pentest platform replacing commercial VAPT — Dockerized, hardened, governance-ready |
| XDR Deployment | 45% faster MTTD | Unified endpoint, network, email, and cloud telemetry with automated correlation |
| SOAR Automation | 50% less triage | Playbook-driven response with MITRE ATT&CK mapping |
| Cloud Security (CNAPP) | 30% fewer CVEs | Multi-cloud posture management with custom compliance queries mapped to CIS v8 |
| Zero Trust Architecture | 50% fewer breaches | Conditional Access + PAM + ZTNA across hybrid infrastructure |
| DevSecOps | 70% less drift | Shift-Left security embedded in CI/CD pipelines |
| Attack Surface Management | 60% more visibility | Discovered 320+ shadow IT assets across enterprise environments |
| ISO 27001 Certification | Zero non-conformities | Led full certification cycle — policy authoring through external audit |
| Best Performer | FY 2022-2023 | Recognised for exceptional contributions to cybersecurity excellence and innovation |
| Phishing Response | 40% faster SLA | AI-powered email security analytics and automated SOAR incident response |
| Alert Noise Reduction | 35% less noise | Intelligent XDR detection rule tuning improving SOC analyst productivity |
| Attack Surface Reduction | 20% reduced | Comprehensive VAPT identifying and remediating OWASP Top 10 vulnerabilities |
|
|
- 🚀 Building Exchangia (personal R&D, source open, not yet on Play Store) — Android 14+ AED→INR remittance + gold-rate aggregator · 11 verified sources · WorkManager + GitHub Actions cron · $0 ops cost · Releases · Technical report
- 📡 Shipping CyberBriefs — Serverless security-awareness distribution · multi-LLM fallback · Cloudflare Worker Telegram approval webhook · Instagram Graph API idempotent publish · $0/month
- 🛠 Maintaining 6 production AI security platforms in private repos (multi-VM on-prem SOC · autonomous pentest x86+Jetson edge · agentic GRC · CISO threat intel · multi-agent on-device assistant) — code walkthroughs + live demos available on request
- 🎯 Open to: Senior AI Security Engineer / Cloud Security Architect / GenAI Security roles
- 🌏 Locations: UAE (immediate joiner) · GCC · Singapore · Australia · Canada · Germany · Netherlands · USA — H-1B / EU Blue Card / GCC / SG EP sponsorship welcome
- English — Professional working proficiency
- Tamil — Native
- Hindi — Conversational
- Arabic — Basic (UAE workplace)
Single-host enterprise SOC platform — 4-VM micro-isolated, AI-orchestrated, $0 cloud cost
┌──────────────────────────────────────────────────────────────────────────┐
│ MISSION On-prem SOC operations + autonomous pentest at enterprise │
│ scale, fully air-gapped scan plane, zero vendor licensing │
├──────────────────────────────────────────────────────────────────────────┤
│ Hardware HP DL380p Gen8 — 48 vCPU / 251 GB RAM / single-host KVM │
│ Topology 4 VMs on libvirt mgmt-net + dedicated air-gap subnet │
│ vm-pentest · vm-ops · vm-edge · vm-cyberdash │
│ Edge Caddy reverse proxy → 5 vhosts · Authelia 2FA TOTP + │
│ group-based ACL · WireGuard remote access │
│ Compute 30+ services across 11 docker-compose stacks · │
│ healthchecks · restart policies · 50 iptables FORWARD/INPUT │
│ AI Stack LangGraph multi-agent observability with T0–T3 policy gates │
│ qwen2.5:3b triage + qwen3-30b-a3b reason · age-encrypted env │
│ Pentest Nmap · Nikto · Nuclei · Sqlmap · Katana + MobSF · APKiD · │
│ JADX · APKLeaks · trufflehog · lief — orchestrated dispatch │
│ Data 692 production scans · pentest.db (SQLite WAL) · 346K CVE │
│ records (NVD + CISA KEV + EPSS) · Qdrant RAG (OWASP corpus) │
│ Observ. Prometheus · Alertmanager · Grafana · Loki · cAdvisor · │
│ Telegram alerts · daily LLM-rendered digest │
│ Reliable 10 systemd watchdogs (5-min sweep, idempotent) · │
│ 38-section as-built v1.4 · 11-scenario operator runbook · │
│ cockpit auto-recover · libvirt snapshot before risky ops │
│ Security 15-min sliding session · MASVS rollup mobile compliance · │
│ air-gapped scan-plane (iptables FORWARD/INPUT drops) · │
│ role-based RBAC (admin / viewer / bot) │
│ Backup Off-host backup → private GitHub (configs + 7.5 MB DB.gz) │
├──────────────────────────────────────────────────────────────────────────┤
│ IMPACT Replaces commercial VAPT + SIEM stack · $0 cloud cost · │
│ 33-component health-check green · documented runbook + │
│ as-built v1.4 · DR-restorable from off-host backup (DB+cfg) │
└──────────────────────────────────────────────────────────────────────────┘
Edge-deployed AI pentest platform — network + mobile APK security, production Docker deployment with full security hardening
┌──────────────────────────────────────────────────────────────────────────┐
│ MISSION AI-orchestrated autonomous pentesting + governance reporting │
├──────────────────────────────────────────────────────────────────────────┤
│ AI Core Local llama.cpp (Qwen2.5-3B GGUF) + OpenAI analysis │
│ Hardware NVIDIA Jetson Orin Nano 8GB — fully air-gapped, edge-native │
│ Deploy Docker Compose — non-root container, hardened, single cmd │
│ Network Katana · Nikto · Nuclei · SQLMap · Nmap — AI-orchestrated │
│ Mobile androguard · apktool · APKLeaks · JADX — APK static analysis│
│ Backend Python FastAPI · Uvicorn · SQLite · CPU/RAM-aware dispatch │
│ Frontend Vanilla HTML/CSS/JS · admin controls · bulk CSV/TXT import │
│ Reports Executive · Technical · Compliance · Mobile Assessment │
│ ISO 27001 · SOC 2 · NIST CSF · OWASP · CIS · regional cybersecurity standards │
│ Mobile OWASP MASVS L1 compliance · Mobile Top 10 (2024) mapping │
│ Report Sectoral compliance · ISO 27001 framework cross-reference │
│ Severity-coded finding cards · remediation roadmap · PDF │
│ Security Login rate limiting · nmap script whitelist · XSS hardened │
│ Step-up auth (all users) · CSP · CORS · audit trail export │
│ Non-root container · cap_drop ALL · read-only filesystem │
│ Auto-generated admin password · no hardcoded credentials │
├──────────────────────────────────────────────────────────────────────────┤
│ IMPACT 53 FastAPI endpoints · ~25K LOC across 17 modules · │
│ 5,059-LOC reporting engine · 22 governance templates · │
│ 5 network + 4 mobile tools · 100% offline-capable · │
│ air-gap fonts (IBM Plex, JetBrains Mono) · zero vendor cost │
└──────────────────────────────────────────────────────────────────────────┘
Local-first C-Suite intelligence platform — $0 cloud LLM cost
┌──────────────────────────────────────────────────────────────────────────┐
│ MISSION AI-powered executive cyber intelligence + SOC operations │
├──────────────────────────────────────────────────────────────────────────┤
│ AI Core Ollama local LLM (llama3.2:1b) + grounded prompt pipeline │
│ Agents Hybrid agentic orchestration — context/draft/finalize/ │
│ policy/verification with optional LangChain composition │
│ Frontend React 18 + GeoPulse Atlas (Leaflet) + KPI snapshots + │
│ 30-day AI intel chat + Spline 3D splash UX │
│ Backend Python Flask (2,804-LOC routes.py · 34 endpoints) · │
│ 27 modules · 420 KB backend · SQLAlchemy · PostgreSQL · Redis│
│ Bot Telegram (95 KB) — interactive editorial workflow │
│ Workflow Admin curation → AI draft → Telegram edit → publish │
│ Live Map Leaflet + Check Point ThreatMap stream · 64-point bezier │
│ arcs · antimeridian handling · 8s refresh · live-only │
│ Sources 20+ RSS feeds · SHA-256 dedup · EV/automotive scoring boost │
│ Workflow 05:45 Asia/Dubai cron → Telegram preview → CISO approval → │
│ top 5 surface on dashboard · 30-day retention · MCP server │
│ Integr. n8n automation · Docker Compose · Nginx │
├──────────────────────────────────────────────────────────────────────────┤
│ IMPACT $0 cloud cost · privacy-preserving · daily C-suite briefings│
└──────────────────────────────────────────────────────────────────────────┘
Multi-agent GRC automation platform — RAG-powered compliance governance
┌──────────────────────────────────────────────────────────────────────────┐
│ MISSION Automated IT policy generation, review, and compliance │
│ governance for enterprise organisations │
├──────────────────────────────────────────────────────────────────────────┤
│ AI Core Ollama local LLM + ChromaDB RAG (vector similarity search) │
│ Agents 4 specialised agents · 6 streaming SSE workflows │
│ (chat · generate · finalize · revise · review · renew) │
│ Autonomous Monitor — APScheduler 6-hour cycle · │
│ 8 regulatory domains via DuckDuckGo │
│ Backend Python FastAPI · Uvicorn · ChromaDB · LangChain │
│ Frontend Next.js 16 + React 19 + TypeScript 5 + Tailwind CSS 4 │
│ SSE streaming · token-by-token generation · inline editor │
│ Coverage UAE NESA · ISO 27001:2022 · UAE PDPL · NIST CSF 2.0 · │
│ CIS Controls v8 · ADDA · UAE Cybersecurity Law │
│ Output Policy drafts · compliance scorecards · gap analysis │
├──────────────────────────────────────────────────────────────────────────┤
│ IMPACT Automated GRC governance · audit-ready output · $0 cost │
└──────────────────────────────────────────────────────────────────────────┘
Production multi-agent assistant — 6 sub-agents · 17+ tools · 4-tier approval gate · 100% on-device · encrypted personal data
┌──────────────────────────────────────────────────────────────────────────┐
│ MISSION Multi-agent personal AI platform with zero cloud egress, │
│ voice-activated, encrypted at rest, mobile-accessible │
├──────────────────────────────────────────────────────────────────────────┤
│ AI Core Ollama 72B Master Orchestrator routing to specialised agents│
│ Agents 6 sub-agents (Code · Comms · File · Privacy · System · Web)│
│ inheriting from BaseAgent abstract — same pattern proven │
│ in the enterprise multi-VM SOC platform │
│ Tools 17+ platform-aware tools — filesystem · shell · browser · │
│ git · email · screenshot · clipboard · web search │
│ Policy 4-tier approval gate (Auto → Notify → Confirm → Restricted)│
│ directly parallel to enterprise T0–T3 policy engine │
│ Memory ChromaDB vector store · long-term episodic memory · RAG │
│ Vault SQLCipher AES-256 encrypted personal data store │
│ Voice Wake-word ("Hey EVA") → Whisper STT → LLM → Piper TTS │
│ Frontend React 19 + WebSocket bidirectional streaming · PWA mobile │
│ Access Tailscale Zero Trust Network · cross-platform (Linux+Win) │
├──────────────────────────────────────────────────────────────────────────┤
│ IMPACT Demonstrates Responsible AI deployment · zero-trust local- │
│ first architecture · multi-agent orchestration pattern │
│ portable from enterprise scale down to single-device │
└──────────────────────────────────────────────────────────────────────────┘
Public OSS · $0/month operating cost · multi-LLM provider abstraction · Cloudflare Worker edge approval webhook · Instagram Graph API idempotent publish
┌──────────────────────────────────────────────────────────────────────────┐
│ MISSION Daily cybersecurity awareness content generation, human-in- │
│ the-loop approval, and idempotent multi-platform publish │
│ at near-zero ongoing cost │
├──────────────────────────────────────────────────────────────────────────┤
│ Cron 2× daily via GitHub Actions scheduled workflows │
│ (morning + evening) · pipeline tests · auto-deploy Worker │
│ AI Core Multi-LLM provider abstraction layer · hot-swap across │
│ OpenAI · Groq · HuggingFace · GitHub Models · Cloudflare AI│
│ · Pollinations — no single-vendor lock-in │
│ Approval Cloudflare Worker Telegram webhook · secret-token auth · │
│ inline approval keyboards · idempotent publish guard │
│ (replay/double-click safe) │
│ Publish Instagram Graph API · single image + CAROUSEL_ALBUM (2–10 │
│ slide carousel for 3–5× engagement uplift) │
│ Storage Public GitHub repo (no-credit-card image hosting) · │
│ optional Cloudflare R2 upgrade path │
│ Content 100+ curated cybersecurity topics — 50+ days of fresh │
│ content runway · composite-image generator with typography │
│ Supply Third-party Actions pinned by full commit SHA │
├──────────────────────────────────────────────────────────────────────────┤
│ IMPACT Demonstrates edge-native security-awareness scaling · zero-│
│ vendor-cost content pipeline · directly applicable to │
│ enterprise security-awareness programmes │
└──────────────────────────────────────────────────────────────────────────┘
- transfer-rate — Exchangia Android app source (Kotlin · Jetpack Compose · Material 3 · 11 live rate sources · gold module · $0 ops). Personal R&D, source open, not yet on Play Store.
- Cyberbriefs — Serverless cybersecurity awareness content engine (described above)
Cybersecurity Platforms
AI / LLM / Agentic AI
Cloud Security
Development & Infrastructure
Compliance & Governance
| Certification | Issuer | Year | |
|---|---|---|---|
| ⭐ | CISM — Certified Information Security Manager | ISACA | 2026 |
| ☁️ | OCI Generative AI Professional | Oracle | 2025 |
| ☁️ | OCI Multicloud Architect Professional | Oracle | 2025 |
| 🤖 | OCI AI Foundations Associate | Oracle | 2025 |
| ☁️ | OCI Foundations Associate | Oracle | 2025 |
| 🪟 | AZ-900 — Azure Fundamentals | Microsoft | 2024 |
| 🔓 | CWHH — Certified White Hat Hacker (L1 & L2) | — | 2023 |
| 🔓 | C-WAST — Certified Web Application Security Tester | — | 2023 |
| 📋 | ISMS Trained Auditor — ISO/IEC 27001:2022 | — | 2022 |
| 🌐 | CCNA — Cisco Certified Network Associate | Cisco | 2021 |
"The best security system is one that is invisible, intelligent, and costs nothing to run. AI is the key that makes all three possible — simultaneously."
