Raman Sh. DEVSECOPS ENGINEER / SYSTEM ADMINISTRATOR

Security Operations (SecOps) (6.0 yr.), Security Operations (SecOps) (6.0 yr.)

Summary

DevSecOps specialist and system administrator with a 7-year tenure, fusing expertise in secure infrastructure solutions with a security-focused approach to system administration. Key strengths include Docker containerization, Infrastructure as Code practices, and intensive security testing using tools like OWASP ZAP, Black Duck, and Coverity. Demonstrated aptitude in log management and real-time security event detection with Splunk. Technical proficiency spans a broad range of areas including network security, cryptography, and cloud platforms. The engineer's project history showcases successful roles across IoT, E-Commerce, and business domains, with substantial contributions to secure and compliance-heavy environments, while maintaining system reliability and performance.

Work Experience

DevSecOps Engineer / System Administrator, HOME SECURITY SYSTEMS

Duration: 10.2022 - till now
Summary: Home security systems offering full ecosystem with various smart devices and a secure backend.
Responsibilities: Automated analysis of SCA reports, developed security documentation for mobile apps, collaborated on Linux-based tool integration, complex issue troubleshooting, backend security enhancement, mobile security research, system security best practices implementation, internal security testing, Splunk monitoring setup and customization, proactive threat mitigation, vulnerabilities management, performance tuning, remediation recommendations, firewall configuration and audits.
Technologies: Coverity, OWASP ZAP, Black Duck, Checkpoint, Splunk, nmap, Burp Suite, Python, C, Linux Terminal Server, Linux Development Tools, VMware, Windows, Git

Security Engineer, FINANCE/E-COMMERCE APPLICATION

Duration: 09.2020 - 10.2022
Summary: Online payment solution streamlining transactions globally, with connectivity to major brands.
Responsibilities: Promoted security practices integration within teams, developed security documentation, implemented SAST/DAST, conducted security testing with various tools, established secure coding practices, utilized Microsoft Dynamics for task tracking, performed internal security testing and vulnerabilities remediation, incident report analysis and risk assessments.
Technologies: Linux, Python, C, Git, Docker, OWASP ZAP, Coverity, Black Duck, nmap, Burp Suite, Wireshark, Microsoft Dynamics, tcpdump, Ettercap, Aircrack-ng toolset, Ghidra, Jadx, GDB, Frida

Network Security Engineer, CONSUMER ELECTRONICS MANUFACTURER

Duration: 08.2018 - 09.2020
Summary: Consumer electronics manufacturer known for high-quality OEM and ODM products enjoyed globally.
Responsibilities: Mentored team members, managed access control and network security, updated security policies, monitored performance, organized communication for new branches, managed daily network operations, conducted customer needs assessments, implemented authentication, authorization, encryption, security hardening, utilized OSINT, performed security audits, troubleshoot network issues, maintained documentation.
Technologies: Nmap, Wireshark, Arcsight, Cisco ASA, Python, Linux, Docker, Git

Education

Computer Security