- Scoutbee GmbHPrincipal DevSecOps EngineerDIGITAL & ITOctober 2023 - Today (1 year and 4 months)Berlin, Germany
- Defining Scoutbee’s security strategies to make sure our product and services are secure and in compliance with the standards and regulations we are following.
- Collaboration with development teams to implement best practices based on Secure Coding principles and define secure CI/CD guardrails to keep the development pipelines in the rail.
- Collaborated with the infra/SRE team to identify security vulnerabilities and misconfigurations. Established IaC scanning, CNAPP, and Policy as Code for deployment on cloud providers to improve understanding and visibility.
- Performing threat modeling and secure coding workshops to identify the threats and plan to fix them in the design and developing phase (Shift-left mindset) and promote a clutter of DevSecOps.
- Scoutbee GmbHSenior DevSecOps EngineerDIGITAL & ITAugust 2022 - September 2023 (1 year and 2 months)Berlin, GermanyImplementing SAST, SCA, IaC, PaC, and DAST as part of the CI/CD pipelines.Threat modeling and analyzing software designs, implementations, and infrastructure to identify security issues anddesign countermeasures.Managing penetration test programs on applications and services.Define a vulnerability disclosure program (VDP) to identify vulnerabilities in internet-facing services.Promoting the shift-left strategy and DevSecOps culture by starting the threat modeling section.
- HENKELLead Engineering DevSecOpsCHEMICALSeptember 2021 - February 2022 (5 months)Berlin, GermanyPerform vulnerability assessments and penetration tests. Perform security testing and code review as part of the SDLC pipeline to improve software security. (promoting the shift-left strategy and DevSecOps culture).
- Associate s Degree in Computer Software EngineeringJahaad Software Academic Institute – Esfahan2013Bachelor's degree, Computer Software Engineering
- Associate s Degree in Computer Software EngineeringJahaad Software Academic Institute – Esfahan2009Associate's degree, Computer Software Engineering
- CKA: Certified Kubernetes AdministratorThe Linux Foundation2022
- CKS: Certified Kubernetes Security SpecialistThe Linux Foundation2022