Danish Tanvir, Developer in Brampton, ON, Canada
Danish is available for hire
Hire Danish

Danish Tanvir

Verified Expert  in Engineering

DevSecOps Engineer and Developer

Location
Brampton, ON, Canada
Toptal Member Since
June 7, 2021

Danish has nearly a decade of experience in cloud DevSecOps. He has advised companies in the airline, health, telecommunications, financial, and fast-food sectors on cybersecurity and cloud DevOps security governance. In addition to DevSecOps, Danish has advised companies on best practices for migration of cloud applications using Terraform, DevOps, Ansible, Jenkins, CIS Benchmarks, and continuous monitoring.

Amazon Web Services (AWS)DevSecOpsPythonGoogle CloudOracle CloudPCI Compliance

Portfolio

BoxyCharm
Amazon Web Services (AWS), Azure, DevSecOps, SIEM...
Rogers Communications
Amazon Web Services (AWS), DevSecOps, Azure
Forsythe Technology
SIEM, Amazon Web Services (AWS), Azure, DevSecOps...

Experience

Intrusion Prevention Systems (IPS) - 9 yearsAmazon Web Services (AWS) - 9 yearsPCI Compliance - 9 yearsSIEM - 9 yearsAzure - 7 yearsPython - 7 yearsDevSecOps - 6 yearsGoogle Cloud - 1 year

Availability

Part-time

Preferred Environment

DevSecOps, Azure, Amazon Web Services (AWS), Google Cloud, Oracle Cloud

The most amazing...

...project I've designed and configured was an automated solution for a multi-cloud link to transfer client data transactions securely.

Work Experience

Lead Cloud Security Architect

2019 - 2021
BoxyCharm
  • Worked on and migrated apps to the cloud as the lead security engineer. Moved from a strategic view to a granular, technical level, and ensured that security was part of the full lifecycle. Used Terraform and Jenkins and integrated with multi-cloud.
  • Designed and deployed a SIEM solution in a cloud environment for continuous monitoring while serving as the security architect. Used Azure Event Hubs, Logging, and Log Analytics (OMS), and IBM QRadar SIEM.
  • Developed an application using a CI/CD pipeline for continuous security, proposing that new application releases go through static code analysis, using Veracode to find vulnerabilities, and dynamic analysis, using Qualys.
Technologies: Amazon Web Services (AWS), Azure, DevSecOps, SIEM, Intrusion Prevention Systems (IPS)

Senior Cybersecurity and Cloud DevOps Architect

2018 - 2019
Rogers Communications
  • Designed, configured, and deployed a secure coding CI/CD pipeline for cloud security governance; deployed guardrails; automated the pipeline with CI/CD tools; and deployed CIS Benchmark best practices.
  • Designed and deployed an identity management solution with CyberArk in AWS, using multiple accounts, VPC peering, and VPN. Troubleshot sessions and found cybersecurity threats. I was serving as a security engineer.
  • Played a key role in application migration and coordinated with several stakeholders while serving as the lead security architect.
Technologies: Amazon Web Services (AWS), DevSecOps, Azure

Security Consultant

2016 - 2018
Forsythe Technology
  • Provided security consulting and designed and deployed a SIEM solution in a cloud environment.
  • Served as a senior security consultant, helped team members troubleshoot during implementation, and worked with several vendors for cloud and technology.
  • Set up continuous monitoring after the project went live, looking for bugs and security threats.
Technologies: SIEM, Amazon Web Services (AWS), Azure, DevSecOps, Intrusion Prevention Systems (IPS)

SIEM Security Consultant

2013 - 2016
Controlcase
  • Served as a SOC consultant: Created IBM QRadar rules, a Splunk dashboard using regex, and an automated Python script for capturing blacklist IPs with Python. Scripted for IP information with IBM X-Force.
  • Provided professional services for SIEM and Amazon Firewall deployment for clients based on PCI compliance and ISO 27001. I did this while serving as a security designer.
  • Worked closely with a client's NOC and SOC to confirm functionality and a data breach while serving as a security consultant.
Technologies: Amazon Firewall, Azure, DevSecOps, SIEM, Python, PCI Compliance, ISO 27001

Secure Data Transaction

A project to automate a data transaction from AWS to Azure. It leveraged an OAuth 2 token and the data in transit was encrypted. API Management and API Gateway were used with Azure Active Directory to authenticate the application.

Tools

Amazon Firewall

Platforms

Azure, Amazon Web Services (AWS)

Paradigms

DevSecOps

Languages

Python

Storage

Google Cloud, Oracle Cloud

Other

SIEM, Intrusion Prevention Systems (IPS), PCI Compliance, ISO 27001

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring