Summary
Overview
Work History
Education
Skills
Timeline
Generic

Ziad Shuwaikh

Ottawa

Summary

DevSecOps Engineer with 6+ years of dedicated cloud security and operations experience, specializing in AWS with additional exposure to Azure and Heroku. Proven expertise in architecting and securing cloud environments, leveraging AWS best practices, CIS benchmarks, and the native security stack to strengthen posture and resilience. Over 10 years of experience in IT and infrastructure, with deep skills in CI/CD pipeline design, automation, observability, and DevOps best practices. Proficient in scripting (Python, Bash, PowerShell) and infrastructure-as-code (Terraform, CloudFormation, Ansible, CDK). Strong collaborator with a track record of partnering with developers, guiding cross-functional security initiatives, and mentoring junior engineers. Adept at troubleshooting and incident response, with a focus on driving innovation, reducing risk, streamlining operations, and delivering cost-efficient, secure cloud solutions. Passionate about continuous learning and advancing in DevSecOps, Site Reliability Engineering (SRE), and Cloud Security leadership roles.

Overview

13
13
years of professional experience

Work History

Cloud Security Engineer - MTS

Wind River
05.2024 - Current
  • Monitor and analyze daily security findings using IDS and CNAP tools to identify and mitigate threats.
  • Collaborate with cross-functional teams to conduct security architecture reviews and enforce cloud security best practices.
  • Constantly review critical and high-severity findings and vulnerabilities in collaboration with Enterprise Security, ensuring timely risk mitigation.
  • Lead multiple proof-of-concepts (PoCs) including AV solutions, CNAP platforms, AI-driven security initiatives, and Just-in-Time (JIT) access.
  • Identify security gaps and deliver remediation through automation, improving efficiency and reducing manual workload.
  • Designed and implemented Security Control Policies (SCPs) across 40+ AWS accounts, ensuring compliance and least-privilege enforcement.
  • Established centralized security alerting and monitoring to improve visibility and incident response times.
  • Developed hardened CIS-compliant Amazon Linux 2023 images and automated build pipelines for consistent secure deployments.
  • Drove adoption of DevSecOps practices by integrating security into CI/CD pipelines and cloud operations.
  • Communicated cloud misconfigurations and malpractice across teams, driving remediation efforts to completion.
  • Identified and executed cost-optimization strategies by evaluating and adopting more efficient cloud services.

Sr. DevSecOps

Recollective
07.2022 - 04.2024
  • As a Senior DevSecOps professional, I worked closely with the VP of Engineering.
  • Using Typescript CDK to implement Infrastructure as Code (IaC) to automate AWS infrastructure deployment.
  • Identified and implemented security enhancements such as VPN, SSO, secure account architectures, WAF, and centralized monitoring and alerting, in line with industry best practices.
  • Set up a proactive monitoring and alerting system to enhance visibility into AWS infrastructure.
  • Actively involved in leading the SOC2 compliance initiative through frameworks like Vanta.
  • Skilled in building and maintaining CI/CD pipelines using Jenkins.
  • Led the migration of tools and services across accounts to enhance security posture and compliance with best practices.
  • Mentored junior team members, providing guidance and sharing expert knowledge to foster team development and expertise in security practices.
  • Played a key role in the InfoSec team, responsible for responding to customer security assessments and engaging directly with customers to address their concerns.
  • Streamlined the InfoSec processes by implementing innovative approaches and recommending effective tools to improve security measures and operational efficiency.

Cloud DevSecOps

TechInsights
03.2022 - 07.2022
  • Implemented ISO2700-compliant cloud security processes and centralized a full AWS security stack, including SecurityHub, GuardDuty, Inspector, and WAF for comprehensive protection.
  • Tracked and mitigated CVEs and security findings, integrating cloud infrastructure with Datadog SIEM for 24/7 monitoring and rapid threat response.
  • Enhanced CI/CD pipeline security, collaborated with stakeholders to incorporate security tools, and evaluated AWS infrastructure for compliance.
  • Partnered with IT and engineering teams to track security fixes, align with best practices, and contribute to overall security posture.
  • Worked closely with the director of operations on projects to enhance security monitoring and resiliency, aligning teams with security objectives.
  • Assisted the SRE team in disaster recovery and backup planning to ensure operational continuity.

DevSecOps Lead [Remote]

BioConnect
05.2021 - 01.2022
  • Led projects to enhance DevOps practices, security, and cost-efficiency, including improvements to existing infrastructure by adding and/or removing tools and services to enhance team efficiency in areas such as security, logging, and monitoring.
  • Orchestrated the migration from legacy VPN to Zero Trust Network (ZTN) with Cloudflare and spent time identifying areas for improvement according to DevOps best practices.
  • Collaborated with Azure architects for product deployment in Azure and worked closely with the TechOps Director to plan SOC2 Type II compliance strategies.
  • Strengthened the tech stack with monitoring, centralized logging, Infrastructure as Code (IaC), and access control measures.
  • Coordinated Continuous Integration/Continuous Deployment (CI/CD) pipeline improvements to enhance reliability and collaborated on tool selection with the CFO.
  • Instituted DevOps best practices and documented processes, while also mentoring team members, including senior members and interns.

Infrastructure Engineer – DevOps

Promfroms
03.2020 - 05.2021
  • Conducted monthly security reviews using AWS SecurityHub and Sumologic to ensure compliance with CIS standards across all infrastructure components.
  • Leveraged Infrastructure as Code (IaC) to automate deployments of various AWS services using CloudFormation stacks.
  • Developed serverless applications using AWS Lambda, Python, and the AWS Serverless Application Model (SAM) framework.
  • Utilized AWS Systems Manager automation documents to automate day-to-day activities, such as creating new Amazon Machine Images (AMIs), copying AMIs across regions, and executing commands on running EC2 instances for debugging and troubleshooting.
  • Designed and developed automation solutions to reduce toil and improve operational efficiency.
  • Actively managed, improved, and monitored cloud infrastructure on AWS, including maintenance, updates, and responding to critical alerts, using services such as NewRelic, CloudWatch, CloudTrail, and Sumologic.
  • Conducted quality testing of the disaster recovery procedure, identifying areas for improvement and automation.

DevSecOps Engineer

Ario
07.2018 - 03.2020
  • Collaborated with Ruby on Rails developers in Agile environment to support Ario platform.
  • Managed platform infrastructure on Heroku and AWS, focusing on security and best practices.
  • Ensured security and DevOps standards in CI/CD pipeline, maintaining continuous code delivery.
  • Implemented 24/7 monitoring with Sumologic and VictorOps for reliable alerting and response.
  • Developed real-time log analysis queries to detect and alert on suspicious activities.
  • Played a role in debugging, troubleshooting, and on-call support.
  • Worked with CTO and security head to define platform SLAs and MOPs.
  • Analyzed infrastructure and platform metrics, creating KPI-driven dashboards for enhancements.

Sr. Technical Analyst and Designer

Ribbon Communications
06.2017 - 06.2018
  • Led POC projects with the R&D VP, facilitating the adoption of new technologies and enhancing existing offerings.
  • Collaborated with product design teams to integrate technologies within a microservices architecture.
  • Deployed, configured, and maintained Kubernetes, GFS, and Elastic Stack, including File and Metricbeat.
  • Designed solutions for efficient storage, search, and visualization of daily product-generated logs.
  • Utilized automation tools like Ansible and Kubernetes for scaling and one-click cluster deployments.
  • Conducted performance tests, ensured resource utilization, and managed Kafka and Zookeeper clusters.
  • Monitored clusters using tools like Kubernetes Dashboard, Heapster, and Kafka Manager.
  • Productized Elastic Beats in the GENView platform and other products in collaboration with build teams.
  • Visualized real-time data with Kibana, Zoomdata, and Grafana for capacity planning and performance improvements.
  • Defined trial use cases to address real-world problems for trial users and internal customers.
  • Established metadata and Elasticsearch indexing strategies for data stream identification.

Services Development and Cloud Operations Engineer

Ribbon Communications (GENBAND)
01.2013 - 06.2017
  • Led design and development of GENBAND network backup, disaster recovery solutions, and product provisioning.
  • Collaborated with senior solution architects to shape R&D strategies and drive new solution initiatives.
  • Tested and ensured proper functionality and deployment readiness of new services for customers.
  • Provided service delivery, focusing on quality improvement and meeting customer requirements.
  • Modified software to address customer issues and enhance performance.
  • Developed and provisioned various GENBAND products including media gateways and application servers.
  • Debugged and resolved portal customer issues, ensuring efficient progress updates.
  • Developed new tools, scripts, and automation processes to streamline operations.
  • Improved service availability through feature development and centralization of configuration processes.
  • Worked closely with design, development, and product management teams to deliver new services and address customer issues.
  • Assisted in establishing production-ready processes for new services/products such as Kandy Clients and Real-Time Connection Clients.
  • Collaborated with GENBAND product support teams to escalate and address issues.
  • Integrated relevant 3rd party tools including OpManager, Active Directory, LDAP, and log analyzer.

Education

Bachelor of Communications Engineering -

Carleton University
Ottawa, ON
01.2011

Skills

    Cloud Platforms & Services:
    AWS (VPC, EC2, EKS, ECS, Lambda, RDS, S3, ALB, WAF, SecurityHub, GuardDuty, IAM Identity Center, etc), Heroku, exposure to Azure

    Cloud Security & Compliance:
    CIS benchmarks, SCPs, IDS, CNAP, SecurityHub, Inspector, GuardDuty, Prisma Cloud, Wiz, Tenable, vulnerability management, risk assessment, disaster recovery planning

    DevSecOps & Automation:
    Infrastructure as Code (CloudFormation, CDK, Terraform, Ansible), CI/CD (Jenkins, GitHub Actions, GitLab, Bitbucket, CircleCI), security automation & orchestration, secure image pipelines (CIS-hardened AMIs), log analysis, observability (Sumo Logic, Datadog, ELK Stack)

    Programming & Scripting:
    Python, Bash, PowerShell

    Containerization & Orchestration:
    Docker, Kubernetes (basic)

    Networking & Security:
    Network security, troubleshooting, centralized alerting, incident response, remediation workflows, cost optimization strategies

    Collaboration & Tools:
    Git, Cloudflare, Nginx, OpsGenie, Jira, Confluence, Notion, Slack, Amazon Q

    Professional Skills:
    Security architecture reviews, cross-team collaboration, PoC leadership, risk mitigation, stakeholder communication

Timeline

Cloud Security Engineer - MTS

Wind River
05.2024 - Current

Sr. DevSecOps

Recollective
07.2022 - 04.2024

Cloud DevSecOps

TechInsights
03.2022 - 07.2022

DevSecOps Lead [Remote]

BioConnect
05.2021 - 01.2022

Infrastructure Engineer – DevOps

Promfroms
03.2020 - 05.2021

DevSecOps Engineer

Ario
07.2018 - 03.2020

Sr. Technical Analyst and Designer

Ribbon Communications
06.2017 - 06.2018

Services Development and Cloud Operations Engineer

Ribbon Communications (GENBAND)
01.2013 - 06.2017

Bachelor of Communications Engineering -

Carleton University

Similar Profiles

CREATE PROFILE
Ziad Shuwaikh