Security Journey
My Security Journey
A 15+ year evolution from infrastructure management to strategic security architecture.
Timeline
2025 - Present: DevSecOps + CISO Cybersecurity Architect
Payler.com - Strategic Security Leadership
Security Governance:
- Implemented NIST CSF and CIS Controls framework
- Established Security Metrics & Reporting Program
- Chaired Cloud Security Governance Board
Threat Management:
- Deployed dual-SIEM strategy (Wazuh + Security Onion)
- Established Purple Team exercise program
- Integrated threat intelligence feeds (STIX/TAXII)
Zero Trust Architecture:
- Implemented micro-segmentation validation
- Designed continuous verification mechanisms
- Established DLP strategy with AWS Macie + Istio
2024 - 2025: DevSecOps Cloud Security Architect
Payler.com - PCI DSS 4.0 Compliance Implementation
PCI DSS Requirements:
- Requirement 1&2: Network segmentation + CIS hardening
- Requirement 3&4: KMS CMK encryption + TLS 1.3 + Tokenization
- Requirement 5&6: Wazuh EDR + Secure SDLC pipeline
- Requirement 7&8: IAM least privilege + MFA + JIT access
Wazuh SIEM Deployment:
- HA cluster with 200+ agents
- 500+ custom security rules
- PCI DSS dashboard with 150+ automated checks
- File Integrity Monitoring on 10,000+ files