Max Habra

Cloud AWS Azure GCP O365 Entra ID Serverless

Security Microsoft Defender Microsoft Intune Cryptography HSMs Defense-in-Depth

DevOps Agile Containers Kubernetes GitHub Azure DevOps HashiCorp Stack Atlassian Stack

SecOps Splunk Microsoft Sentinel SOAR Incident Response Service-Now

Big Data & AI Neural Networks Bayesian AutoML Vision API OCR/Tesseract Jupyter notebooks LLMs AI Agents

Governance ISO 27000 NIST SP 800 PCI DSS OWASP FIPS 140-2 CIS Zero Trust STRIDE TOGAF

Programming Bash C# C++ PowerShell Python HCL

• Leading cloud architecture for the Security Operations Team.
• Improving security tools, pipelines, automation, and cloud practices across IT and business units. ß
• Securing cloud assets and tenants (Azure, AWS, GCP) alongside Zero Trust initiatives.
• Implementing shift-left and GitOps in Appsec team (50% reduction of operation costs)
• Writing and updating cloud and development standards to improve security transparency.
• Member of the Cloud Center of Excellence to architect, develop, and test solutions with cloud providers.
• Improving incident response with automation, machine learning, and advanced analytics.
• Application security automation through pipelines, Azure DevOps, and GitHub Actions.

Complete SIEM & SOAR Foundation Security as code Integration Secops Automation with LLMs Resilient Azure & AWS infrastructure

• Leading technical and architecture cloud integration for the Innovation & AI division.
• Helping federate, develop, and improve the marketing Big Data initiative for consumer analytics.
• Driving migration and improvement of IaaS applications toward cloud-native SaaS/PaaS offerings.
• Company-wide cloud identity federation with Google Cloud and Azure Active Directory (Entra).
• Expanding HashiCorp Stack (Terraform, Vault, Packer) for automation initiatives.
• Democratizing Agile and DevOps principles for faster, better deliveries.
• Enabling Big Data verticals beyond silos and on-prem technologies through governance and automated testing.

Migration to cloud-native solutions Advanced analytics automation data protection via Serverless pipelines & DLP Terraform & Git pipeline automation

• Leading security engineering on cloud platforms and DevOps best practices with infrastructure as code, automation, and secure SDLC design in a multi-cloud environment.
• Security SME for Azure, AWS, GCP, private cloud, and container platforms.
• Deploying security as code and a cloud-native banking security framework as part of the Cloud Foundation Program.
• Leading container security implementation (Kubernetes) and SSDLC practice.
• Roadmapping and training on application security, infrastructure as code, cloud services, and DevSecOps principles.
• Cloud security incubator program for developers, teams, and management to improve cloud, DevSecOps, and Agile knowledge.
• Cloud incident response and data protection/DLP using automated tools and machine learning.

Designed and implemented Security Foundation Operations Defense-in-Depth Kubernetes framework CASB Anti-fraud using ML/DL

• Member of the Security Architecture Cloud Practice Team.
• Primary architect and security engineering resource on public and hybrid cloud initiatives (SaaS, PaaS, IaaS).
• Cloud security specialized advisor for projects involving AWS, Microsoft Azure, GCP, and Salesforce Cloud.
• Auditing third parties for security standards compliance and remediation guidance.
• Produced and contributed to whitepapers on cloud practice, CASBs, hybrid cloud integration (Azure Stack, Cloudify), cryptography, and DevSecOps.
• Member of roadmap committees for Cloud Practice and DevSecOps commitment.

Public cloud security conceptions & Design Security Audits for IPOs Firmwide migration to public/hybrid cloud solutions

• Member of the Security Architecture and Engineering Team.
• Primary advisor for feasibility, design, and implementation phases across projects.
• Technical security consultant in systems, networking, cryptography, and governance.
• Optimizing business processes to support production, business lines, and SOC operations.
• Drafting and improving client experience and due diligence for standards, guidelines, and regulations (ISO, PCI DSS, NIST).
• Risk analysis for major projects, technology monitoring, and third-party vendor assessments.
• Architecture design for on-premise and cloud (Azure) projects.
• Access and license management, enhancement of in-house applications, and internal fraud prevention.
• Global participant for account verification and privilege management, IAM foundation (SSO, MFA, IAM, AD)and endpoint/server migrations.
• Process improvement and crisis response for major incidents, plus deployment and security of a virtual bank.

IAM Audit Virtual banking system security Business Process Automation