Security & ComplianceAigini Navaneethan
Experienced in providing security and compliance services, ensuring systems adhere to industry standards and customer-specific requirements. Skilled in user access management, system hardening, patching, and security monitoring to mitigate risks and enhance protection. Proficient in implementing compliance frameworks, auditing policies, and security best practices to maintain regulatory alignment. Committed to proactively identifying vulnerabilities, strengthening security posture, and ensuring continuous compliance for enterprise environments.
What's included
Linux OS Security Hardening
Implement security best practices for Linux servers, including user access controls, firewall configurations, and secure SSH settings; Enforce SELinux/AppArmor policies, PAM configurations, and sudo privilege management; Conduct kernel hardening, sysctl tuning, and disabling unnecessary services to minimize attack surfaces; Automate security configurations using Ansible, Bash scripts, or system policies.
Cloud Security & Compliance Enforcement
Implement AWS IAM, Azure RBAC, and security groups to ensure least privilege access; Configure cloud-native security tools (AWS Security Hub, Azure Defender, AWS GuardDuty, Azure Sentinel) for real-time threat detection; Define and enforce network security policies, including firewall rules, VPN access, and private networking; Secure cloud storage (AWS S3, Azure Blob) with encryption, access policies, and logging mechanisms.
Vulnerability Assessment & Patch Management
Conduct regular vulnerability scans on Linux systems; Automate patch management for RHEL, Ubuntu, and CentOS to mitigate security risks; Ensure compliance with CVE (Common Vulnerabilities and Exposures) patching guidelines; Maintain an effective change management and rollback strategy for security updates.
Compliance with Industry Standards & Regulations
Ensure Linux and cloud environments comply with ISO 27001, NIST, CIS Benchmarks, PCI-DSS, and GDPR; Implement audit logging and tracking for system and cloud security events using tools like Auditd, CloudTrail, and SIEM solutions; Conduct security assessments, penetration testing, and policy enforcement for regulatory compliance; Generate and maintain compliance reports and security documentation for audits.
Incident Detection, Response, and Remediation
Set up real-time security monitoring for Linux OS and cloud environments using tools like Wazuh, Osquery, and AWS Security Hub; Implement intrusion detection and prevention (IDS/IPS) for cloud and on-prem infrastructure; Develop incident response plans and forensic analysis processes for security breaches; Automate security incident response using scripts, SOAR (Security Orchestration, Automation, and Response) tools, or cloud-native remediation.
Identity & Access Management (IAM) Security
Implement centralized authentication and authorization using IPA (Identity Policy Audit), LDAP, and Kerberos for Linux environments; Configure MFA (Multi-Factor Authentication) and SSO (Single Sign-On) for cloud and on-prem users; Enforce IAM policies in AWS, Azure, and Linux environments to prevent unauthorized access; Automate user provisioning, deprovisioning, and role-based access control (RBAC) enforcement.
Security Logging & Monitoring
Configure log forwarding and alerting for real-time security analysis; Integrate Linux syslog, CloudWatch, and Security Event Logs for centralized monitoring; Implement custom security dashboards and reports for continuous monitoring and compliance tracking; Learn to deploy SIEM solutions (Splunk, ELK, Wazuh) to centralize security logs and detect threats;
Contact for pricing
Tags
Wireshark
Cloud Security Engineer
Security Engineer
Service provided by
Aigini Navaneethan proKuala Lumpur, Malaysia
Security & ComplianceAigini Navaneethan
Contact for pricing
Tags
Wireshark
Cloud Security Engineer
Security Engineer
Experienced in providing security and compliance services, ensuring systems adhere to industry standards and customer-specific requirements. Skilled in user access management, system hardening, patching, and security monitoring to mitigate risks and enhance protection. Proficient in implementing compliance frameworks, auditing policies, and security best practices to maintain regulatory alignment. Committed to proactively identifying vulnerabilities, strengthening security posture, and ensuring continuous compliance for enterprise environments.
What's included
Linux OS Security Hardening
Implement security best practices for Linux servers, including user access controls, firewall configurations, and secure SSH settings; Enforce SELinux/AppArmor policies, PAM configurations, and sudo privilege management; Conduct kernel hardening, sysctl tuning, and disabling unnecessary services to minimize attack surfaces; Automate security configurations using Ansible, Bash scripts, or system policies.
Cloud Security & Compliance Enforcement
Implement AWS IAM, Azure RBAC, and security groups to ensure least privilege access; Configure cloud-native security tools (AWS Security Hub, Azure Defender, AWS GuardDuty, Azure Sentinel) for real-time threat detection; Define and enforce network security policies, including firewall rules, VPN access, and private networking; Secure cloud storage (AWS S3, Azure Blob) with encryption, access policies, and logging mechanisms.
Vulnerability Assessment & Patch Management
Conduct regular vulnerability scans on Linux systems; Automate patch management for RHEL, Ubuntu, and CentOS to mitigate security risks; Ensure compliance with CVE (Common Vulnerabilities and Exposures) patching guidelines; Maintain an effective change management and rollback strategy for security updates.
Compliance with Industry Standards & Regulations
Ensure Linux and cloud environments comply with ISO 27001, NIST, CIS Benchmarks, PCI-DSS, and GDPR; Implement audit logging and tracking for system and cloud security events using tools like Auditd, CloudTrail, and SIEM solutions; Conduct security assessments, penetration testing, and policy enforcement for regulatory compliance; Generate and maintain compliance reports and security documentation for audits.
Incident Detection, Response, and Remediation
Set up real-time security monitoring for Linux OS and cloud environments using tools like Wazuh, Osquery, and AWS Security Hub; Implement intrusion detection and prevention (IDS/IPS) for cloud and on-prem infrastructure; Develop incident response plans and forensic analysis processes for security breaches; Automate security incident response using scripts, SOAR (Security Orchestration, Automation, and Response) tools, or cloud-native remediation.
Identity & Access Management (IAM) Security
Implement centralized authentication and authorization using IPA (Identity Policy Audit), LDAP, and Kerberos for Linux environments; Configure MFA (Multi-Factor Authentication) and SSO (Single Sign-On) for cloud and on-prem users; Enforce IAM policies in AWS, Azure, and Linux environments to prevent unauthorized access; Automate user provisioning, deprovisioning, and role-based access control (RBAC) enforcement.
Security Logging & Monitoring
Configure log forwarding and alerting for real-time security analysis; Integrate Linux syslog, CloudWatch, and Security Event Logs for centralized monitoring; Implement custom security dashboards and reports for continuous monitoring and compliance tracking; Learn to deploy SIEM solutions (Splunk, ELK, Wazuh) to centralize security logs and detect threats;
Contact for pricing