Experiences

From Code to Architecture - Professional Milestones
Evolved from Java backend development to end-to-end platform ownership. Today as a Senior DevOps & Cloud Security Engineer I design and develop secure, scalable, cost-effective cloud platforms.
Work Experiences
Standardbank logo

Standardbank

Senior DevOps/Cloud Security Engineer

March 2023 - Present

  • Designed and implemented secure, highly available cloud architectures across AWS, Azure, and GCP, aligning with enterprise security baselines and audit requirements.
  • Automated infrastructure provisioning with Terraform and Ansible, reducing manual provisioning effort, eliminating configuration drift, and enabling consistent environments across dev to prod.
  • Drove cloud cost optimization by rightsizing instances, eliminating underutilized resources, and leveraging storage and reservation strategies, improving cost efficiency while meeting SLOs.
  • Containerized legacy applications with Docker and migrated them to Kubernetes (EKS/GKE/AKS), improving scalability and standardizing deployment patterns across multiple regions and clouds.
  • Implemented CSPM across AWS Security Hub, GCP Security Command Center for Cloud to continuously detect misconfigurations and enforce organizational security and compliance.
  • Strengthened cloud identity security with IAM least privilege, role-based access, and periodic access reviews; reduced standing privileges where possible.
  • Integrate robust security controls into cloud architectures by embedding industry-specific compliance standards such as HIPAA, GDPR, ISO 27001, PCI DSS, NIST, and CIS to mitigate vulnerabilities and protect critical data.
  • Designed and maintained end-to-end CI/CD pipelines (Jenkins, Argo CD) with automated testing, scanning, and approval workflows, shortening release cycles and improving deployment reliability.
  • Managed identity and access management (IAM) across cloud environments, implementing the principle of least privilege and role-based access control (RBAC) for users and services.
  • Established centralized observability stack using Prometheus, Grafana, Loki, and CloudWatch; built actionable dashboards and alerts that enabled faster detection and diagnosis of performance and availability issues.
  • Improved Kubernetes security posture through RBAC hardening and cluster controls (e.g., Pod Security standards / admission policies) aligned to CIS benchmarks.
  • Embedded shift-left security into delivery pipelines via SonarQube Quality Gates, SAST/DAST (Checkmarx/Veracode/OWASP ZAP), and container scanning (Trivy/Prisma) with fail-fast policies, preventing vulnerable builds from reaching production.
General Electric (GE) logo

General Electric (GE)

DevSecOps/SRE Engineer

Jan 2019 - Feb 2021

  • Designed and operated AKS-based platforms and automated delivery workflows with Spinnaker and Jenkins, enabling consistent, repeatable deployments to multiple environments.
  • Utilized Spinnaker for automated deployments and builds across various environments, leveraging Drone as the continuous integration tool.
  • Collaborated with the team to develop a tool that automates pipeline creation on Spinnaker for deploying applications to AKS clusters.
  • Developed APIs in Go to customize AKS clusters, enabling namespace and pod-level billing reports.
  • Built tooling in Go to extend AKS capabilities, including namespace/pod-level billing visibility, helping product teams understand and optimize their cloud spend.
  • Implemented container monitoring with Prometheus and Grafana, defining key metrics and alerts that improved visibility into application performance and resource usage.
  • Provisioned GCP dev/stage/prod environments with Terraform and shipped services to GKE, securing them with Cloud IAM, Security Command Center, VPC Service Controls, and Cloud Monitoring/Logging.
  • Automated infrastructure workflows using Terraform + Ansible + shell scripts, reducing manual change time by 40% and mitigating configuration drift between environments.
  • Remediated critical security findings surfaced by Security Hub/SCC/Defender/Prisma Cloud and enforced CIS Benchmark-aligned policies via OPA/Sentinel pre-merge checks, strengthening the security posture.
  • Implemented SSO and MFA for engineering users, and standardized application authentication using OAuth2/OIDC, strengthening identity security while keeping developer experience smooth.
  • Created SLIs/SLOs and tuned alerting policies, reducing alert noise and cutting MTTR from 45 minutes to 18 minutes for high-severity incidents through better detection, routing, and playbooks.
  • Implement scalable, secure, and cost-effective GCP cloud infrastructures using Terraform to build dev, staging and prod environment, ensuring consistency and scalability and high availability.
  • Containerized applications with Docker for efficient deployment across environments GKE.
  • Designed and implemented scalable services on GKE, enhancing performance and security.
  • Configured and managed Kubernetes networking for optimal performance and security.
  • Utilized shell scripts and Ansible within Terraform to automate software provisioning
  • Utilized Maven for build automation, producing deployable artifacts from source code
  • Implement robust security controls and compliance best practices by leveraging Cloud IAM, Security Command Center, and VPC Service Controls, while continuously monitoring system health with Cloud Monitoring and Cloud Logging for proactive threat detection and incident response.
Mastercard logo

Mastercard

DevSecOps|SRE Engineer

March 2021 - March 2023

  • Integrated SAST, DAST, and SCA tools (Checkmarx, SonarQube) into CI/CD pipelines, shifting security left and reducing vulnerability discovery in production by enforcing quality and security gates.
  • Automated infrastructure creation using Terraform and configuration management via Ansible, significantly decreasing manual changes and increasing repeatability and auditability of infrastructure changes.
  • Conducted regular security audits, vulnerability assessments, and continuous risk assessments through proactive threat modeling, ensuring robust cloud security posture and compliance with industry standards.
  • Implemented security automation for misconfiguration detection and remediation using policy-as code and pipeline enforcement.
  • Designed and implemented HA and DR architectures with clear RPO/RTO objectives and controlled rollout strategies (blue-green, canary), supporting 99.99% availability for payment-critical services.
  • Introduced SLIs/SLOs and tuned alerting policies, reducing alert noise and cutting MTTR from 45 minutes to 18 minutes for high-severity incidents through better detection, routing, and playbooks.
  • Enforced secure infrastructure via IaC scanning (Terraform/CloudFormation) and policy-as-code (OPA, Sentinel), preventing non-compliant resources from being deployed.
  • Developed Groovy, Shell, and Python tooling to auto-remediate common pipeline issues, enforce branching and naming conventions, and reduce repetitive toil for engineers.
  • Managed Linux administration tasks with Ansible, ensuring seamless deployment and configuration management and maintained Linux deb and rpm packages, facilitating smooth software updates.
  • Set up centralized logging and security monitoring using CloudTrail, Azure Monitor, Stackdriver, and SIEM integrations, improving traceability and enabling faster security investigations.
  • Embedded OWASP Top 10 checks and secure SDLC practices into CI/CD pipelines, ensuring application changes were threat-modeled, code-reviewed and scanned before reaching production.
IBM logo

IBM

Java Developer

Feb 2017 - Nov 2017

  • Developed and maintained backend services using Java and Spring Boot.
  • Implemented automation testing for both services and UI to maintain deployment quality.
  • Managed version control and code collaboration using Git.
  • Built and maintained reusable JavaScript/TypeScript UI libraries and state management solutions, enhancing code maintainability, developer productivity, and user experience.
  • Developed dynamic, server-side rendered applications with Next.js and React.js, leveraging TypeScript for type-safe components, optimized performance, and improved SEO.
  • Configured and maintained CI/CD pipelines with Jenkins for automated builds and deployments
  • Utilized JPA for database interactions and managed SQL/PLSQL and PostgreSQL databases.

What My Clients Say

Feedback from professionals I've collaborated with
"
A

Akram brings to work a sense of energy and zest that would be invaluable to any team he is a member of. I worked with him and impressed by his time management skills, innate ability to work hard and his commitment to the task at hand. His sharpness of mind, organisational experience and strong problem-solving skills lend him a versatility at the workplace that is rare to find and hard to replace. Combined with his ever-cheerful disposition, these assets of personality make him a great colleague to have. Shadab possesses a rare blend of skills, excelling in Java API development, DevOps, DevSecOps, and cloud security. His ability to design, develop, and optimize APIs while ensuring robust security measures is truly commendable. He has consistently delivered high-quality solutions that not only meet business needs but also adhere to industry-leading security and compliance standards. One of his standout qualities is his ability to seamlessly integrate security into DevOps workflows (DevSecOps), ensuring that security is not an afterthought but an inherent part of the development lifecycle. His expertise in automation, CI/CD pipelines, infrastructure as code (IaC), and cloud security frameworks enables teams to deploy secure, scalable, and efficient solutions with confidence. Beyond his technical capabilities, Shadab is a collaborative team player and a proactive problem solver. I strongly recommend Shadab Akram for any organization looking to enhance its cloud security, DevOps, DevSecOps capabilities.

Abhijit Nayak

Solutions Architect, Standard Bank

"
A

Akram brings to work a sense of energy and zest that would be invaluable to any team he is a member of. I worked with him and impressed by his time management skills, innate ability to work hard and his commitment to the task at hand. His sharpness of mind, organisational experience and strong problem-solving skills lend him a versatility at the workplace that is rare to find and hard to replace. Combined with his ever-cheerful disposition, these assets of personality make him a great colleague to have.

Arjun MA

Senior Consultant, IBM

"
S

Shadab's DevSecOps implementation transformed our deployment process. His attention to detail and proactive approach to security made him an invaluable asset to our team.

Samuel Stevens

Solutions Architect, Mastercard

"
V

Shadab's cloud architecture expertise helped us optimize our infrastructure costs while improving performance. His technical knowledge and communication skills are exceptional.

Vikram Kumar Pundir

Sr. DevOps & SRE Engineer, Standard Bank

Experiences.