Firas Miladi

Secured critical banking infrastructure processing more than 2 million daily transactions.

Implemented Zero Trust security controls across AWS and Azure environments.

Automated DevSecOps processes using Jenkins and Terraform.

Translated compliance requirements into technical controls including encryption, firewall rules, and access policies.

Managed secrets and privileged access using CyberArk.

Trained more than 15 engineers on security automation, helping reduce findings by 45%.

• · Zero Trust Architecture: Designed and implemented enterprise-scale Zero Trust infrastructure protecting 5+ criti- cal banking applications processing 2M+ daily transactions: IAM hardening and least-privilege controls, reduced privileged accounts by 40%, achieving full ISO 27001/PCI-DSS compliance.

• · Microsegmentation & Network Security: Deployed Illumio across 50+ production servers, creating policy-based segmentation with hardened DMZ & VLAN isolation: prevented unauthorized lateral movement across sensitive financial zones. . SIEM & Threat Detection: Led Splunk to OpenSearch/Logstash migration (500 GB+/day, 200+ sources), au- tomated correlation rules and alerting pipelines, reduced MTTD from 20h to 6h, integrated MITRE ATT&CK framework for structured threat hunting.

• · Observability: Deployed Dynatrace across 100+ servers and containers, engineered security dashboards, im- proving MTTR by 35%. . DevSecOps & Automation: Built Python/Bash/Ansible security automation framework: integrated SAST/DAST and vulnerability scanning in CI/CD pipelines, prevented critical vulnerabilities from reaching production across 15+ cloud migration projects (AWS/Azure).

• · Compliance: Translated EBIOS RM, GDPR, PCI-DSS, ISO 27001 into technical controls (encryption, firewall rules, access policies), zero critical findings across 4+ external audits, trained 15+ engineers on security au- tomation, reducing findings by 45%.