🇨🇦 Express Entry Candidate — eligible for Canadian work permit via AAIP Accelerated Tech Pathway. Open to relocation.
Professional Summary
Cloud Security Architect and DevSecOps lead with 7+ years designing enterprise infrastructure across AWS, Azure, GCP, Oracle Cloud, and on-prem. CISSP certified at 22. Deep expertise in Zero Trust architecture, IAM governance, Kubernetes security, SIEM/SOAR operations, and incident response. Built multi-cloud DevOps platforms supporting 50+ applications at 99.9% uptime and led FinOps across 800+ resources. Holds Canadian work experience (Markham, Ontario). Targeting Calgary, Alberta.
Core Competencies
Cloud Security (AWS · Azure · GCP)
DevSecOps & CI/CD Security
Kubernetes & Container Security
Zero Trust Architecture
IAM · RBAC · PAM · SSO
Threat Modeling (STRIDE)
SIEM / SOAR (Wazuh · Splunk)
Incident Response
Terraform / IaC
FinOps & Cost Optimization
Compliance (SOC 2 · ISO 27001)
Vulnerability Management
Professional Experience
ibex — Principal Software Engineer (DevOps) → Enterprise AI EnablementSep 2025 – Present
Karachi, Pakistan · Hybrid · Full-time
Driving the CTO's AI transformation agenda across 23 global sites — leading 8 parallel AI adoption tracks including SOC automation (SIEM/SOAR), infrastructure AI ops, and FinOps intelligence.
Built an Enterprise Synthetic Monitoring Platform (PULSE) from zero — multi-site, integrated with Datadog + SolarWinds, full-stack FastAPI + React dashboard with RBAC and SLA tracking; approved by VP leadership.
Leading FinOps across 800+ cloud resources — rightsizing, commitment planning, anomaly detection across multi-cloud estate.
Al Nafi International College — Lead CloudOps Manager (Canadian Experience)Mar 2025 – Dec 2025
🇨🇦 Markham, Ontario, Canada · Hybrid · Full-time
Led design and management of secure, scalable cloud infrastructure supporting 50+ apps at 99.9% uptime; built enterprise NOC/SOC from scratch (Wazuh SIEM · Grafana · Prometheus · ELK/EFK · Splunk).
Implemented IAM governance, risk assessment, and incident response procedures; drove 75% cloud cost reduction via FinOps and AI-powered automation.
Al Nafi — DevSysOps Lead ManagerJul 2024 – Mar 2025
🇨🇦 Markham, Ontario, Canada · Hybrid · Full-time
Led cross-functional dev/ops/security collaboration; defined organization-wide security policies including IAM and access control; mentored juniors — reduced supervision overhead 60% while raising team efficiency 165%.
Al Nafi — Senior Manager CIO-Ops · DevSysOps Engineer · Cloud & Network Manager (progression)Sep 2019 – Jun 2024
🇨🇦 Markham & Toronto, Ontario · Hybrid · 4.5+ years
Progressed through six roles (2019–2024): designed secure multi-cloud and private-cloud infrastructure; led security audits, penetration testing, and vulnerability assessments.
Deployed SIEM (Wazuh/Splunk) with SOAR-driven incident response; ensured ISO 27001/27017/27018, PCI-DSS, CIS Top 18, and SOC 2 compliance; drove encryption and API security standards.
SOCIRIS — Founder & CEOJan 2025 – Present
Karachi, Pakistan · sociris.com
Founded an AI-powered IDS/IPS platform — architecting detection engineering, SOAR workflows, incident response playbooks, and STRIDE threat modeling. Final-year university project.
Diploma in AI Operations (EduQual Level 6) — Al Nafi International College, Markham, Ontario, Canada · Grade A+
Advanced Cyber Security Diploma — IBA Karachi · 2026–Present
Key Certifications
CISSP — Certified Information Systems Security Professional · ISC² (earned at age 22)
ISO/IEC 27001:2022 Lead Auditor — Mastermind Assurance
AWS Advanced Networking — Specialty — Amazon Web Services
AWS Certified Security — Specialty — Amazon Web Services
Microsoft Cybersecurity Analyst Professional Certificate — Microsoft
Google Cybersecurity Professional Certificate — Google
Azure Security Engineer Associate — Microsoft
GCP Cloud Architect — Google Cloud
CKA — Certified Kubernetes Administrator · CNCF
CompTIA Security+ · Terraform Associate
90+ additional certifications across 15 issuers (Linux Foundation, Microsoft Learn Level 11, KodeKloud, CompTIA, Docker, and more): credly.com/users/matx104.
Key Projects
PULSE — Enterprise Synthetic Monitoring Platform: Multi-site synthetic monitoring across 23 sites, physical workstation model, Datadog + SolarWinds integration, FastAPI + React dashboard with RBAC and SLA tracking.
Sovereign Court — Production multi-agent AI automation: 10 autonomous agents, 150+ scheduled jobs, self-evolving memory system on Oracle ARM infrastructure, with real-time telemetry.