I am a Cloud Security Engineer currently working at Chicago EAC, holding a Master of Engineering in Cybersecurity from the University of Maryland (GPA: 3.70). I specialise in AWS security architecture, threat detection, penetration testing, and DevSecOps - with hands-on experience spanning red team, blue team, and cloud engineering disciplines.

My certification stack reflects depth across the full security domain: OSCP/OSCP+ (first attempt, 100/100), AWS Certified Security Specialty (SCS-C02), AWS Solutions Architect Associate (SAA-C03), CompTIA CySA+, CompTIA Security+, and eJPT. My competitive rankings tell a consistent story - 4th Worldwide in the Amazon AppSec CTF 2025, 18th Worldwide in the Wiz Cloud Security Championship (600+ participants), 878th Worldwide on HackTheBox, 100th Worldwide on CTFTime, 780th on YesWeHack, and Top 10% Worldwide on TryHackMe.

In my current role I have enforced API security controls that reduced the exposed attack surface by 67% (3 endpoints to 1), remediating confirmed injection vulnerabilities through input validation, rate limiting, and authentication enforcement. I lead threat modeling sessions mapped to NIST CSF risk categories, prioritising remediation by exploitability and business impact. Previously, as a Cloud Engineer with a security focus, I cut false-positive alert volume by 30% through systematic Splunk and ELK Stack tuning, and automated incident response workflows with AWS Lambda and EventBridge that achieved an 83% reduction in weekly remediation time (6 hours → 1 hour).

I have built and documented 11 end-to-end security projects: a multi-tier AWS e-commerce architecture (VPC segmentation, WAF, CloudFront, Terraform IaC) serving 10,000+ users; an EKS microservices deployment with OpenTelemetry, Prometheus, and Grafana observability; a cloud-native PKI using AWS Private CA; a Zero Trust remote access platform (Apache Guacamole + Cloudflare Tunnel); a complete DFIR investigation with malware reverse engineering and VeraCrypt forensics; a DevSecOps CI/CD pipeline (Jenkins, SonarQube, Trivy, ArgoCD) achieving 98% policy compliance and blocking 100% of critical vulnerabilities from production; and a healthcare infrastructure redesign applying STRIDE threat modeling against HIPAA and NIST CSF. A Python-based SIEM automation framework I built improved anomaly detection accuracy by 40% and measurably reduced MTTD/MTTR.

This site documents 40+ technical writeups covering HackTheBox machines (Active Directory, binary exploitation, SSRF, RCE), AWS misconfiguration research (flAWS, flAWS2, IMDSv2 SSRF), Wiz Championship challenges (container escapes, Kubernetes lateral movement, Terraform state race conditions, supply chain vulnerabilities), original CVE analysis, and detailed exam prep guides for OSCP, AWS SAA, and Security+.

I am open to Cloud Security Engineer, Security Architect, and DevSecOps roles, as well as research collaborations and knowledge-sharing. Reach out at reachout@arbaazjamadar.com or connect on LinkedIn.