Hello! 👋

I'm Abhijit Thakur

Senior DevSecOps & Cloud Security Engineer

About Me

Security and DevSecOps engineer with over 16 years of experience hardening regulated cloud environments. At IBM Cloud, I secure an observability platform spanning 20+ OpenShift clusters and 5,500+ nodes, embedding SAST/DAST into CI/CD pipelines and leading audit certifications across SOC 2, PCI-DSS, HIPAA, ISO 27001, and FedRAMP. My background spans container security, compliance automation, Kubernetes, and the intersection of security with AI infrastructure. I build practical tools that solve real deployment problems rather than demos.

DevSecOps Cloud Security Kubernetes CI/CD Pipeline Security SOC 2 / PCI-DSS Python Bash Terraform

Projects

01

ComplianceGuard

AI-powered compliance drift detection agent that scans containerized infrastructure against declarative YAML policies, classifies violations with Claude AI, and generates PCI-DSS v4.0 auditor-ready evidence reports with guided remediation.

PythonDockerClaude AIPCI-DSS
Live Demo Source Code
02

DrinkFinder

Next.js application that compares real in-store drink prices from local retailers to help users find the cheapest options nearby.

Next.jsTypeScript
Live Demo Source Code
03

Go InfoSec Lab

Collection of Go-based security utilities — entropy analyzer, hash cracker, and subnet calculator — for hands-on infosec experimentation.

GoSecurity
Source Code
04

Personal Dietician

Full-stack AI-powered nutrition and meal planning app with computer vision food logging, workout-aware scheduling, and real-time macro tracking.

PythonFastAPIClaude AIKubernetes
Live Demo Source Code

Experience

Senior DevSecOps / Cloud Security Engineer

IBM Cloud

Sep 2016 - Present
  • Secured a microservices platform across 20+ OpenShift clusters and 5,500+ nodes, enforcing mTLS, RBAC, namespace isolation, and pod security constraints supporting 1M+ log lines/hour at 99% uptime SLA.
  • Hardened CI/CD pipelines by integrating SAST (SonarQube, Mend) and DAST (OWASP ZAP) scanning, dependency checks, and policy-enforced deployment validation with automated rollback.
  • Led audit certifications (SOC 2, HIPAA, PCI-DSS, ISO 27001, FedRAMP) achieving 100% compliance across IBM Public Cloud PaaS; served as primary security liaison with auditors.

Technical Analyst, Identity and Access Management

FedEx Services

Jan 2013 - Sep 2016
  • Led enterprise-wide Web SSO implementation using SAML, OAuth 2.0, and OIDC via PingFederate, enabling secure authentication across 100+ internal and external applications.
  • Managed and upgraded PingFederate to support high-volume authentication for 50+ vendor integrations while enforcing SHA-2/TLS 1.2 security standards.
  • Managed SSL certificate lifecycle across Apache, WebLogic, and PingFederate servers, reducing unplanned downtime for critical authentication services.

Education

Master of Science, Computer Science

University of Memphis

2011 - 2012

    Bachelor of Engineering, Computer Science

    University of Pune, India

    2005 - 2008

      Resume

      Download my resume

      PDF format

      Download Resume