Jason Achkar Diab
Azure Fundamentals (AZ-900) | Security+ | MSc Cybersecurity (UoL, in progress)
Full-stack developer transitioning into cybersecurity with a secure-by-design mindset. Focused on Azure security, identity, detection engineering, and application security—bringing hands-on engineering experience into security work.
Current Focus
Security+, AZ-900, Google Cybersecurity
full-stack + secure-by-design practices
labs, detections, and secure patterns
Open to Opportunities
Cloud Security Engineer, Security Consultant, DevSecOps roles in Canada or remote
About Me
Developer transitioning to cybersecurity with a secure-by-design mindset.
I'm a software developer actively transitioning into cybersecurity, with a focus on cloud security (Azure), application security, and security operations. My background in full-stack development gives me a practical understanding of how to build secure systems from the ground up.
Currently pursuing a Master's in Cybersecurity at University of London while holding Security+ and AZ-900 certifications. I combine hands-on development experience with structured security learning to approach problems from both builder and defender perspectives.
My goal is to work in cloud security consulting, security engineering, or DevSecOps roles where I can help organizations design and implement secure cloud architectures, establish security automation, and build security into the development lifecycle.
Focus Areas
Core Strengths
Secure SDLC
Integrating security throughout the development lifecycle
Cloud Fundamentals
Azure architecture, services, and security controls
Identity & Access
Authentication, authorization, and privilege management
Risk Awareness
Identifying and mitigating security risks proactively
Communication
Translating technical security concepts for diverse audiences
Continuous Learning
Staying current with evolving threats and technologies
Certifications & Education
Structured learning path combining industry certifications with formal academic study in cybersecurity
Certifications
CompTIA Security+
CompTIA
Industry-standard certification covering core cybersecurity principles, threat analysis, risk management, and security controls across networks, applications, and cloud environments.
Key Skills
Microsoft Azure Fundamentals (AZ-900)
Microsoft
Foundational certification demonstrating knowledge of cloud services, Azure architecture, security, privacy, compliance, and trust in Microsoft Azure.
Key Skills
Google Cybersecurity Professional Certificate
Google / Coursera
Comprehensive program covering security fundamentals, network security, Linux, Python automation, threat detection with SIEM tools, and incident response procedures.
Key Skills
Education
Master of Science in Cybersecurity
University of London
Online • 2025 - Present
Highlights
- Graduate-level study of cybersecurity principles, risk management, and security governance
- Focus on secure systems design, software security, and network security concepts
- Academic grounding in cryptography, cybercrime, and information security management
- Developing analytical and research skills applicable to cybersecurity consulting and engineering roles
Relevant Coursework
Bachelor of Science in Computer Science
Concordia University
Montreal, QC • 2022 - 2025
Highlights
- Strong foundation in computer science, software engineering, and systems programming
- Hands-on experience designing and implementing web applications and backend services
- Studied core networking and operating systems concepts relevant to cybersecurity
- Developed analytical problem-solving skills through algorithms and data structures coursework
Relevant Coursework
Professional Experience
Secure software development with a focus on building resilient systems and integrating security throughout the SDLC
Full-Stack Web Developer
SES & Technologies Ltd.
Key Achievements
- Built and maintained Angular (v17+) and ASP.NET Core applications with clean, scalable patterns
- Implemented APIs with strong validation and reliable error handling
- Improved delivery quality through CI/CD automation in Azure DevOps
Security Highlights
- Applied secure-by-design patterns (RBAC mindset, least privilege, secure defaults)
- Contributed to quality gates and automated checks in CI/CD
- Strengthened observability practices that support incident triage and auditability
Technologies
Full-Stack Software Developer Intern
Genetec Inc.
Key Achievements
- Improved platform features with scalable .NET services and real-time updates
- Contributed tests and pipeline improvements in Azure DevOps
Security Highlights
- Worked with HTTPS enforcement and secure service practices in backend work
- Built habits around logging, testing, and reliability that translate directly to security engineering
Technologies
Applications Engineer Intern
Matrox Graphics Inc.
Key Achievements
- Built internal tools that automated troubleshooting and support workflows
Security Highlights
- Built tooling with reliability in mind: structured troubleshooting flows and safer operational outcomes
Technologies
Featured Projects
Cybersecurity projects demonstrating security architecture, threat detection, and secure development practices
DevSecOps CI/CD Security Gates
DevSecOps implementation & automation
Reference CI/CD pipeline integrating security tools: SAST scanning with SonarQube, dependency vulnerability checking, container scanning, infrastructure-as-code security validation, and automated security testing gates.
SIEM Detection Pack (Microsoft Sentinel)
Detection engineering & threat hunting
Collection of KQL-based detection rules for Azure Sentinel targeting common attack patterns. Includes detections for suspicious authentication, privilege escalation, lateral movement, and data exfiltration with MITRE ATT&CK mapping.
Secure API Gateway Pattern
Secure architecture & implementation
Production-ready API gateway implementing security controls: JWT authentication, rate limiting, request validation, SQL injection prevention, XSS protection, and comprehensive logging. Demonstrates OWASP API Top 10 mitigations.
Azure Secure Landing Zone Baseline
Security architecture & infrastructure automation
Infrastructure-as-Code implementation of Azure landing zone with security best practices. Includes network segmentation, Azure Policy enforcement, RBAC configuration, centralized logging to Log Analytics, and compliance monitoring.
Threat Model: CRM Web Application
Security analysis & risk assessment
Comprehensive threat model for a multi-tenant CRM system using STRIDE methodology. Includes data flow diagrams, trust boundaries, threat identification, risk assessment, and prioritized mitigation strategies with implementation guidance.
Cloud Security Hardening Checklist
Security compliance & automation
CIS Benchmark-aligned security hardening guide for Azure and AWS environments. Covers identity management, network security, encryption, logging, compliance, and automated verification scripts for continuous compliance monitoring.
More projects and labs in development. Check my GitHub for the latest updates.
Interactive Security Showcases
Explore fully functional cybersecurity tools and demonstrations. Each showcase demonstrates real detection engineering, threat modeling, and security architecture skills with actual working implementations.
Real Implementations, Not Mockups
These showcases feature fully functional implementations with real data processing, detection algorithms, and security analysis capabilities. All detection rules, query engines, and threat models are built from scratch to demonstrate deep technical understanding of security engineering principles.
Real-World Security Solutions
Detailed case studies showcasing security challenges, analysis, implementation, and measurable impact
Writeups & Learning
Technical articles, research notes, and documentation from my cybersecurity learning journey
Building a Secure Azure Landing Zone
A practical guide to implementing Azure security best practices, including network segmentation, identity governance, and compliance policies using Azure Policy and Blueprints.
OWASP API Security Top 10: Practical Mitigations
Deep dive into each of the OWASP API Security Top 10 vulnerabilities with real-world examples and actionable mitigation strategies for Node.js and .NET applications.
Threat Modeling a Multi-Tenant SaaS Application
Step-by-step walkthrough of applying STRIDE methodology to identify threats in a multi-tenant CRM system, with data flow diagrams and mitigation planning.
Detection Engineering with Microsoft Sentinel
Building effective KQL queries for Azure Sentinel to detect suspicious authentication patterns, lateral movement, and privilege escalation attempts.
CompTIA Security+ Study Notes & Labs
Comprehensive study guide covering all Security+ exam objectives with hands-on lab exercises, practice scenarios, and memory aids for key concepts.
Common OAuth 2.0 Misconfigurations and Exploits
Analysis of real-world OAuth implementation flaws including redirect URI validation bypass, state parameter issues, and token leakage scenarios.
Implementing Security Gates in CI/CD Pipelines
Practical guide to integrating SAST, dependency scanning, and container security tools into GitHub Actions and Azure DevOps pipelines.
Securing Azure Entra ID (formerly Azure AD)
Best practices for configuring Conditional Access policies, MFA, Privileged Identity Management, and identity protection in Azure Entra ID.
More writeups and technical content coming soon. Follow my learning journey on GitHub.
Get In Touch
Interested in cloud security, cybersecurity consulting, or DevSecOps roles? Let's connect. Open to opportunities in Canada and remote positions.
Drop a line
Links
Prefer async? Reach out via email or socials. Resume is available to preview or download.