| 🏆 Achievement | 📊 Stats | 🎯 Focus |
|---|---|---|
| Youngest CISSP @ 22 | 7+ Years Experience | Cloud Security |
| ISACA Member | Multi-Cloud Expert | DevSecOps |
| Open Source Contributor | Security Automation | Zero Trust |
- ⚡ Quick Highlights
- 🌐 Connect with Me
- 🌟 About Me
- 🎯 My Journey
- 🏆 Certifications & Achievements
- 🛠️ Technical Arsenal
- 📈 Weekly Development Breakdown
- 💼 Professional Focus
- 🚀 Featured Projects
- 📊 GitHub Analytics
- 🎵 Vibing To
- 📝 Latest Blog Posts
- 💡 Fun Facts About Me
- 📚 Inspirational Wisdom
- 🎮 Beyond The Terminal
- 🌍 Languages
- 📚 Islamic Ethos
- ☕ Support My Work
name: Muhammad Abdullah Bin Tariq role: DevSecOps Engineer location: Pakistan 🇵🇰 education: Cybersecurity & Cloud Computing ethos: "Get better every day, conquer yourself, then the World 💪" motto: "الله ورسوله أولاً، ثم عائلتي" current_mission: | Building secure, scalable cloud infrastructure while advancing DevSecOps best practices approach: | Security-first mindset in everything I build Automation over manual intervention Continuous learning and improvement fun_facts: - 🎯 I automate everything I can - 🧩 Puzzle solver at heart - ☕ Coffee-powered engineer - 🌙 Night owl coder- 🔐 Mastering: Terraform for Infrastructure as Code, Ansible for Configuration Management
- ☸️ Deepening: Kubernetes Security, Service Mesh (Istio/Linkerd), and Cloud-Native Security
- ☁️ Architecting: Multi-cloud strategies across AWS, GCP, and Azure
- 🛡️ Specializing: Red Team, Blue Team, and Purple Team operations
- 📝 Sharing: Writing technical articles on Medium about DevSecOps and Cloud Security
- 🌱 Learning: Advanced threat modeling, zero-trust architecture, and SBOM (Software Bill of Materials)
- ☁️ Cloud Security Architecture (AWS/GCP/Azure)
- 🔐 DevSecOps Pipeline Implementation
- ☸️ Kubernetes Security & Hardening
- 🛡️ Penetration Testing & Vulnerability Assessment
- 🔴 Red Team, 🔵 Blue Team, 🟣 Purple Team Strategies
- 🐳 Container Security & Supply Chain Security
- 📊 Security Monitoring & Incident Response
- 🔧 Infrastructure as Code (Terraform/Ansible)
timeline title Career Journey of Muhammad Abdullah Bin Tariq section Education & Early Career 2019 : Started Cybersecurity Journey : First security certifications 2020 : Deep dive into Cloud Computing : AWS & Azure fundamentals section Professional Growth 2021 : DevOps transformation : CI/CD pipeline mastery 2022 : CISSP Certified at 22 🏆 : Youngest graduate achievement section Current & Future 2023 : DevSecOps Leadership : Multi-cloud security architect 2024 : Cloud Security Innovation : Zero Trust implementation 2025 : Next Goals: CISA & CISM : Building the future of security | 🎓 Education | 🏆 Certifications | 🚀 Current Role |
²_Certified-006400?style=for-the-badge&logo=isc2&logoColor=white){kind=icon}
🔐 (ISC)² Certifications
| Status | Certification | Description | Target |
|---|---|---|---|
| ✅ | CISSP | Certified Information Systems Security Professional | 2022 ✓ |
| ✅ | CC | Certified in Cybersecurity | 2022 ✓ |
| 🎯 | CCSP | Certified Cloud Security Professional | 2025 |
| 🎯 | ISSMP | Information Systems Security Management Professional | 2025 |
| 🎯 | ISSEP | Information Systems Security Engineering Professional | 2026 |
| 🎯 | ISSAP | Information Systems Security Architecture Professional | 2026 |
| 🎯 | CGRC | Certified in Governance, Risk and Compliance | 2025 |
📊 ISACA Certifications (GRC Focus)
| Status | Certification | Description | Target |
|---|---|---|---|
| 🎯 | CISA | Certified Information Systems Auditor | 2025 |
| 🎯 | CISM | Certified Information Security Manager | 2025 |
| 🎯 | CRISC | Certified in Risk and Information Systems Control | 2025 |
| 🎯 | CGEIT | Certified in Governance of Enterprise IT | 2026 |
| 🎯 | CDPSE | Certified Data Privacy Solutions Engineer | 2026 |
🔴 Offensive Security Certifications
| Status | Certification | Description | Target |
|---|---|---|---|
| 🎯 | CEH | Certified Ethical Hacker (EC-Council) | 2025 |
| 🎯 | OSCP | Offensive Security Certified Professional | 2025 |
| 🎯 | OSWE | Offensive Security Web Expert | 2026 |
| 🎯 | OSCE³ | Offensive Security Certified Expert | 2026 |
| 🎯 | GPEN | GIAC Penetration Tester | 2026 |
| 🎯 | GWAPT | GIAC Web Application Penetration Tester | 2026 |
🌐 Cisco Networking Certifications
| Status | Certification | Description | Target |
|---|---|---|---|
| 🎯 | CCNA | Cisco Certified Network Associate | 2025 |
| 🎯 | CCNP Security | Cisco Certified Network Professional Security | 2026 |
| 🎯 | CCIE Security | Cisco Certified Internetwork Expert Security | 2027 |
☁️ Cloud Security Certifications
| Status | Certification | Description | Target |
|---|---|---|---|
| 🎯 | AWS Security Specialty | AWS Certified Security - Specialty | 2025 |
| 🎯 | Azure Security Engineer | Microsoft Certified: Azure Security Engineer | 2025 |
| 🎯 | GCP Security Engineer | Google Professional Cloud Security Engineer | 2025 |
| 🎯 | CKS | Certified Kubernetes Security Specialist | 2025 |
| 🏛️ Governance | | 📋 Compliance |
- 🏅 Youngest CISSP Graduate at Age 22 - Aiming to be the youngest CISA and CISM certified professional
- 🔐 DevSecOps Expertise - Successfully implemented security automation across CI/CD pipelines
- ☁️ Multi-Cloud Architecture - Designed and deployed secure infrastructure across AWS, Azure, and GCP
- 📝 Technical Writer - Regular contributor to cybersecurity and DevOps communities on Medium
- 🌍 Open Source Advocate - Active contributor to security and DevOps open-source projects
🚀 Click to Expand/Collapse Technical Skills
DevSecOps ██████████████░░░░░░░░░ 35.2% Cloud Security █████████████░░░░░░░░░░░ 30.8% IaC/Terraform ████████░░░░░░░░░░░░░░░░ 15.5% Kubernetes █████░░░░░░░░░░░░░░░░░░░ 10.2% Documentation ██░░░░░░░░░░░░░░░░░░░░░░ 5.3% Other █░░░░░░░░░░░░░░░░░░░░░░░ 3.0% 💼 Work Focus: ├── 🔐 Security Automation - 12+ hrs ├── ☁️ Cloud Infrastructure - 10+ hrs ├── 🐳 Container Security - 8+ hrs ├── 📊 Monitoring & Observability - 6+ hrs └── 📝 Documentation & Blogs - 4+ hrs 🛠️ Technologies Used: ├── Terraform & Ansible ████████████░░░░ 40% ├── Kubernetes & Docker ██████████░░░░░░ 35% ├── Python & Bash ████████░░░░░░░░ 20% └── Go & JavaScript ██░░░░░░░░░░░░░░ 5%
|
|
| Project | Description | Tech Stack |
|---|---|---|
| 🛡️ Cloud Security Automation | Automated security scanning and remediation for multi-cloud environments | Python, Terraform, AWS, Azure |
| 🐳 Container Security Pipeline | Complete DevSecOps pipeline with container scanning and policy enforcement | Docker, Kubernetes, Trivy, OPA |
| 📊 Security Monitoring Platform | Centralized security monitoring and incident response system | Prometheus, Grafana, ELK, Wazuh |
| 🔧 IaC Security Templates | Secure Infrastructure as Code templates with built-in compliance | Terraform, CloudFormation, Ansible |
| 🚨 Automated Threat Detection | ML-based threat detection and response automation | Python, TensorFlow, SIEM Integration |
📈 More GitHub Metrics
🎧 Music genres I code to:
Lo-Fi Nasheed Classical Ambient Electronic OST Soundtrack
📚 Recent Articles on Medium
| Title | Topic | Date |
|---|---|---|
| 🔐 DevSecOps Best Practices in 2024 | Security, DevOps | Latest |
| ☁️ Multi-Cloud Security Architecture | Cloud, Security | Recent |
| 🐳 Container Security Deep Dive | Kubernetes, Security | Recent |
| 🛡️ Zero-Trust Implementation Guide | Security, Architecture | Recent |
| 🌙 Night Owl I do my best coding between 10 PM - 4 AM | ☕ Coffee Addict Approximately 4-6 cups per day while coding | 🎯 Automation Freak If I do it twice, I automate it! | 🧩 Puzzle Solver I see security as an endless puzzle |
| 📚 Constant Learner Always reading or taking courses | 🏃 Multi-Sport Athlete 9 sports and counting! | 🌍 Polyglot Speaking 7 languages | 🎮 Fighting Game Fan Leroy Smith main in Tekken |
class MatX104: def __init__(self): self.name = "Muhammad Abdullah Bin Tariq" self.alias = "Monarch+_+MAT" self.role = "DevSecOps Engineer" self.code = ["Python", "Bash", "Go", "JavaScript", "TypeScript"] self.tools = ["Terraform", "Ansible", "Kubernetes", "Docker"] self.cloud = ["AWS", "Azure", "GCP"] self.current_focus = "Building Zero Trust Architecture" def say_bismillah(self): return "بِسْمِ اللهِ الرَّحْمٰنِ الرَّحِيْم" def daily_routine(self): return { "morning": "☀️ Fajr Prayer → Coffee → News", "day": "💻 Code → Security Reviews → Meetings", "evening": "🏃 Exercise → Family Time → Reading", "night": "🌙 Deep Work → Learning → Sleep" } def life_goals(self): return [ "🎯 Become youngest CISA & CISM", "📚 Write a cybersecurity book", "🌍 Build a security community", "💼 Start a security consultancy" ] me = MatX104()
|
|
|
|
| 📖 The Holy Quran  The ultimate source of guidance, wisdom, and truth. The foundation of my life, decisions, and character.
| 📚 Hadith Collections  The teachings and practices of Prophet Muhammad ﷺ that guide my daily conduct and professional ethics.
|
| 🗡️ The Book of Five Rings Miyamoto Musashi  The way of strategy, the art of combat, and the philosophy of the warrior. Musashi's timeless wisdom on mastery, discipline, and the pursuit of excellence. "You must understand that there is more than one path to the top of the mountain." | 👑 The 48 Laws of Power Robert Greene  Understanding the dynamics of power, influence, and human nature. Essential reading for navigating complex professional environments. "Never outshine the master... but always be ready to take their place." | 🦁 The Prince Niccolò Machiavelli  The foundational text on political strategy and leadership. Understanding power dynamics and the art of governance. "It is better to be feared than loved, if you cannot be both." |
| 🎭 The Art of Seduction Understanding influence and persuasion dynamics | ⚔️ The 33 Strategies of War Strategic thinking for business and life challenges | 🎯 Mastery The path to becoming world-class at any skill | 🌊 The Laws of Human Nature Deep understanding of human psychology |
| 🏛️ Meditations Marcus Aurelius Stoic philosophy and self-discipline from a Roman Emperor | ☯️ The Art of War Sun Tzu Ancient Chinese military strategy applicable to business and security | 🧠 Thinking, Fast and Slow Daniel Kahneman Understanding cognitive biases and decision-making | 🔥 Extreme Ownership Jocko Willink Leadership lessons from Navy SEALs |
| 🔒 The Web Application Hacker's Handbook Essential for web security | 🛡️ The Art of Intrusion Kevin Mitnick Real-world hacking stories | ☁️ Cloud Security Handbook Cloud architecture security | 🔴 Red Team Field Manual Penetration testing reference |
🛠️ Monitoring & Logging Arsenal (Click to expand)
- Grafana - Visualization and analytics
- Prometheus - Metrics and alerting
- Zabbix - Enterprise monitoring
- Nagios Core - Infrastructure monitoring
- Thanos - Prometheus long-term storage
- Jaeger - Distributed tracing
- Loki - Log aggregation
- Alertmanager - Alert handling
- VictoriaMetrics - Time series database
- Weave Scope - Container monitoring
- Netdata - Real-time performance monitoring
- Node Exporter - Hardware and OS metrics
- cAdvisor - Container metrics
- Kube-Prometheus - Kubernetes monitoring stack
- Kibana - Log visualization
- Fluentd - Log collection
- Fluent Bit - Lightweight log processor
- Splunk - Enterprise log management
- LogicMonitor - Infrastructure monitoring
- Site24x7 - Application performance monitoring
- New Relic - Application performance monitoring
- Sysdig - Container intelligence
- OpenTelemetry - Observability framework
- Sentry - Error tracking
🔒 Network Security & Penetration Testing Tools (Click to expand)
- pfSense - Open source firewall
- OPNsense - Firewall and routing platform
- Cisco ASA - Enterprise firewall
- PacketFence - Network access control
- OpenVAS - Vulnerability scanner
- Qualys - Cloud security & compliance
- Nessus - Vulnerability scanner
- Burp Suite Pro - Web application security
- OWASP ZAP - Web app security scanner
- Metasploit - Penetration testing framework
- Kali Linux - Penetration testing distribution
- Parrot OS - Security testing platform
- BlackArch Linux - Penetration testing distribution
- Atomic Red Team - Security testing framework
- Wireshark - Network protocol analyzer
- NMAP - Network discovery
- Trivy - Container vulnerability scanner
- ClamAV - Antivirus engine
- OSSEC - Host-based intrusion detection
- Tripwire - File integrity monitoring
- Samhain - HIDS and file integrity checker
- AWS GuardDuty - Threat detection service
- Webmin - Web-based system administration
- Auvik - Network management
- ManageEngine OpManager - Network monitoring
- Observium - Network monitoring platform
- LibreNMS - Auto-discovering network monitoring
- Icinga 2 - Monitoring system
- Checkmk - IT monitoring
- Munin - Network monitoring
- NetXMS - Network management system
- Ntopng - Traffic analysis
- OpenNMS - Network management
- Ganglia - Distributed monitoring system
- Monit - Unix system monitoring
- Shinken - Monitoring framework
🏗️ Infrastructure & Management Platforms (Click to expand)
- MeshCentral - Remote management
- RPort - Remote access solution
- Rust Desk - Remote desktop software
- Guacamole - Clientless remote desktop gateway
- PiKVM - KVM over IP
- Snipe-IT - IT asset management
- GLPI - IT service management
- ERPNext - Enterprise resource planning
- Plane - Project management
- Portainer-CE - Container management
- Docker Compose - Multi-container orchestration
- Velero - Kubernetes backup
- Vaultwarden - Password management
- Authentik - Identity provider
- Netbird - VPN platform
- NextCloud - File hosting
- Atera - IT management platform
- NinjaOne - IT operations software
- AppNeta PathTest - Network testing
🔄 CI/CD & DevSecOps Ecosystem (Click to expand)
- Jenkins - Automation server
- GitLab CI/CD - Built-in CI/CD
- GitHub Actions - Workflow automation
- CircleCI - Continuous integration
- Travis CI - CI service
- ArgoCD - GitOps continuous delivery
- Tekton - Cloud-native CI/CD
- Octopus - Deployment automation
- Docker - Containerization
- Kubernetes - Container orchestration
- Helm - Kubernetes package manager
- Istio - Service mesh
- Linkerd - Service mesh
- Telepresence - Local Kubernetes development
- Trivy - Container security scanner
- Snyk - Developer security platform
- SonarQube - Code quality analysis
- Vault - Secrets management
- Sysdig - Container security
- Aqua Security - Container security platform
- Prometheus - Monitoring system
- Grafana - Visualization platform
- New Relic - Application monitoring
- Sentry - Error tracking
- OpenTelemetry - Observability framework
- Terraform - Infrastructure provisioning
- Ansible - Configuration management
- CloudFormation - AWS infrastructure as code
- Pulumi - Cloud infrastructure as code
- Velero - Kubernetes backup
- Restic - Backup program
- Duplicati - Backup solution
💻 Command Line Tools & Utilities (Click to expand)
- AWS CLI - Amazon Web Services command line
- Azure CLI - Microsoft Azure command line
- GCP CLI (gcloud) - Google Cloud Platform command line
- eksctl - Amazon EKS command line
- az - Azure resource management
- docker - Container management
- kubectl - Kubernetes command line
- helm - Kubernetes package manager
- k9s - Kubernetes TUI
- Podman - Daemonless container engine
- crictl - Container runtime interface CLI
- git - Version control
- vim/nvim - Text editor
- tmux - Terminal multiplexer
- screen - Terminal multiplexer
- htop - Interactive process viewer
- btop - Resource monitor
- bash - Bourne Again Shell
- zsh - Z Shell
- fish - Friendly Interactive Shell
- python - Python interpreter
- node - Node.js runtime
- go - Go programming language
- curl - Transfer data with URLs
- wget - Network downloader
- nmap - Network exploration tool
- netcat (nc) - Networking utility
- tcpdump - Network packet analyzer
- dig - DNS lookup utility
- traceroute - Network path tracer
- ping - Network connectivity test
- ss - Socket statistics
- ip - Network configuration
- ssh - Secure Shell
- gpg - GNU Privacy Guard
- openssl - SSL/TLS toolkit
- fail2ban - Intrusion prevention
- ufw - Uncomplicated Firewall
- top - Process monitoring
- iotop - I/O monitoring
- nethogs - Network bandwidth monitor
- iftop - Network traffic monitor
- dstat - System statistics
- ansible - Automation tool
- terraform - Infrastructure as code
- vagrant - Development environments
- packer - Image builder
- jenkins-cli - Jenkins command line
- gh - GitHub CLI
- gitlab-cli - GitLab command line
- argocd - ArgoCD CLI
| Favorite Games:
Active Sports:
| 🔥 Top Anime/Manga:
📖 Fiction Favorites:
|
| 🇵🇰 Urdu Native | 🇰🇼🇸🇦 Arabic Proficient | 🇬🇧🇺🇸 English Native | 🇩🇪 German Basic | 🇨🇳 Chinese Basic | 🇫🇷🇨🇦 French Basic | 🇯🇵 Japanese Basic |
﷽ الله ورسوله أولاً، ثم عائلتي Translation: Allah and His Messenger first, then my family
| الحمدلله على كل حال Alhamdulillah for everything | "وَوَجَدَكَ ضَالًّا فَهَدَىٰ" Surah Ad-Duha: 7 |
| "أَنتَ ومالُكَ لِأَبِيكَ" Sunan Ibn Majah: 2291 | |
- 🔐 Security Consulting - DevSecOps implementation and cloud security architecture
- ☁️ Cloud Migration - Secure cloud transformation and optimization
- 🛡️ Security Audits - Comprehensive security assessments and penetration testing
- 🎓 Training & Workshops - DevSecOps and cybersecurity training programs
- 🤝 Open Source - Contributing to security and DevOps projects
If my work has helped you in any way, consider supporting me! Every contribution helps me create more open-source projects and educational content.
| Ko-Fi | PayPal | GitHub Sponsors |
- ⭐ Star my repositories - It helps increase visibility
- 🔀 Fork and contribute - Help improve the projects
- 📢 Share my work - Spread the word
- 📝 Report issues - Help me fix bugs and improve
- 💬 Give feedback - Your input is valuable
"Get better every day, conquer yourself, then the World 💪"
— Monarch+_+MAT
███╗ ███╗ ██████╗ ███╗ ██╗ █████╗ ██████╗ ██████╗██╗ ██╗ ████╗ ████║██╔═══██╗████╗ ██║██╔══██╗██╔══██╗██╔════╝██║ ██║ ██╔████╔██║██║ ██║██╔██╗ ██║███████║██████╔╝██║ ███████║ ██║╚██╔╝██║██║ ██║██║╚██╗██║██╔══██║██╔══██╗██║ ██╔══██║ ██║ ╚═╝ ██║╚██████╔╝██║ ╚████║██║ ██║██║ ██║╚██████╗██║ ██║ ╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═══╝╚═╝ ╚═╝╚═╝ ╚═╝ ╚═════╝╚═╝ ╚═╝ MONARCH +_+ MAT 👑
DevSecOps Engineer | Cloud Security Architect
Made with ❤️ and ☕ by Muhammad Abdullah Bin Tariq
🔄 Last Updated: December 2025
🔗 View README Source • 📂 Visit My GitHub • 💼 Connect on LinkedIn