$ cat about.txt
Welcome to my website. Here you'll find my blog where I share knowledge on cybersecurity and IT-related topics. A little bit about me:
I've spent 11+ years in enterprise IT, with ~5 years in cybersecurity. Currently securing a hybrid multi-cloud environment for a large enterprise as a Senior Security Engineer, much of it through mergers, acquisitions, and rapid expansion: environments that refuse to sit still. I came up through the ranks of PC Specialist and SysAnalyst to SysAdmin, and then Security Engineering. I protect infrastructure, identities, and applications with the perspective of someone who spent years designing, building, and running them in addition to managing and supporting the user experience.
$ cat approach.txt
Experience has taught me the value of adaptability. Businesses are rarely static in their operations: Priorities shift with continuous-improvement initiatives and changing organizational goals, causing attack surfaces and risk exposure to expand or contract as a result. Layering on an organization’s culture, toolset, regulatory compliance requirements, and risk appetite (all of which also change constantly) commands adaptability to switch tools and controls effectively, pick the right ones, master them swiftly, and build custom solutions that fit the organization in front of you. This is what I thrive on.
Solutions that slow the business down or significantly inconvenience users tend to be met with resistance and drive some to try and route around them. So I aim to build controls that people can live with while focusing where risk genuinely concentrates in the environment and automating the rest. All that said, I am not attached to any particular tool, but am quick to pick up and master what's given to me.
$ ls focus-areas/
- Detection Engineering
- IAM
- Zero Trust
- Network and Cloud Security
- Incident Response
- AppSec
- Digital Forensics
$ grep -i "impact" worklog.txt
- scaled automated identity lifecycle from ~100 to 300+ applications through M&As and organic growth — manual identity operations down ~80%
- led a Zero Trust transformation that retired the VPN outright; lateral-movement paths down ~70%
- built and tuned WAF coverage for 100+ internet-facing workloads, with rulesets that block real attacks without paging anyone about false positives
- engineered SIEM/SOAR detections, enrichment pipelines, and automated response for the same IR playbooks I get paged on — nothing keeps detection quality honest like being the person woken up by it
- incident response lead for high-severity incidents: analysis, containment, and keeping everyone calm at 2 a.m.
$ cat certs.txt
CCSP · CNSP (CySA+, Pentest+, Security+) · CIOS (Network+, A+) · ITIL v4 · Project+ · MCSA
# verify authenticity:
→ credly.com/users/haris-karabegovic
$ which contact
github: @Haris-Karabegovic · linkedin: