About me

Security Engineer focused on detection, cloud security, and customer-facing security solutions

My name is Yazan Armoush, and I am a Security Engineer based in Toronto ๐Ÿ‡จ๐Ÿ‡ฆ with a strong focus on threat detection, cloud security, and enterprise security operations.

I enjoy working at the intersection of deep technical security engineering and business communication โ€” helping organizations understand risks, improve visibility, and build stronger security programs. My experience spans SIEM, XDR, cloud security, vulnerability management, and compliance-driven security programs.

Currently, I work with enterprise security teams to monitor, investigate, and remediate threats using platforms such as Microsoft Sentinel, Defender, and modern detection engineering tools. I have also led initiatives around ISO 27001 certification, PCI-DSS compliance, and CyberSecure Canada, helping organizations strengthen their security posture while aligning with regulatory requirements.

One of the aspects of security I enjoy the most is working with people โ€” whether it is explaining security risks to leadership, collaborating with engineering teams, or guiding customers through complex security solutions.

I am particularly passionate about Solutions Engineering and Presales ๐Ÿš€, where I can combine technical expertise with customer engagement to help organizations evaluate, design, and adopt effective cybersecurity solutions.

๐Ÿ” Areas I work with

  • Security monitoring and detection engineering
  • SIEM platforms and security analytics
  • Endpoint detection and response (EDR / XDR)
  • Cloud security architecture (AWS and hybrid environments)
  • Vulnerability management and risk assessment
  • Enterprise security programs and compliance initiatives
  • Security automation and workflow improvements

๐Ÿงช Projects and Labs

Outside of my day-to-day work, I enjoy building and experimenting with security technologies in my personal lab environment. This helps me stay hands-on with modern security tooling and continuously improve my technical skills.

Some areas I regularly experiment with include:

  • Docker infrastructure and reverse proxy environments
  • Security monitoring and detection workflows
  • Security tooling integrations and automation platforms
  • Threat investigation and incident response techniques

๐ŸŒ Connect with me

Iโ€™m always happy to connect with other security professionals, engineers, and builders in the cybersecurity community.