Summary
Overview
Work history
Education
Skills
Certification
Languages
Affiliations
Timeline
Generic

Laith Al Mofty

London,United Kingdom

Summary

Cybersecurity Engineer with expertise in Secure Coding, Application Security, and DevSecOps. Holds an NCSC-certified MSc in Advanced Cyber Security, with proven experience in delivering secure cloud platforms and integrating automated security controls into CI/CD pipelines. Skilled in conducting risk assessments, developing security metrics dashboards, and implementing secure-by-design principles across applications and cloud environments.

Overview

2026
2026
years of professional experience
7
7
years of post-secondary education
1
1
Certification

Work history

DevSecOps Engineer

Accenture
United Kingdom
08.2025 - Current
  • Embedded secure coding standards and automated SAST, SCA, and secrets scanning into CI/CD pipelines across multi-cloud environments.
  • Collaborated with architects to enforce secure design patterns aligned with NIST, ISO27001, and CIS baselines.
  • Implemented Terraform security checks and guardrails, mitigating misconfiguration risks in dev/test/production environments.
  • Generated security dashboards to visualise pipeline findings, misconfigurations, and risk trends.

Platform & Application Engineer

Reply Group
London
04.2024 - 08.2024
  • Designed and implemented secure cloud-native recruiting application using AWS Amplify.
  • Developed authentication and authorisation workflows with AWS Cognito.
  • Automated infrastructure deployment focusing on security via Terraform and AWS CloudFormation.
  • Integrated CI/CD practices with security checks using GitHub Actions.
  • Ensured compliance with security best practices for cloud infrastructure.
  • Reviewed API implementations to verify secure authentication and data handling.
  • Provided guidance on secure coding throughout development cycles.
  • Built GitHub CI/CD pipelines featuring automated security checks and deployment gates.

Cloud & Security Engineer

IBM
United Kingdom
01.2023 - 03.2024
  • Configured and secured cloud infrastructure on AWS and Azure, ensuring compliance with internal security standards.
  • Automated security scans using Terraform and integrated compliance checks into CI/CD pipelines.
  • Managed SIEM tools (Splunk, Microsoft Sentinel) for real-time threat detection and monitoring.
  • Collaborated with SOC teams during incident response and investigations to enhance security measures.
  • Developed incident response strategies for cloud security threats, including DDoS mitigation techniques.
  • Advised on secure cloud architecture and best practices across AWS and Azure environments.
  • Designed cloud-native security solutions, integrating SAST and dependency scanning into CI/CD workflows.
  • Delivered technical documentation and security recommendations to development teams for improved practices.

Associate Software Engineer

IBM
United Kingdom
11.2021 - 12.2022
  • Translated user stories into efficient data collection and analysis methods.
  • Authored technical design documents for BI components, ensuring project specifications clarity.
  • Collaborated with developers and product owners to execute effective testing strategies.
  • Conducted pre-release regression tests and post-release evaluations to ensure software quality.
  • Explored cybersecurity and machine learning concepts to enhance project security.
  • Implemented secure development testing within SDLC processes to uphold security standards.
  • Created secure data handling flows and participated in peer code reviews to maintain code integrity.
  • Supported analytics pipelines, ensuring confidentiality and integrity of processed data.

Data & Testing Analyst

Lloyds Banking Group (Via TCS)
London
03.2021 - 12.2022
  • Delivered secure SQL views and established reporting workflows.
  • Ensured compliance with encryption standards and access control protocols.
  • Conducted regression and negative testing to uphold secure development practices.

Data Analyst & IT Support (Volunteer)

NHS
United Kingdom
04.2020 - 03.2021
  • Delivered GDPR-compliant data solutions, encompassing MI dashboards and system reports.
  • Produced governance and audit-ready dashboards to facilitate compliance assessments.
  • Supported audit preparation and resolved incidents within clinical and operational systems.
  • Ensured secure storage and handling of sensitive healthcare data in accordance with GDPR standards.

Retail & Telecom (Early Career)

Roles across EE, O2, Virgin Media & Gekko
London
  • Ensured secure handling of sensitive customer data in compliance with regulations.
  • Resolved complaints effectively to maintain high service standards.
  • Led small teams while mentoring junior staff to enhance skill development.

Education

Master of Science - Advanced Cyber Security

King's College London
London
01.2021 - 01.2025

Bachelor of Science - Computer Science

Goldsmiths, University of London
United Kingdom
09.2016 - 07.2019

Skills

  • Secure coding and application security DevSecOps and CI/CD security Cloud security architecture Risk management and assurance practices Sentinel analytics and KQL queries
  • OWASP Top 10 and ASVS
  • Secure code review and remediation
  • SAST/SCA integration and usage
  • Secrets scanning and dependency analysis
  • API security fundamentals
  • GitHub Actions and Azure DevOps
  • Terraform security validation
  • Automated policy enforcement
  • Pipeline compliance and reporting
  • AWS security services
  • Azure cloud security tools
  • Secure landing zones and segmentation
  • Logging, monitoring, and alerting integration
  • Evidence-based assurance frameworks
  • Third-party controls assessment
  • Security posture reporting to stakeholders
  • Cybersecurity metrics and analytics dashboards
  • Vulnerability metrics reporting
  • Python for data manipulation automation
  • Scripting in Python, Bash, SQL, YAML, JSON

Certification

  • NCSC-Certified MSc in Advanced Cyber Security From King's College London - 2025
  • Qualys Vulnerability Management Detection & Response - 2024
  • Registered Scrum Master - 2023
  • Government Industry Jumpstart - 2023
  • AWS Certified Cloud Practitioner - 2023
  • Architectural Thinking for Security - 2023
  • IBM Consultant Profession Certification - Foundation - 2023
  • (In progress) ISO27001 & DevSecOps specialisations

Languages

English
Native
Arabic
Native

Affiliations

  • Secure Coding & Application Security
  • Cloud Security Engineering
  • Security Risk & Assurance
  • Architecture Governance
  • DevSecOps Automation
  • Security Metrics & Data Analytics

Timeline

DevSecOps Engineer

Accenture
08.2025 - Current

Platform & Application Engineer

Reply Group
04.2024 - 08.2024

Cloud & Security Engineer

IBM
01.2023 - 03.2024

Associate Software Engineer

IBM
11.2021 - 12.2022

Data & Testing Analyst

Lloyds Banking Group (Via TCS)
03.2021 - 12.2022

Master of Science - Advanced Cyber Security

King's College London
01.2021 - 01.2025

Data Analyst & IT Support (Volunteer)

NHS
04.2020 - 03.2021

Bachelor of Science - Computer Science

Goldsmiths, University of London
09.2016 - 07.2019

Retail & Telecom (Early Career)

Roles across EE, O2, Virgin Media & Gekko

Similar Profiles

Create profile
Laith Al Mofty