Design, implement and optimize the cloud security posture and cloud workload protection from dynamic threat landscape, sophisticated attacks , Network based attacks, Memory-based attacks, Remote Shellcode Injection attacks, Rogue process Launch, File system based attacks, Insider attacks by various tools & techniques

Build detective controls and prevention controls solutions to minimize :SolarWinds Cyber-attack, Ransomware attacks, Brute force attacks, Process Injection, Resource high jacking, advanced obfuscation, port hopping techniques, or encryption by "Deep packet Inspection" (real time network protection), etc from endpoint to cloud workload security ( prevention & detection ).

NIST Risk Management Framework
NIST Cyber security Framework
NIST Security Controls
CIS Controls
EDR/XDR solution from Trend Micro and Microsoft 365 security
RASP
CSPM and CWPP

Note: There are many "Security Design Principles" but I follow one them i.e. " KEEP IT SIMPLE"