Aron Szekely, Developer in Paris, France
Aron is available for hire
Hire Aron

Aron Szekely

Verified Expert  in Engineering

Cloud Security Developer

Paris, France

Toptal member since September 3, 2021

Bio

Aron is a DevOps engineer with 12+ years of experience in industries with strict compliance requirements, such as healthcare, finance, and HR. He focuses on automating and securing infrastructures within the cloud and on-premise, using industry-standard tooling. Aron studied, lived, and worked in NYC and several European countries, contributing to companies ranging from small businesses to startups of various sizes to global financial firms.

Portfolio

Morgan Stanley
Ansible, Python, Agile DevOps
Flatiron Health
Cloud Security, Terraform, Ansible, Amazon Web Services (AWS)
Flatiron Health
Amazon Web Services (AWS), Ansible, Python, Chef, Azure, New Relic, Datadog...

Experience

  • Ansible - 6 years
  • Python - 6 years
  • Packer - 6 years
  • Docker - 4 years
  • Terraform - 4 years
  • Cloud Security - 4 years
  • SaltStack - 2 years

Availability

Part-time

Preferred Environment

Ansible, Amazon Web Services (AWS), Terraform, DevOps, System Administration, Python, Cloud Security, Azure, DevSecOps

The most amazing...

...project I've worked on involved developing identity federation automation across multiple AWS accounts in an ever-growing, highly sensitive environment.

Work Experience

Vice President of Security Operations

2019 - 2021
Morgan Stanley
  • Modernized operational workflows to leverage Infrastructure-as-Code concepts and use automation according to SDLC best practices.
  • Drove the agile transformation by bridging the gap between engineering and operations in a strictly regulated environment.
  • Developed a lightweight modular health-check monitoring system to increase visibility into the team’s products across environments.
  • Evangelized DevOps and automation practices and trained team in automation tooling.
  • Automated the heavy operational burden of legacy infrastructure using Ansible, reducing errors, deployment time, and MTTR.
Technologies: Ansible, Python, Agile DevOps

Senior Security Engineer

2019 - 2019
Flatiron Health
  • Built and deployed automated remediation functions for common vulnerabilities and misconfigurations.
  • Deployed and evaluated security solutions for Kubernetes while formulating company-wide standards.
  • Developed and automated the company-wide multi-account AWS security strategy by implementing federation, effectively enabling scaling from one AWS account to dozens while decreasing risk company-wide.
  • Automated infrastructure security change management and the review process, removing security as a blocker from a highly dynamic cloud environment.
  • Incorporated security testing into built pipelines for operating system images and containers.
Technologies: Cloud Security, Terraform, Ansible, Amazon Web Services (AWS)

Senior Site Reliability Engineer

2017 - 2019
Flatiron Health
  • Architected and deployed the self-hosted Elastic Cloud Enterprise, removing management burden from several engineering teams.
  • Automated and streamlined daily operations using AWS Lambda.
  • Migrated and automated a legacy HIPAA compliant infrastructure from Microsoft Azure to AWS.
  • Wrote automation tools to enable one-click host provisioning for Linux and Windows instances.
  • Collaborated with the infrastructure security team to deploy security tools in a standard cloud-native fashion.
  • Migrated an end-of-life server fleet to Ubuntu 16.04 LTS and decommissioned the legacy identity management system by integrating all Linux hosts with Active Directory.
  • Developed, automated, and tested business continuity and disaster recovery (BCP/DR) plans for the critical internal engineering infrastructure.
Technologies: Amazon Web Services (AWS), Ansible, Python, Chef, Azure, New Relic, Datadog, Linux

Site Reliability Engineer

2015 - 2017
PeopleDoc Inc.
  • Developed zero downtime deployment and continuous delivery automation for multiple Java and Python developer teams’ applications using Ansible.
  • Built and migrated legacy environments with minimal downtime to Rackspace Private Cloud running Openstack. Acted as the lead engineer in the United States with global responsibilities for both US and EU platforms.
  • Converted all infrastructure to code using SaltStack, OpenStack Heat, Ansible, and Jenkins.
  • Owned the creation of the US technical team and the customer service personnel training for technical tasks.
  • Architected a fully high-availability, SOC-2/ISO compliant architecture with data encryption in transit and at rest.
  • Fully decoupled infrastructure from services and empowered developers to autonomously build and deploy their end-to-end applications.
  • Trained and mentored technical support staff and level-2 cloud operation engineers.
Technologies: OpenStack, SaltStack, Ansible, Jenkins

DevOps Engineer

2013 - 2015
Freelancers Union
  • Built a full-stack automated HIPAA/HITECH compliant AWS infrastructure for a new insurance brokerage agency within a 10-week timeframe using AWS CloudFormation, Git, and Puppet.
  • Centralized authentication and authorization of Linux servers using Active Directory for easy management by traditional sysadmins.
  • Migrated a legacy disjointed vSphere 4 infrastructure to built highly available DRS clusters on ESXi 5.1 from the ground up.
  • Rearchitected office and data center networking and a storage model.
  • Devised and implemented a privileged access management system for an expansive and diverse infrastructure.
  • Built up an automated DR site and conducted validation tests.
Technologies: Amazon Web Services (AWS), AWS CloudFormation, Puppet, Foreman, Django, Python, VMware, Networking

Systems Administrator

2009 - 2013
Viva Media, LLC
  • Developed and integrated a digital game card download and activation portal using PHP and MySQL for casual game compilations sold at nationwide retail chains like Target, Rite-Aid, and Meijer.
  • Migrated the company from a physical to a virtualized infrastructure and rebuilt firewalls and VPN to allow full productivity of globally-spread remote workers.
  • Maintained a multi-platform (Windows, macOS, and Unix) office and development environment as well as public web servers like Apache, Nginx, and IIS.
  • Worked closely with sales to develop new digital distribution mechanisms using the LAMP stack.
  • Provided 24/7 on-site and remote support for the company infrastructure.
  • Performed project management and QA responsibilities on mobile application development for Android and iOS.
Technologies: Linux, Microsoft Exchange, Windows Server, PHP, Apache, NGINX, MySQL, Networking, PBX, Asterisk

AWS Multi-account Identity Federation Automation

I built automation in Terraform to securely manage federation across multiple AWS accounts in an ever-growing environment in a HIPAA-compliant setting. I also trained corporate IT in the usage and maintenance of the code for a successful handover.
The environment was used by dozens of teams for a total of over 400 engineers, encompassed over 15 accounts, and grew constantly.

Infrastructure as Code for an Insurance Brokerage Agency

I built the entire infrastructure to support a Django-based web application for an insurance brokerage agency. I leveraged CloudFormation and Puppet to automate infrastructure provisioning and configuration management. I also integrated access management with firm-wide Active Directory and automated code deployments onto servers running Nginx, uWSGI, and Django using AWS RDS and AWS ElastiCache.

Licensing Automation for a Web Hosting Company Using Ansible and Python

I automated the provisioning and cancellation of a dozen different server software licenses for a hosting company consisting of over 500 virtualized and bare metal servers, saving significant work hours for both management and the IT team. I used Ansible and Python to automate API calls. I also performed server-side updates to achieve server-level idempotency based on business logic captured in simple to understand and edit configuration files, empowering even non-technical staff to make licensing changes.

Security Automation for Credentials Rotation Across Physical and Bare-metal Servers

I automated rotation and centralized management of sensitive credentials across a fleet of hundreds of bare-metal and virtualized (VMware, KVM, Xen) servers in a programmatic way. I also consolidated management credentials for administrative users, IPMI, and iDRAC into one secured, centralized, highly-available, programmable vault, decreasing company risk and satisfying security requirements.

Image-based Deployment Automation with Packer

http://www.freelancersunion.org
I used Packer and Ansible with AWS EC2 to automate the infrastructure for a Django-based web app and transition it from in-place code deployment to image-based deployments that could leverage autoscaling, thereby achieving fault tolerance and reliability. The transition to Packer-based AMIs simplified change management, testing, and security while ensuring that the system was constantly in a predictable state.

Web App Containerization and Continuous Security Scanning Using Docker and Trivy

I containerized a Python web app using Docker, simplifying both local development, testing, and deployments across multiple environments. I also introduced continuous security scanning of Docker images into the CI/CD pipeline using Trivy, increasing visibility into security vulnerabilities and encouraging more frequent security updates to be incorporated into the development cycle.
2002 - 2009

Bachelor's Degree in English

The City College of New York - New York, USA

JULY 2020 - PRESENT

AZ-900

Microsoft

AUGUST 2010 - PRESENT

Security+

CompTIA

FEBRUARY 2010 - PRESENT

Network+

CompTIA

Libraries/APIs

Bottle.py

Tools

Ansible, Terraform, SaltStack, Puppet, Chef, Jenkins, Git, pfSense, Bitbucket, Zabbix, Packer, VMware, Asterisk, AWS CloudFormation, Microsoft Exchange, Apache, NGINX, AWS IAM, Amazon ElastiCache, uWSGI, ELK (Elastic Stack)

Platforms

Amazon Web Services (AWS), OpenStack, Docker, Azure, New Relic, Linux, Windows Server, KVM, Xen, AWS Lambda, Kubernetes

Languages

Bash, Python, PHP, SAML

Frameworks

Django

Paradigms

DevOps, DevSecOps

Storage

MySQL, PostgreSQL, Redis, Datadog

Industry Expertise

Cybersecurity

Other

Cloud Security, Security, Load Balancers, GitHub Actions, Technical Writing, Mathematics, Chemistry, Modeling, Education, Training, System Administration, Foreman, HAProxy, Agile DevOps, Networking, PBX, Amazon RDS, APIs, IPMI, Trivy, Security Testing

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring