Senior DevSecOps Engineer2021 - 2022Check Technologies, Inc
Technologies: Amazon Web Services (AWS), TypeScript, CDK, Terraform, Infrastructure as Code (IaC), GitLab, GitLab CI/CD, Docker, AWS CloudFormation, IT Security, Endpoint Security, SecOps, Documentation
- Established world-class AWS accounts governance systems and implemented AWS Security Reference Architecture.
- Implemented AWS SSO and deprecated AWS Access Keys for all team members.
- Implemented first-class detection, logging, and monitoring capabilities.
- Delivered world-leading infrastructure security automation.
- Implemented world-class threat detection and incident response capabilities.
Lead MLOps Engineer2021 - 2022involve.ai
Technologies: TypeScript, AWS, Amazon SageMaker, Apache Airflow, Amazon ECS (Amazon Elastic Container Service), AWS Fargate, Amazon Virtual Private Cloud (VPC), Amazon Aurora, PostgreSQL, SQL, Python, Architecture, Infrastructure as Code (IaC), CDK, Terraform, Docker, Docker Compose, MLflow, DvC, IT Security, ISO 27001, Endpoint Security, SecOps, Documentation
- Analyzed and improved efficiency, accuracy, scalability, and stability of ML-enabled content processing workflows.
- Provided technical guidance and coaching to developers and engineers on maintaining best practices.
- Managed a world-class engineering DevSecOps and MLOps organization that served as a Centre of Excellence for other teams.
- Partnered with the heads of engineering, marketing, cs, product, sales, and machine learning.
- Implemented new relic synthetics, APM, ML model endpoint monitoring, and serverless application tracing to enhance observability, monitoring, and alerting capabilities.
- Significantly enhanced Involve AI AWS Accounts governance and management. Implemented an AWS Multi-Account Best Practices and AWS Security Reference Architecture.
- Implemented a comprehensive testing methodology. Defined all aspects of development from appropriate technology and workflow to coding standards.
- Determined and implemented IT security strategy. Maintained SOC 2 Type II compliance. Delivered and maintained GDPR compliance.
- Reviewed contracts, data processing agreements, and other agreements for accuracy and compliance.
Senior DevSecOps Engineer2021 - 2021involve.ai
- Played a major role in helping to secure a $16.5 million investment funding round.
- Created a prioritized operational plan that improved DevSecOps processes and software delivery capabilities. Designed, architected, and implemented infrastructure automation with AWS CDK.
- Improved the product security posture and CI/CD quality gates significantly.
- Collaborated effectively with a diverse team of front-end, back-end, and full-stack developers.
- Helped train and develop client team members on advanced infrastructure as code automation technology. Generated comprehensive system documentation.
- Conducted AWS Well-Architected reviews to ensure system reliability, performance, security, scalability, and cost-effectiveness.
- Designed and implemented a serverless architecture for a mass mailing email application using AWS CDK. Collaborated with the development team on this project. Email delivery throughput was enhanced 10x over the previous system.
- Implemented AWS SSO integration with GSuite that enhanced employee system access and security.
- Configured Perimeter 81 client VPN connectivity to AWS.
- Implemented AWS Control Tower. AWS Security Hub to help establish good security hygiene and governance at the AWS account level.
Senior DevSecOps Engineer2020 - 2021European Commission
Technologies: AWS, Azure, TypeScript, Python, Windows PowerShell, Threat Modeling, Cybersecurity, DevSecOps, AWS DevOps, Azure DevOps, GitHub, Linux, Amazon EC2 (Amazon Elastic Compute Cloud), Amazon Virtual Private Cloud (VPC), AWS CloudFormation, AWS Cloud Development Kit (CDK), Amazon Web Services (AWS), Continuous Delivery (CD), Continuous Integration (CI), Security, AWS IAM, Pulumi's, SAML, Single Sign-on (SSO), Static Application Security Testing (SAST), Azure Active Directory, Solution Architecture, Cloud, Software Architecture, Cloud Security, Networks, Networking, IT Security, Endpoint Security, SecOps, Documentation
- Implemented an AWS cloud landing zone that improved baseline cloud security posture management.
- Delivered 100% automated DevSecOps pipeline for a digital forensics application used by computer security incident response capability (CSIRC) teams.
- Implemented an Azure AD and AWS SSO solution that helped improve the daily productivity of around 50 CSIRC and SOC teammates and eliminate the need for IAM access keys.
- Onboarded GitHub Enterprise and GitHub Actions to help streamline collaboration, developer productivity, CI/CD pipelines, and the ability to ship higher quality software faster.
- Produced comprehensive documentation on DevSecOps processes that facilitated internal upskilling and more productive collaboration with vendors.
- Helped lead the development team to an on-time launch of the cloud digital forensics data gathering application used by the CSIRC teams.
- Introduced Azure AD PIM to the team to reduce permanent admin role assignments.
- Implemented CIS remediation Lambda functions to improve AWS CIS compliance secure score from 45% to over 90%.
- Collaborated on the production of cloud security and CI/CD threat models.
Senior DevSecOps Engineer2019 - 2020LEGO
Technologies: AWS, Serverless, Serverless Architecture, Serverless Framework, Amazon Aurora, Azure, Microsoft Graph, AWS Cloud Development Kit (CDK), AWS CloudFormation, TypeScript, Cybersecurity, DevSecOps, Python, Security, SAML, Single Sign-on (SSO), Azure Active Directory, Amazon Web Services (AWS), AWS IAM, Continuous Delivery (CD), Continuous Integration (CI), Solution Architecture, Software Architecture, PostgreSQL, Cloud Security, Networks, Networking, IT Security, Endpoint Security, SecOps, Documentation
- Created solution architecture for a serverless data integration application.
- Implemented a fully automated CI/CD pipeline for development teams.
- Trained Lego employees on AWS technology and best practices.
- Introduced Serverless best practices to Lego B2B development teams.
- Conducted AWS Well-Architected Framework reviews of developed systems.
- Improved secrets management systems and Lego employee security awareness.
- Contributed to and participated in Agile processes, training, and workshops with the rest of the team.
Lead DevSecOps Engineer2018 - 2019Publicis Worldwide
Technologies: AWS, Agile, AWS CloudFormation, GDPR, AWS Cloud Development Kit (CDK), SQL, Azure SQL, TypeScript, Cybersecurity, DevSecOps, Python, Amazon Web Services (AWS), AWS IAM, Azure, Security, Continuous Delivery (CD), Continuous Integration (CI), Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Solution Architecture, Software Architecture, Cloud Security, Networks, Networking, IT Security, ISO 27001, Endpoint Security, SecOps, Documentation
- Delivered a three-phase DevSecOps maturity project in collaboration with remote development teams.
- Enhanced the security posture of both external client projects and internal systems in line with ISO 27001 Stage 1.
- Undertook GDPR compliance audits for both internal and external client systems with solution recommendations.
- Led a successful migration of internal systems from Azure to AWS to help streamline internal operations and skills requirements.
- Visited development teams on an international field trip to Belarus and helped build relations.
- Contributed to a major pitch with my technical expertise, helping the agency win a large contract with Samsung Electronics.
- Created a PoC for secure automated data analytics reporting solution using AWS Redshift, AWS Glue, and AWS RDS for SQL Server.
- Created a PoC for Java-based CMS system deployed to AWS ECS using AWS CDK.
- Studied for and passed AWS Certified DevOps Engineer Professional exam.
Cloud Solutions Architect2016 - 2018Emakina Group
Technologies: SQL, AWS, IIS, Windows Server, Windows PowerShell, SiteFinity, C#, C#.NET, AWS WAF, AWS CloudFormation, Amazon EC2 (Amazon Elastic Compute Cloud), Amazon Route 53, Amazon Virtual Private Cloud (VPC), DevSecOps, DevOps, Azure, Azure SQL, Python, Amazon Web Services (AWS), Git, GitHub, AWS IAM, SAML, Single Sign-on (SSO), Azure Active Directory, Solution Architecture, Software Architecture, Cloud Security, Networks, Networking, VPN, IT Security, Endpoint Security, SecOps, Documentation
- Collaborated with the Emakina CTO and developed the cloud solution architecture for a major strategic client who needed to deploy hundreds of websites at scale with consistent, secure, and compliant governance processes.
- Led the development of the website factory after completion of the PoC and contract signing.
- Delivered DevSecOps consultancy and mentoring for application teams to help them onboard to the website factory.
- Obtained the AWS Certified Solutions Architect — Associate certification.
Lead Software Architect2008 - 2018Effective Computing
Technologies: Windows, XAML, Telerik WPF, Telerik, Visual Studio, C#, Windows PowerShell, Architecture, Azure DevOps, UX, Human Interface Design, Human-computer Interaction (HCI), ReactiveX, C++, Windows Communication Framework (WCF), Windows Presentation Foundation (WPF), Azure, Azure SQL, SQL, SQLite, DevSecOps, DevOps, CI/CD Pipelines, Git, GitHub, Security, Azure Active Directory, Continuous Integration (CI), Continuous Delivery (CD), Solution Architecture, Software Architecture, Cloud Security, Networks, Networking, IT Security, Endpoint Security, SecOps
- Created a speech recognition system that controls 200+ software applications in a deeply automated way.
- Created DevSecOps CI/CD pipelines for software distribution through alpha, beta, and production deployment phases.
- Implemented capability for distributed system control using voice commands.
- Created highly evolvable and modular system architecture that allows adaptions to a rapidly changing technological landscape.
- Obtained Microsoft Specialist: Programming in C# and Microsoft Certified Solutions Developer: Universal Windows Platform certifications.
Systems Administrator2008 - 2017Effective Computing
Technologies: Office 365, Azure, SQL, Azure SQL, IIS, Threat Management Gateway (TMG), Group Policy, DNS, Windows, Windows Server, Windows PowerShell, Cloud Security, Networks, Networking, Azure Active Directory, Azure Resource Manager (ARM), Security, Azure Key Vault, VPN, Endpoint Security, SecOps
- Set up, configured, and operated Azure Security Center.
- Set up, configured, and operated Microsoft Office 365, Microsoft Office 365 Security and Compliance Center, and Microsoft Office 365 mobile device compliance.
- Set up, configured, and operated Microsoft Forefront Threat Management Gateway, Microsoft Active Directory, Windows Group Policy, and Microsoft SQL Server.
- Procured and upgraded computing and network hardware at favorable prices.
- Performed Windows and Linux OS updates and maintenance.
Managing Director2008 - 2017Effective Computing
Technologies: SAP Business One, Accounting, Finance, Financial Modeling, Excel VBA, Excel 365, Office 365, Zoho, Zoho Books
- Founded Effective Computing Ltd. and set up all administrative and accounting systems.
- Prepared annual accounts in collaboration with the company accountant.
- Migrated SAP Business One accounting solution into cloud-based Zoho Books.
- Raised investment capital to finance the business in the startup phase.
- Secured access to and participated in Microsoft BizSpark.
- Negotiated with third-party suppliers to obtain favorable pricing.
- Participated in industry events such as Business of Software, Microsoft Build, Adobe MAX, AWS re:Invent, and AWS re:Inforce.