Daniel Clarke, Developer in Málaga, Spain
Daniel is available for hire
Hire Daniel

Daniel Clarke

Verified Expert  in Engineering

Bio

Daniel has 15 years of experience building information security in SaaS environments, including introducing DevSecOps, OWASP SAMM, penetration testing, threat models, static analysis, security monitoring, security incident and event management (SIEM), security operations center (SOC), and incident response. The company he works for has achieved SOC 2 Type 2 and HIPAA certifications and compliance with the general data protection regulation (GDPR).

Portfolio

Telefónica
Amazon RDS, AWS ALB, Docker, Kubernetes, Node.js, TypeScript, NestJS...
Schneider Electric
System Architecture, C++, DevSecOps, Threat Modeling, Secure Coding...
SONY
Anti-tampering, C++, Digital Rights Management (DRM), Crypto, Linux...

Experience

  • Cybersecurity - 20 years
  • Data Protection - 15 years
  • Linux - 10 years
  • DevSecOps - 10 years
  • SaaS - 10 years
  • GDPR - 5 years
  • SOC 2 - 5 years

Availability

Part-time

Preferred Environment

Amazon Web Services (AWS), TypeScript, Terraform, AWS CloudFormation, Node.js, AWS Lambda, SQL, SaaS

The most amazing...

...thing I've developed is a GitHub posture management tool that scans GitHub configuration for compliance and source code security. It runs as SaaS in AWS.

Work Experience

Cybersecurity Leader

2019 - PRESENT
Telefónica
  • Achieved and maintained SOC 2 Type 2 certification by managing continuous compliance and security automation. This work included implementing and auditing information security controls, such as risk management, HIPAA, HITRUST, and ISO 27001.
  • Deployed security tools from the Open Web Application Security Project (OWASP) and other sources for use in CD pipelines with Terraform and CloudFormation.
  • Managed security for continuous deployment pipelines that updated the production environment.
  • Led container security for Docker with vulnerability management and dependency reputation.
  • Performed posture management solutions to ensure all managed services were correctly configured and monitored.
  • Implemented security monitoring with automation to detect and escalate security events.
  • Managed privacy for various applications delivered as Software-as-a-Service (SaaS) for different markets. This included privacy policies, consent management, data subject rights, and privacy-by-design for associated research activities (AI).
  • Managed security-by-design and privacy-by-design for different cultures and jurisdictions such as GDPR (EU), PIPEDA (Canada), HIPAA (US-Healthcare), and Singapore.
Technologies: Amazon RDS, AWS ALB, Docker, Kubernetes, Node.js, TypeScript, NestJS, Threat Modeling, Vulnerability Management, GDPR, HIPAA Compliance, Static Analysis, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), HITRUST Certification, Risk Management, Security, PCI Compliance, Amazon Web Services (AWS), Security Architecture, IT Security, OWASP, Authentication, Cloud, APIs, SecOps, Risk Assessment, Vulnerability Assessment, Data Protection, Architecture, CISO, Compliance, Regulations, Data Security, Web Security, AWS DevOps, Identity & Access Management (IAM), AWS SDK, Cloud Security, CI/CD Pipelines, Application Security, Privacy, Business Strategy, Single Sign-on (SSO), OpenID, User Authentication, SAML-auth, SIEM, GCP Security, SaaS Security, AWS Well-Architected Framework

Cyber Security Architect

2013 - 2019
Schneider Electric
  • Produced architectural specifications that refined marketing requirements, regulations, applicable international standards, and end-user environments into inputs for product implementation.
  • Assured security for a range of products, supported a large department to take responsibility for the security of their product lines and provided training, expert consulting, security services, and follow-up on product quality.
  • Created security models that allowed security to be layered onto existing systems without disrupting operation. For example, wrapping insecure protocols in TLS, providing network segmentation and perimeter security.
Technologies: System Architecture, C++, DevSecOps, Threat Modeling, Secure Coding, Secure Containers, Docker, Security Testing, Security, Amazon Web Services (AWS), Security Architecture, OWASP, Authentication, Vulnerability Assessment, Data Protection, Architecture, DevOps, Data Security, Web Security, Web Architecture, AWS DevOps, Identity & Access Management (IAM), Cloud Security, Application Security, Business Strategy, SaaS Security

Software Security Architect

2008 - 2011
SONY
  • Built software in C++ for media distribution to televisions and home computers.
  • Developed and deployed build automation that increased the difficulty of reverse engineering.
  • Solved problems in concurrency and multi-threading in low-level system processes.
Technologies: Anti-tampering, C++, Digital Rights Management (DRM), Crypto, Linux, Visual Studio, Security, Security Architecture, Authentication, SecOps

Security Engineer

2005 - 2008
Cognotec
  • Understood complex business and pricing models and translated them to financial algorithms that support currency trading in a regulated environment.
  • Added automated testing and static analysis to the build pipelines.
  • Re-engineered the company tooling matrix to modern source code management and continuous integration model.
Technologies: Algorithms, C++, CI/CD Pipelines, Pipelines

Technical Lead

2005 - 2008
Amadeus
  • Introduced DevSecOps activities, including threat modeling and static analysis.
  • Built middleware libraries for high-performance management of data and CD pipelines.
  • Developed a large-scale system in C++, processing tens of thousands of transactions per second.
  • Solved multiple production environment problems in Linux.
Technologies: C++, SQL, Oracle, Linux, SecOps

Gitrospect

http://www.gitrospect.com
A SaaS application that provides posture management and monitoring for GitHub. The back-end functionality captures data from GitHub API to provide a view of GitHub posture easily accessible from a front-end application. This allows an easy way to see issues across hundreds of repositories and users.

The solution is delivered as software as a service, running in AWS public cloud using Cognito Federated to GitHub for authentication, RDS and S3 for data storage, ALB for load balancing, Lambdas for some point actions, Docker for computing, and Angular for the front end.

Terraform for Defect Dojo

http://www.github.com
Defect Dojo is an OWASP tool for security orchestration, static application security testing (SAST), and dynamic application security testing (DAST). As there was no preexisting solution to deploy defect dojo in AWS easily, I provided some scripts to the community.

To assure security, the deployment uses managed security features of AWS, which protects users by avoiding vulnerabilities that may occur over time in the event of a deployment that is not actively maintained.
1995 - 2000

Master's Degree in Computer Science

Trinity College - Dublin, Ireland

JANUARY 2021 - PRESENT

Lead Auditor ISO/IEC 27001 Information Security

The British Standards Institution 2022 (BSI)

AUGUST 2019 - PRESENT

Certified Information Privacy Manager (CIPM)

International Association of Privacy Professionals (IAPP)

JANUARY 2019 - PRESENT

Certified Information Privacy Professional/Europe (CIPPE)

International Association of Privacy Professionals (IAPP)

SEPTEMBER 2009 - PRESENT

Certified Information Systems Security Professional (CISSP)

(ISC)²

Libraries/APIs

OpenID, Node.js, Amazon EC2 API

Tools

Amazon Cognito, AWS SDK, GCP Security, Terraform, AWS CloudFormation, Visual Studio

Languages

C++, C, SAML, TypeScript, SQL

Frameworks

AWS Well-Architected Framework, NestJS, Angular

Paradigms

DevSecOps, Web Architecture, HIPAA Compliance, DevOps

Platforms

AWS Lambda, Linux, AWS ALB, Amazon Web Services (AWS), Oracle, Docker, Kubernetes

Industry Expertise

Cybersecurity

Storage

Amazon S3 (AWS S3), Oracle RDS

Other

SaaS, GDPR, System Architecture, Crypto, Threat Modeling, Secure Coding, Secure Containers, Amazon RDS, Data Privacy, Information Security, Information Security Management Systems (ISMS), ISO 27001, SOC 2, Data Protection, Software Architecture, Risk Management, Vulnerability Assessment, Security, Security Architecture, IT Security, Authentication, Cloud, SecOps, Architecture, CISO, Compliance, Regulations, International Data Privacy Regulations, Data Security, Web Security, AWS DevOps, Identity & Access Management (IAM), Cloud Security, CI/CD Pipelines, Application Security, ISO 27002, Privacy, Business Strategy, Single Sign-on (SSO), User Authentication, SAML-auth, SaaS Security, Regulatory Management, Regulatory Compliance, Data Mapping, Privacy Impact Assessment (PIA), Data Transfers, Incident Response, Vendor Management, Security Testing, HITRUST Certification, OWASP, APIs, Risk Assessment, NIST, SIEM, Personal Information Protection and Electronic Documents Act (PIPEDA), California Consumer Privacy Act (CCPA), Anti-tampering, Digital Rights Management (DRM), Vulnerability Management, Static Analysis, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Cryptography, Algorithms, Data Structures, PCI Compliance, Pipelines

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring