Ravi Kiran, Developer in Cambridge, United Kingdom
Ravi is available for hire
Hire Ravi

Ravi Kiran

Verified Expert  in Engineering

Bio

Ravi is a seasoned DevSecOps engineer with a decade of experience in systems administration, DevOps, and security in various business verticals. He uses the latest technologies and best practices to automate and monitor services, applications, and infrastructure in SaaS, PaaS, CaaS, and IaaS. Ravi is known for agility, code quality, and speed of delivery that meet high SLAs and CSI requirements.

Portfolio

Commonwealth Financial Network - Information Security
Azure, VPN, Azure Key Vault, Azure Active Directory, Cloud Security...
EMBL
Web App Security, Cloud Security, Azure, Amazon Web Services (AWS), DevOps...
IBM
Agile DevOps, Application Security, Azure, Amazon Web Services (AWS), DevSecOps...

Experience

Availability

Full-time

Preferred Environment

Linux, Python 3, Kubernetes, Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP), Web App Security, Azure Kubernetes Service (AKS), Terraform, Security Architecture

The most amazing...

...self-service framework I've created helps developers create PRs with CI/CD for web application firewalls on hybrid cloud infrastructure using Terraform.

Work Experience

Platform Cloud Security Engineer

2021 - 2024
Commonwealth Financial Network - Information Security
  • Created Terraform code to automate security configurations for new landing zones built with infrastructure as code (IaC) in Azure and AWS platforms.
  • Achieved over 80% compliance and security scores for new and existing cloud resources.
  • Helped build the purple team and created standard operating procedures (SOPs) for security operations and purple teaming.
  • Improved the data security posture by implementing data encryption at rest, in transit, and in use with CMKs.
Technologies: Azure, VPN, Azure Key Vault, Azure Active Directory, Cloud Security, Azure Resource Manager (ARM), Networks, Elasticsearch, Kibana, Logstash, Beats, DevOps, DevSecOps, CI/CD Pipelines, Infrastructure as Code (IaC)

DevSecOps Specialist

2017 - 2021
EMBL
  • Created a security framework that integrates with the CI/CD pipelines, assesses the application and Docker-related vulnerabilities, generates SAST and DAST reports, and suggested mitigations. This was a hybrid cloud project on AWS and Azure.
  • Created a self-service model for developers to add their changes as a Pull Request (PR) to the Gitlab CI tool for making changes to their application firewall rules in the Pulse Secure traffic manager. Changes and states are managed by Terraform.
  • Conducted training sessions on web, platform, and application security to more than 600 employees and deployed a centralized knowledge base for security best practices in code and infrastructure management.
  • Researched the threat response for hybrid and cloud-native environments and vulnerability disclosure policies and tools for SIEM and SOAR and created an SOP in association with the CISO. This was followed by 20+ teams in the organization.
  • Developed ISO27001 and SOC2 compliances directly reporting to the CISO and submitted for compliance certifications.
Technologies: Web App Security, Cloud Security, Azure, Amazon Web Services (AWS), DevOps, DevSecOps, CI/CD Pipelines, Terraform, Penetration Testing, Data Security, Web Security, IT Security, Security, SSL Configurations, Infrastructure as Code (IaC), Architecture, Elasticsearch, Kibana, Logstash, Beats

Senior Staff Software Engineer - DevOps and Security

2016 - 2017
IBM
  • Created secure and automated deployments to hybrid cloud environments containing more than 1,200 VMs in different data centers with zero downtime. Ensured high availability of the applications.
  • Awarded "Managers Choice Award" for performing a security audit and educating colleagues on cloud security and best practices. Leveraged open-source and licensed tools for security testing and audits.
  • Deployed, managed, and monitored intrusion detection systems such as Wazuh and IBM internal security tools for platform security. As in a hybrid cloud project, delivered hands-on configuration in Azure, AWS, and GCP cloud security.
Technologies: Agile DevOps, Application Security, Azure, Amazon Web Services (AWS), DevSecOps, Networking, CI/CD Pipelines, Kubernetes, Data Security, Web Security, IT Security, Security, SSL Configurations, Infrastructure as Code (IaC), Architecture, Elasticsearch, DevOps

Senior DevOps Engineer

2014 - 2016
TEKsystems
  • Assisted several startup clients and performed penetration testing and security audits. Delivered ISO and SOC compliances. Ensured startups got quality and security compliance certifications.
  • Dockerized and migrated the monolithic applications into microservices and used configuration management tools on the hybrid cloud.
  • Synced local LDAP to cloud AD in VMware and Azure.
Technologies: DevSecOps, DevOps, CI/CD Pipelines, Amazon Web Services (AWS), Docker, ISO 27001, System-on-a-Chip (SoC), Web Security, IT Security, Security, Heroku, SSL Configurations, Infrastructure as Code (IaC)

QA and Release Engineer

2012 - 2014
Zycus
  • Served as an interim leader for the Release Engineering group. Redefined processes and implemented tools for software builds, patch creation, source control, and release tracking and reporting.
  • Delivered performance and security testing of APIs and web and mobile applications using licensed, open-source tools.
  • Developed and implemented automated scripts for testing and release automation of new deliverables in development, QA, UAT, and production-like environments.
Technologies: Software Testing Automation Framework (STAF), Security Testing, Python, SSL Configurations, Infrastructure as Code (IaC), CI/CD Pipelines

Deployment and Monitoring Solution for Hybrid Cloud Applications and Infrastructure Security

An integrated solution that deploys infrastructure in the target cloud and deploys tools such as ELK, Wazuh, Grafana, and Prometheus on a Kubernetes cluster created using Terraform. This solution also has scripts in Python and Go to bind different cloud APIs and be cloud-agnostic. This model was built purely with open-source tools. It can be modified to use licensed security and monitoring solutions for enhanced quality and advanced filtering.

Application Security Framework

Built a security framework that includes an integrated solution for threat intelligence, SIEM security and monitoring, log correlation and analysis,
network and host intrusion detection, etc. There was also a knowledge base created and concerned employees were trained on using and identifying new threat patterns and mitigations for the application and infrastructure security.

Integration of Static and Dynamic Scanning and Penetration Testing Tools into CI/CD

Built a CI/CD solution that scans for static and dynamic application vulnerabilities in the code. The coding languages could be Java, JavaScript, Python, Go, and Ruby. The pipeline is integrated with penetration testing tools and generates reports that show vulnerabilities and exploits, causes, and mitigations. This is a combination of open-source and licensed tools.
2021 - 2022

Postgraduate Program in Cloud Computing

University of Texas at Austin - Austin, Texas, USA

2008 - 2012

Bachelor of Technology Degree in Computer Science and Electrical Engineering

Jawaharlal Nehru Technological University, Kakinada, India - India

NOVEMBER 2022 - PRESENT

Certified in Cybersecurity

(ISC)²

JANUARY 2021 - PRESENT

AWS Certified Solutions Architect

Amazon Web Services

NOVEMBER 2019 - PRESENT

FitSM Foundation

APMG International

JANUARY 2019 - PRESENT

Certified Scrum Master

Scrum Alliance

OCTOBER 2015 - PRESENT

Certified Whitehat Hacker and Penetration tester

Eduonix Learning Solutions

Tools

Terraform, Amazon EKS, Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), Azure Key Vault, Azure Network Security Groups, Kibana, Logstash, ELK (Elastic Stack), Grafana, Jenkins, GitHub, GitLab, VPN

Paradigms

DevOps, DevSecOps, Penetration Testing, Agile, Azure DevOps

Platforms

Amazon Web Services (AWS), Linux, Kubernetes, Azure, Google Cloud Platform (GCP), Docker, Heroku, AWS IoT

Languages

Python, Python 3, Go

Industry Expertise

Cybersecurity

Storage

Azure Active Directory, Elasticsearch

Other

Web App Security, Server Infrastructure, Application Security, Security Automation, AWS Cloud Architecture, CI/CD Pipelines, Web Security, SSL Configurations, IT Security, Computer Engineering, Certified ScrumMaster (CSM), Agile DevOps, Cloud Security, Networking, ISO 27001, Security Testing, Security Architecture, VMware ESXi, Azure Resource Manager (ARM), IT Networking, Security, Data Security, Infrastructure as Code (IaC), Architecture, Beats, Software Development, Electrical Engineering, Prometheus, System-on-a-Chip (SoC), Software Testing Automation Framework (STAF), SIEM, Threat Intelligence, Threat Modeling, Cloud Architecture, Cloud, Networks

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring