Ravi Kiran, Developer in Cambridge, United Kingdom
Ravi is available for hire
Hire Ravi

Ravi Kiran

Verified Expert  in Engineering

DevSecOps Developer

Cambridge, United Kingdom
Toptal Member Since
April 28, 2021

Ravi is a seasoned DevSecOps engineer with a decade of experience in systems administration, DevOps, and security in various business verticals. He uses the latest technologies and best practices to automate and monitor services, applications, and infrastructure in SaaS, PaaS, CaaS, and IaaS. Ravi is known for agility, code quality, and speed of delivery that meet high SLAs and CSI requirements.


Web App Security, Cloud Security, Azure, Amazon Web Services (AWS), DevOps...
Agile DevOps, Application Security, Azure, Amazon Web Services (AWS), DevSecOps...
DevSecOps, DevOps, CI/CD Pipelines, Amazon Web Services (AWS), Docker...




Preferred Environment

Linux, Python 3, Kubernetes, Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP), Web App Security, Azure Kubernetes Service (AKS), Terraform, Security Architecture

The most amazing...

...self-service framework I've created helps developers create PRs with CI/CD for web application firewalls on hybrid cloud infrastructure using Terraform.

Work Experience

DevSecOps Specialist

2017 - 2021
  • Created a security framework that integrates with the CI/CD pipelines, assesses the application and Docker-related vulnerabilities, generates SAST and DAST reports, and suggested mitigations. This was a hybrid cloud project on AWS and Azure.
  • Created a self-service model for developers to add their changes as a Pull Request (PR) to the Gitlab CI tool for making changes to their application firewall rules in the Pulse Secure traffic manager. Changes and states are managed by Terraform.
  • Conducted training sessions on web, platform, and application security to more than 600 employees and deployed a centralized knowledge base for security best practices in code and infrastructure management.
  • Researched the threat response for hybrid and cloud-native environments and vulnerability disclosure policies and tools for SIEM and SOAR and created an SOP in association with the CISO. This was followed by 20+ teams in the organization.
  • Developed ISO27001 and SOC2 compliances directly reporting to the CISO and submitted for compliance certifications.
Technologies: Web App Security, Cloud Security, Azure, Amazon Web Services (AWS), DevOps, DevSecOps, CI/CD Pipelines, Terraform, Penetration Testing, Data Security, Web Security, IT Security, Security, SSL Configurations

Senior Staff Software Engineer - DevOps and Security

2016 - 2017
  • Created secure and automated deployments to hybrid cloud environments containing more than 1,200 VMs in different data centers with zero downtime. Ensured high availability of the applications.
  • Awarded "Managers Choice Award" for performing a security audit and educating colleagues on cloud security and best practices. Leveraged open-source and licensed tools for security testing and audits.
  • Deployed, managed, and monitored intrusion detection systems such as Wazuh and IBM internal security tools for platform security. As in a hybrid cloud project, delivered hands-on configuration in Azure, AWS, and GCP cloud security.
Technologies: Agile DevOps, Application Security, Azure, Amazon Web Services (AWS), DevSecOps, Networking, CI/CD Pipelines, Kubernetes, Data Security, Web Security, IT Security, Security, SSL Configurations

Senior DevOps Engineer

2014 - 2016
  • Assisted several startup clients and performed penetration testing and security audits. Delivered ISO and SOC compliances. Ensured startups got quality and security compliance certifications.
  • Dockerized and migrated the monolithic applications into microservices and used configuration management tools on the hybrid cloud.
  • Synced local LDAP to cloud AD in VMware and Azure.
Technologies: DevSecOps, DevOps, CI/CD Pipelines, Amazon Web Services (AWS), Docker, ISO 27001, System-on-a-Chip (SoC), Web Security, IT Security, Security, Heroku, SSL Configurations

QA and Release Engineer

2012 - 2014
  • Served as an interim leader for the Release Engineering group. Redefined processes and implemented tools for software builds, patch creation, source control, and release tracking and reporting.
  • Delivered performance and security testing of APIs and web and mobile applications using licensed, open-source tools.
  • Developed and implemented automated scripts for testing and release automation of new deliverables in development, QA, UAT, and production-like environments.
Technologies: Software Testing Automation Framework (STAF), Security Testing, Python, SSL Configurations

Deployment and Monitoring Solution for Hybrid Cloud Applications and Infrastructure Security

An integrated solution that deploys infrastructure in the target cloud and deploys tools such as ELK, Wazuh, Grafana, and Prometheus on a Kubernetes cluster created using Terraform. This solution also has scripts in Python and Go to bind different cloud APIs and be cloud-agnostic. This model was built purely with open-source tools. It can be modified to use licensed security and monitoring solutions for enhanced quality and advanced filtering.

Application Security Framework

Built a security framework that includes an integrated solution for threat intelligence, SIEM security and monitoring, log correlation and analysis,
network and host intrusion detection, etc. There was also a knowledge base created and concerned employees were trained on using and identifying new threat patterns and mitigations for the application and infrastructure security.

Integrate Static and Dynamic Scanning and Penetration Testing Tools Into CI/CD

Build a CI/CD solution that scans for static and dynamic application vulnerabilities in the code. The coding languages could be Java, JavaScript, Python, Go, and Ruby. The pipeline is integrated with penetration testing tools and generating reports that show vulnerabilities and exploits, causes, and mitigations. This is a combination of open-source and licensed tools.
2021 - 2022

Postgraduate Program in Cloud Computing

University of Texas at Austin - Austin, Texas, USA

2008 - 2012

Bachelor of Technology Degree in Computer Science and Electrical Engineering

Jawaharlal Nehru Technological University, Kakinada, India - India


Certified in Cybersecurity



AWS Certified Solutions Architect

Amazon Web Services


FitSM Foundation

APMG International


Certified Scrum Master

Scrum Alliance


Certified Whitehat Hacker and Penetration tester

Eduonix Learning Solutions


Terraform, Amazon EKS, Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), Azure Key Vault, Azure Network Security Groups, ELK (Elastic Stack), Grafana, Jenkins, GitHub, GitLab


Amazon Web Services (AWS), Linux, Kubernetes, Azure, Google Cloud Platform (GCP), Docker, Heroku, AWS IoT


DevOps, DevSecOps, Penetration Testing, Agile, Azure DevOps


Python, Python 3, Go

Industry Expertise



Azure Active Directory


Web App Security, Server Infrastructure, Application Security, Security Automation, AWS Cloud Architecture, CI/CD Pipelines, Web Security, SSL Configurations, IT Security, Computer Engineering, Certified ScrumMaster (CSM), Agile DevOps, Cloud Security, Networking, ISO 27001, Security Testing, Security Architecture, VMware ESXi, Azure Resource Manager (ARM), IT Networking, Security, Data Security, Software Development, Electrical Engineering, Prometheus, System-on-a-Chip (SoC), Software Testing Automation Framework (STAF), SIEM, Threat Intelligence, Threat Modeling, Cloud Architecture, Cloud

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.


Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring