Verified Expert in Engineering
Ravi is a seasoned DevSecOps engineer with a decade of experience in systems administration, DevOps, and security in various business verticals. He uses the latest technologies and best practices to automate and monitor services, applications, and infrastructure in SaaS, PaaS, CaaS, and IaaS. Ravi is known for agility, code quality, and speed of delivery that meet high SLAs and CSI requirements.
Linux, Python 3, Kubernetes, Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP), Web App Security, Azure Kubernetes Service (AKS), Terraform, Security Architecture
The most amazing...
...self-service framework I've created helps developers create PRs with CI/CD for web application firewalls on hybrid cloud infrastructure using Terraform.
- Created a security framework that integrates with the CI/CD pipelines, assesses the application and Docker-related vulnerabilities, generates SAST and DAST reports, and suggested mitigations. This was a hybrid cloud project on AWS and Azure.
- Created a self-service model for developers to add their changes as a Pull Request (PR) to the Gitlab CI tool for making changes to their application firewall rules in the Pulse Secure traffic manager. Changes and states are managed by Terraform.
- Conducted training sessions on web, platform, and application security to more than 600 employees and deployed a centralized knowledge base for security best practices in code and infrastructure management.
- Researched the threat response for hybrid and cloud-native environments and vulnerability disclosure policies and tools for SIEM and SOAR and created an SOP in association with the CISO. This was followed by 20+ teams in the organization.
- Developed ISO27001 and SOC2 compliances directly reporting to the CISO and submitted for compliance certifications.
Senior Staff Software Engineer - DevOps and Security
- Created secure and automated deployments to hybrid cloud environments containing more than 1,200 VMs in different data centers with zero downtime. Ensured high availability of the applications.
- Awarded "Managers Choice Award" for performing a security audit and educating colleagues on cloud security and best practices. Leveraged open-source and licensed tools for security testing and audits.
- Deployed, managed, and monitored intrusion detection systems such as Wazuh and IBM internal security tools for platform security. As in a hybrid cloud project, delivered hands-on configuration in Azure, AWS, and GCP cloud security.
Senior DevOps Engineer
- Assisted several startup clients and performed penetration testing and security audits. Delivered ISO and SOC compliances. Ensured startups got quality and security compliance certifications.
- Dockerized and migrated the monolithic applications into microservices and used configuration management tools on the hybrid cloud.
- Synced local LDAP to cloud AD in VMware and Azure.
QA and Release Engineer
- Served as an interim leader for the Release Engineering group. Redefined processes and implemented tools for software builds, patch creation, source control, and release tracking and reporting.
- Delivered performance and security testing of APIs and web and mobile applications using licensed, open-source tools.
- Developed and implemented automated scripts for testing and release automation of new deliverables in development, QA, UAT, and production-like environments.
Deployment and Monitoring Solution for Hybrid Cloud Applications and Infrastructure Security
Application Security Framework
network and host intrusion detection, etc. There was also a knowledge base created and concerned employees were trained on using and identifying new threat patterns and mitigations for the application and infrastructure security.
Integrate Static and Dynamic Scanning and Penetration Testing Tools Into CI/CD
DevOps, DevSecOps, Penetration Testing, Agile, Azure DevOps
Amazon Web Services (AWS), Linux, Kubernetes, Azure, Google Cloud Platform (GCP), Docker, Heroku, AWS IoT
Web App Security, Server Infrastructure, Application Security, Security Automation, AWS Cloud Architecture, CI/CD Pipelines, Web Security, SSL Configurations, IT Security, Computer Engineering, Certified ScrumMaster (CSM), Agile DevOps, Cloud Security, Networking, ISO 27001, Security Testing, Security Architecture, VMware ESXi, Azure Resource Manager (ARM), IT Networking, Security, Data Security, Software Development, Electrical Engineering, Prometheus, System-on-a-Chip (SoC), Software Testing Automation Framework (STAF), SIEM, Threat Intelligence, Threat Modeling, Cloud Architecture, Cloud
Python, Python 3, Go
Terraform, Amazon EKS, Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), Azure Key Vault, Azure Network Security Groups, ELK (Elastic Stack), Grafana, Jenkins, GitHub, GitLab
Azure Active Directory
Postgraduate Program in Cloud Computing
University of Texas at Austin - Austin, Texas, USA
Bachelor of Technology Degree in Computer Science and Electrical Engineering
Jawaharlal Nehru Technological University, Kakinada, India - India
Certified in Cybersecurity
AWS Certified Solutions Architect
Amazon Web Services
Certified Scrum Master
Certified Whitehat Hacker and Penetration tester
Eduonix Learning Solutions