Ravi Kiran
Verified Expert in Engineering
DevSecOps Engineer and Developer
Cambridge, United Kingdom
Toptal member since April 28, 2021
Ravi is a seasoned DevSecOps engineer with a decade of experience in systems administration, DevOps, and security in various business verticals. He uses the latest technologies and best practices to automate and monitor services, applications, and infrastructure in SaaS, PaaS, CaaS, and IaaS. Ravi is known for agility, code quality, and speed of delivery that meet high SLAs and CSI requirements.
Portfolio
Experience
Availability
Preferred Environment
Linux, Python 3, Kubernetes, Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP), Web App Security, Azure Kubernetes Service (AKS), Terraform, Security Architecture
The most amazing...
...self-service framework I've created helps developers create PRs with CI/CD for web application firewalls on hybrid cloud infrastructure using Terraform.
Work Experience
Platform Cloud Security Engineer
Commonwealth Financial Network - Information Security
- Created Terraform code to automate security configurations for new landing zones built with infrastructure as code (IaC) in Azure and AWS platforms.
- Achieved over 80% compliance and security scores for new and existing cloud resources.
- Helped build the purple team and created standard operating procedures (SOPs) for security operations and purple teaming.
- Improved the data security posture by implementing data encryption at rest, in transit, and in use with CMKs.
DevSecOps Specialist
EMBL
- Created a security framework that integrates with the CI/CD pipelines, assesses the application and Docker-related vulnerabilities, generates SAST and DAST reports, and suggested mitigations. This was a hybrid cloud project on AWS and Azure.
- Created a self-service model for developers to add their changes as a Pull Request (PR) to the Gitlab CI tool for making changes to their application firewall rules in the Pulse Secure traffic manager. Changes and states are managed by Terraform.
- Conducted training sessions on web, platform, and application security to more than 600 employees and deployed a centralized knowledge base for security best practices in code and infrastructure management.
- Researched the threat response for hybrid and cloud-native environments and vulnerability disclosure policies and tools for SIEM and SOAR and created an SOP in association with the CISO. This was followed by 20+ teams in the organization.
- Developed ISO27001 and SOC2 compliances directly reporting to the CISO and submitted for compliance certifications.
Senior Staff Software Engineer - DevOps and Security
IBM
- Created secure and automated deployments to hybrid cloud environments containing more than 1,200 VMs in different data centers with zero downtime. Ensured high availability of the applications.
- Awarded "Managers Choice Award" for performing a security audit and educating colleagues on cloud security and best practices. Leveraged open-source and licensed tools for security testing and audits.
- Deployed, managed, and monitored intrusion detection systems such as Wazuh and IBM internal security tools for platform security. As in a hybrid cloud project, delivered hands-on configuration in Azure, AWS, and GCP cloud security.
Senior DevOps Engineer
TEKsystems
- Assisted several startup clients and performed penetration testing and security audits. Delivered ISO and SOC compliances. Ensured startups got quality and security compliance certifications.
- Dockerized and migrated the monolithic applications into microservices and used configuration management tools on the hybrid cloud.
- Synced local LDAP to cloud AD in VMware and Azure.
QA and Release Engineer
Zycus
- Served as an interim leader for the Release Engineering group. Redefined processes and implemented tools for software builds, patch creation, source control, and release tracking and reporting.
- Delivered performance and security testing of APIs and web and mobile applications using licensed, open-source tools.
- Developed and implemented automated scripts for testing and release automation of new deliverables in development, QA, UAT, and production-like environments.
Experience
Deployment and Monitoring Solution for Hybrid Cloud Applications and Infrastructure Security
Application Security Framework
network and host intrusion detection, etc. There was also a knowledge base created and concerned employees were trained on using and identifying new threat patterns and mitigations for the application and infrastructure security.
Integration of Static and Dynamic Scanning and Penetration Testing Tools into CI/CD
Education
Postgraduate Program in Cloud Computing
University of Texas at Austin - Austin, Texas, USA
Bachelor of Technology Degree in Computer Science and Electrical Engineering
Jawaharlal Nehru Technological University, Kakinada, India - India
Certifications
Certified in Cybersecurity
(ISC)²
AWS Certified Solutions Architect
Amazon Web Services
FitSM Foundation
APMG International
Certified Scrum Master
Scrum Alliance
Certified Whitehat Hacker and Penetration tester
Eduonix Learning Solutions
Skills
Tools
Terraform, Amazon EKS, Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), Azure Key Vault, Azure Network Security Groups, Kibana, Logstash, ELK (Elastic Stack), Grafana, Jenkins, GitHub, GitLab, VPN
Paradigms
DevOps, DevSecOps, Penetration Testing, Agile, Azure DevOps
Platforms
Amazon Web Services (AWS), Linux, Kubernetes, Azure, Google Cloud Platform (GCP), Docker, Heroku, AWS IoT
Languages
Python, Python 3, Go
Industry Expertise
Cybersecurity
Storage
Azure Active Directory, Elasticsearch
Other
Web App Security, Server Infrastructure, Application Security, Security Automation, AWS Cloud Architecture, CI/CD Pipelines, Web Security, SSL Configurations, IT Security, Computer Engineering, Certified ScrumMaster (CSM), Agile DevOps, Cloud Security, Networking, ISO 27001, Security Testing, Security Architecture, VMware ESXi, Azure Resource Manager (ARM), IT Networking, Security, Data Security, Infrastructure as Code (IaC), Architecture, Beats, Software Development, Electrical Engineering, Prometheus, System-on-a-Chip (SoC), Software Testing Automation Framework (STAF), SIEM, Threat Intelligence, Threat Modeling, Cloud Architecture, Cloud, Networks
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring