Ravi Kiran, DevSecOps Developer in Cambridge, United Kingdom
Ravi Kiran

DevSecOps Developer in Cambridge, United Kingdom

Member since April 28, 2021
Ravi is a seasoned DevSecOps engineer with a decade of experience in systems administration, DevOps, and security in various business verticals. He uses the latest technologies and best practices to automate and monitor services, applications, and infrastructure in SaaS, PaaS, CaaS, and IaaS. Ravi is known for agility, code quality, and speed of delivery that meet high SLAs and CSI requirements.
Ravi is now available for hire

Portfolio

  • EMBL
    Web App Security, Cloud Security, Azure, AWS, DevOps, DevSecOps...
  • IBM
    Agile DevOps, Application Security, Azure, AWS, DevSecOps, Networking...
  • TEKsystems
    DevSecOps, DevOps, CI/CD Pipelines, AWS, Docker, ISO 27001, SoC

Experience

  • Linux 9 years
  • Server Infrastructure 8 years
  • Application Security 8 years
  • AWS 6 years
  • DevSecOps 6 years
  • Cloud Security 5 years
  • Kubernetes 5 years
  • Azure 4 years

Location

Cambridge, United Kingdom

Availability

Part-time

Preferred Environment

Linux, Python 3, Kubernetes, Azure, AWS, Google Cloud Platform (GCP), Web App Security, Azure Kubernetes Service (AKS), Terraform, Security Architecture

The most amazing...

...self-service framework I've created helps developers create PRs with CI/CD for web application firewalls on hybrid cloud infrastructure using Terraform.

Employment

  • DevSecOps Specialist

    2017 - 2021
    EMBL
    • Created a security framework that integrates with the CI/CD pipelines, assesses the application and Docker-related vulnerabilities, generates SAST and DAST reports, and suggested mitigations. This was a hybrid cloud project on AWS and Azure.
    • Created a self-service model for developers to add their changes as a Pull Request (PR) to the Gitlab CI tool for making changes to their application firewall rules in the Pulse Secure traffic manager. Changes and states are managed by Terraform.
    • Conducted training sessions on web, platform, and application security to more than 600 employees and deployed a centralized knowledge base for security best practices in code and infrastructure management.
    • Researched the threat response for hybrid and cloud-native environments and vulnerability disclosure policies and tools for SIEM and SOAR and created an SOP in association with the CISO. This was followed by 20+ teams in the organization.
    • Developed ISO27001 and SOC2 compliances directly reporting to the CISO and submitted for compliance certifications.
    Technologies: Web App Security, Cloud Security, Azure, AWS, DevOps, DevSecOps, CI/CD Pipelines, Terraform, Penetration Testing
  • Senior Staff Software Engineer - DevOps and Security

    2016 - 2017
    IBM
    • Created secure and automated deployments to hybrid cloud environments containing more than 1,200 VMs in different data centers with zero downtime. Ensured high availability of the applications.
    • Awarded "Managers Choice Award" for performing a security audit and educating colleagues on cloud security and best practices. Leveraged open-source and licensed tools for security testing and audits.
    • Deployed, managed, and monitored intrusion detection systems such as Wazuh and IBM internal security tools for platform security. As in a hybrid cloud project, delivered hands-on configuration in Azure, AWS, and GCP cloud security.
    Technologies: Agile DevOps, Application Security, Azure, AWS, DevSecOps, Networking, CI/CD Pipelines, Kubernetes
  • Senior DevOps Engineer

    2014 - 2016
    TEKsystems
    • Assisted several startup clients and performed penetration testing and security audits. Delivered ISO and SOC compliances. Ensured startups got quality and security compliance certifications.
    • Dockerized and migrated the monolithic applications into microservices and used configuration management tools on the hybrid cloud.
    • Synced local LDAP to cloud AD in VMware and Azure.
    Technologies: DevSecOps, DevOps, CI/CD Pipelines, AWS, Docker, ISO 27001, SoC
  • QA and Release Engineer

    2012 - 2014
    Zycus
    • Served as an interim leader for the Release Engineering group. Redefined processes and implemented tools for software builds, patch creation, source control, and release tracking and reporting.
    • Delivered performance and security testing of APIs and web and mobile applications using licensed, open-source tools.
    • Developed and implemented automated scripts for testing and release automation of new deliverables in development, QA, UAT, and production-like environments.
    Technologies: Software Testing Automation Framework (STAF), Security Testing, Python, Shell

Experience

  • Deployment and Monitoring Solution for Hybrid Cloud Applications and Infrastructure Security

    An integrated solution that deploys infrastructure in the target cloud and deploys tools such as ELK, Wazuh, Grafana, and Prometheus on a Kubernetes cluster created using Terraform. This solution also has scripts in Python and Go to bind different cloud APIs and be cloud-agnostic. This model was built purely with open-source tools. It can be modified to use licensed security and monitoring solutions for enhanced quality and advanced filtering.

  • Application Security Framework

    Built a security framework that includes an integrated solution for threat intelligence, SIEM security and monitoring, log correlation and analysis,
    network and host intrusion detection, etc. There was also a knowledge base created and concerned employees were trained on using and identifying new threat patterns and mitigations for the application and infrastructure security.

  • Integrate Static and Dynamic Scanning and Penetration Testing Tools Into CI/CD

    Build a CI/CD solution that scans for static and dynamic application vulnerabilities in the code. The coding languages could be Java, JavaScript, Python, Go, and Ruby. The pipeline is integrated with penetration testing tools and generating reports that show vulnerabilities and exploits, causes, and mitigations. This is a combination of open-source and licensed tools.

Skills

  • Paradigms

    DevOps, DevSecOps, Penetration Testing, Agile
  • Other

    AWS, Web App Security, Server Infrastructure, Application Security, Security Automation, AWS Cloud Architecture, CI/CD Pipelines, Secure Web Development, Computer Engineering, Certified ScrumMaster (CSM), Agile DevOps, Cloud Security, Networking, ISO 27001, Security Testing, Security Architecture, VMware ESXi, Azure Resource Manager (ARM), IT Networking, Software Development, Electrical Engineering, Prometheus, SoC, Software Testing Automation Framework (STAF), SIEM, Threat Intelligence, Threat Modeling, Cloud Architecture
  • Languages

    Python, Python 3, Go
  • Tools

    Terraform, Amazon EKS, Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), Azure Key Vault, Azure Network Security Groups, ELK (Elastic Stack), Grafana, Jenkins, GitHub, GitLab
  • Platforms

    Linux, Kubernetes, Azure, Google Cloud Platform (GCP), Docker
  • Industry Expertise

    IT Security, Cybersecurity, Security
  • Storage

    Azure Active Directory

Education

  • Bachelor of Technology Degree in Computer Science and Electrical Engineering
    2008 - 2012
    Jawaharlal Nehru Technological University, Kakinada, India - India

Certifications

  • AWS Certified Solutions Architect
    JANUARY 2021 - PRESENT
    Amazon Web Services
  • FitSM Foundation
    NOVEMBER 2019 - PRESENT
    APMG International
  • Certified Scrum Master
    JANUARY 2019 - PRESENT
    Scrum Alliance
  • Certified Whitehat Hacker and Penetration tester
    OCTOBER 2015 - PRESENT
    Eduonix Learning Solutions

To view more profiles

Join Toptal
Share it with others