Rupert Bryant-Greene, Developer in Wellington, New Zealand
Rupert is available for hire
Hire Rupert

Rupert Bryant-Greene

Verified Expert  in Engineering

DevOps Engineer and Cybersecurity Developer

Location
Wellington, New Zealand
Toptal Member Since
October 23, 2019

Rupert delivers success in DevOps and cybersecurity. With 10+ years of experience in freelance IT, he's worked with leading SaaS, financial software, banking, and transport companies, from small startups to large enterprises. Rupert has significant experience with AWS, from managing a large AWS organization to building continuously deployed applications. He also integrates threat modeling and risk assessments into agile and lean workflows.

Portfolio

Toyota Research Institute Advanced Development
Amazon Web Services (AWS), Terraform
Kmart Australia
Amazon Web Services (AWS), Network Architecture, API Architecture...
Bank of New Zealand
Amazon Web Services (AWS), Jira, AWS CloudFormation, Python, DevSecOps...

Experience

Availability

Part-time

Preferred Environment

Amazon Web Services (AWS), Python, DevSecOps, DevOps, GitHub Actions, Amazon Elastic Container Service (Amazon ECS), AWS CloudFormation, JavaScript, Content Delivery Networks (CDN), Web Application Firewall (WAF)

The most amazing...

...product I've built is a privileged access management system for a major SaaS company. The system is still in use today.

Work Experience

AWS Security Engineer (via Toptal)

2021 - 2021
Toyota Research Institute Advanced Development
  • Deployed automation to deliver just-in-time access across a massive AWS IAM Identity Center (SSO) deployment designed to scale to thousands of accounts.
  • Designed and implemented the IAM controls to fit the security and usability requirements.
  • Contributed to the custom IAM policy feature that was well-received, with developers quickly adopting it to grant custom access to peers in their own AWS accounts.
Technologies: Amazon Web Services (AWS), Terraform

Principal Cloud Architect (via Toptal)

2021 - 2021
Kmart Australia
  • Worked across the business and engaged with engineering, architecture, security, and management teams to design a future-state architecture for the use of AWS, with a specific focus on internal customer experience.
  • Developed state-of-the-art patterns for networking, SaaS integration, and application architectures.
  • Introduced and supported security teams with AWS native tooling that improves visibility of security compliance in the cloud.
Technologies: Amazon Web Services (AWS), Network Architecture, API Architecture, Web Architecture, Cloud, Identity & Access Management (IAM), Linux, DevOps, Amazon S3 (AWS S3), AWS CloudFormation, Redis, GitHub Actions

Cybersecurity Consultant

2019 - 2021
Bank of New Zealand
  • Developed a vulnerability management approach for the use of AWS.
  • Completed risk assessments and worked with a team to deliver projects onto AWS securely.
  • Assessed architecture submissions to design the governance committee for security designs.
Technologies: Amazon Web Services (AWS), Jira, AWS CloudFormation, Python, DevSecOps, Identity & Access Management (IAM), Linux, DevOps, GitHub, Amazon S3 (AWS S3)

DevOps Consultant

2017 - 2021
Evnex
  • Migrated an entire AWS environment to multi-account design with separate development, test, and production accounts.
  • Built and supported back-end applications. Rebuilt deployment to utilize a functional and extendable CI/CD design.
  • Assisted newcomers to build and understand systems so that they could take the company further.
Technologies: Amazon Web Services (AWS), Cloud, Amazon Cognito, Docker, Amazon DynamoDB, JavaScript, DevSecOps, Identity & Access Management (IAM), Linux, Node.js, DevOps, Python, React, Amazon S3 (AWS S3), AWS CloudFormation, Redis

Team Lead — Security Engineering

2017 - 2019
Xero
  • Developed access management software with workflow automation and privileged access control for AWS on AWS.
  • Led the security engineering teams, consulting heavily with architecture teams to develop best practices and up-skill others to understand and lead themselves.
  • Rebuilt four critical pipelines for deploying critical infrastructure from Jenkins onto AWS CodePipeline in a month.
  • Assessed the information quickly and pinpointed the issue of a lengthy outage to have global service resolved.
Technologies: Amazon Web Services (AWS), Docker, AWS Key Management Service (KMS), Identity & Access Management (IAM), JavaScript, Check Point, Akamai, Imperva Incapsula, Python, DevSecOps, Linux, Node.js, DevOps, React, Amazon S3 (AWS S3), AWS CloudFormation

OCPP EV Charging Back End

https://www.evnex.com
Working with EVNEX, a Christchurch-based electric vehicle charging startup, Rupert built an Open Charge Point Protocol-compliant back-end solution that utilizes WebSockets to communicate with charge points, has current load balancing functionality and runs in containers on AWS. Rupert wrote the software, pipeline, and infrastructure automation for the project, which makes up the core offering of EVNEX.

Xero - Platform Access Control Manager

https://tinyurl.com/y3khuucl
Rupert built, deployed, and maintained the security infrastructure that protects Xero. This includes web application firewalls, content delivery and caching, and identity and access management.

He built a containerized, privileged access control system on AWS during this time.

Rupert presented at an AWS Summit in Sydney at the invitation of AWS to discuss secrets management, identity and access management, and what was being built at Xero.

Vineyard - AWS Root Account Management

Managing a hundred AWS accounts can be challenging. During his time at Xero, Rupert built an electron-based desktop application to make it easier for engineers to manage AWS root accounts while keeping security the top priority.

After leaving Xero, Vineyard became a staple part of the identity and access to the team's workflow.

HeyCaller - Visual Voicemail

New Zealand lacked a visual voicemail provider, so Rupert built HeyCaller, a web service that replaces your existing voicemail service, with features like voicemail-to-email and voicemail sharing. Preview access will be available soon.

YES3 - Event-driven S3 Bucket Security

https://github.com/rupertbg/YES3
Public S3 Buckets are among the most common data ex-filtration vectors of recent times. To avoid S3 Buckets becoming public unexpectedly, Rupert wrote an event-driven Lambda that will monitor and automatically remediate non-compliant buckets according to a supplied YAML policy.

Wireguard on AWS

https://github.com/rupertbg/aws-wireguard-linux
Wireguard is a state-of-the-art VPN created by Edge Security LLC. After needing to run Wireguard on AWS, Rupert wrote an open-sourced architecture for deploying Wireguard with auto-scaling and load-balancing on AWS.

AWS Cloud Directory IDE

https://github.com/rupertbg/aws-cloud-directory-ui
After needing to work with AWS Cloud Directory heavily for building an authorization database, Rupert found a need for a visual development environment for the GUI-less AWS. The Cloud Directory IDE is available on Github pages for free and allows developers to iterate quickly on AWS Cloud Directory.
AUGUST 2018 - AUGUST 2021

AWS Security – Specialty

AWS

FEBRUARY 2017 - FEBRUARY 2020

AWS SysOps Administrator – Associate

AWS

FEBRUARY 2017 - FEBRUARY 2020

AWS Solutions Architect – Associate

AWS

Libraries/APIs

Node.js, jQuery, React

Tools

AWS CloudFormation, AWS Key Management Service (KMS), Amazon Cognito, Amazon Elastic Container Service (Amazon ECS), AWS ELB, Amazon EBS, Amazon Elastic Container Registry (ECR), AWS SDK, AWS CodeBuild, GitHub, Jira, Xero, WireGuard, Terraform, AWS IAM, Amazon Virtual Private Cloud (VPC)

Frameworks

Express.js, Flask, Electron

Languages

Python, JavaScript, SAML, TypeScript, Ruby

Paradigms

Web Architecture, DevOps, DevSecOps, API Architecture, Agile, Functional Programming

Platforms

Docker, Amazon EC2, Amazon Web Services (AWS), Linux, AWS Lambda, Windows Server, Azure, Imperva Incapsula, Twilio

Storage

Amazon S3 (AWS S3), Redis, NoSQL, Amazon DynamoDB, Graph Databases

Other

Security, Identity & Access Management (IAM), APIs, AWS CodePipeline, GitHub Actions, Content Delivery Networks (CDN), Web Application Firewall (WAF), Network Architecture, Risk Assessment, Threat Modeling, Akamai, Web Security, OAuth, Check Point, Cloud, Cryptography, AWS WAF, Amazon API Gateway

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring