a Randstad company

Cloud Security | DevSecOps |AWS | Azure DevOps | GCP| Terraform | Kubernetes

Profil
Top-Skills
AWS Terraform Kubernetes Azure GCP GitlabCI Docker bash Python Ansible Flux PowerShell CircleCI CI/CD Cloud DevOps DevSecOps Cloud-Native GitOps IT-Sicherheitsarchitektur
Verfügbar ab
01.04.2023
Aktuell verfügbar - Der Experte steht für neue Projektangebote zur Verfügung.
Verfügbar zu
100%
davon vor Ort
0%
Einsatzorte

PLZ-Gebiete
Länder
Ganz Deutschland, Österreich, Schweiz
Remote-Arbeit
möglich
Art des Profiles
Freiberufler / Selbstständiger
Der Experte ist als Einzelperson freiberuflich oder selbstständig tätig.

2 Jahre 6 Monate

2020-10

2023-03

Cloud Infrastructure and Security Automation Project

Senior DevSecOps Engineer AWS Terraform Kubernetes ...
Rolle
Senior DevSecOps Engineer
Projektinhalte
  • Designed and built from scratch AWS environments for dev, staging and prod using Terraform.
  • Configured CircleCI pipelines for Docker build and Terraform deployment automation.
  • Scripting with Python (boto3), Bash and Powershell for Lambda functions and userdata scripts.
  • Deployed and managing EKS Clusters, ECR, RDS, DynamoDB, CloudFront, ACM, Route53 & WAF.
  • Automated deployments to Kubernetes with GitOps using Flux and Helm.
  • Implemented AWS Single Sign-On (SSO), IAM, OAuth, Cognito, and Hashicorp Vault for SAML identity federation, management, authentication and secrets storage.
  • Configuring Palo Alto Firewalls with Ansible, and IPSec VPNs, BGP and Transit Gateway route tables for secure connectivity between Cloud and on-premise networks.
  • Ensuring SRE with autoscaling, read-replicas, automated backups for DR and monitoring with CloudWatch and Instana.
Kenntnisse
AWS Terraform Kubernetes Docker DevSecOps Python PowerShell Ansible
Kunde
Trisor GmbH
Einsatzort
Berlin
6 Monate

2022-07

2022-12

Container Security Project

DevSecOps Consultant DevSecOps Azure DevOps Aqua ...
Rolle
DevSecOps Consultant
Projektinhalte

Evaluated current and alternative solutions for SAST, DAST, IAST, SCA and container security by comparing tools such as SonarQube, NetSparker, NexusIQ and Aqua, against Veracode, Checkmarx, Synopsys, and Synk.
Conducted workshops for application teams to assess their implementation of container security and worked with them to reduce the overall organizational container security vulnerabilities by 28%.
Reviewed Dockerfiles and Azure DevOps build pipelines for the implementation of container security best practices.
Scanned container images for vulnerabilities in applications and third-party libraries with Aqua.
Provided recommendations for updating base images to minor releases of less vulnerable ones based on CVSS scores.
Investigated application security standards such as OWASP Application Security Verification Standard (ASVS), SANS Security Web Application Technologies (SWAT) Checklist, and the NIST Secure Software Development Framework (SSDF) for mapping against DevSecOps security tools.

Kenntnisse
DevSecOps Azure DevOps Aqua Docker Kubernetes Security Engineering
Kunde
Swiss Re
Einsatzort
Zürich
4 Monate

2021-10

2022-01

Kubernetes Security Project

Kubernetes Security Expert Kubernetes Docker Cloud-Native ...
Rolle
Kubernetes Security Expert
Projektinhalte

  • Performed security audits on EKS clusters to identify issues relating

    to cluster, node and application security.

  • Reviewed AWS IRSA authentication, Kubernetes cluster RBAC

    Roles, RoleBindings, Service Accounts, Signed Certificate holders

    and ConfigMaps.

  • Investigated container runtime security, mutating and validating

    webhooks, admission controllers, network policies, privileged access

    and security contexts.

  • Evaluated security of the DevOps lifecycle, CI/CD deployment

    pipelines, Helm charts and supply chain security.

    Proposed an implementation of OPA Gatekeeper Admission

    Controller and OPA agents for whitelisting of container registries

  • Performed automated cluster security assessments with Falco,

    Kubescape, and Kube-bench tools against CIS Benchmarks.

  • Proposed an implementation of security best practises in

    Kubernetes for cluster access control, image and container

    vulnerability scanning, and audit logging.

  • Deployed Conftest for static analysis of Dockerfiles and Kubernetes

    YAML manifests, and writing rules using rego commands

  • Proposed an implementation of hardened docker images for Debian

    and Alpine.

Produkte
E-Commerce
Kenntnisse
Kubernetes Docker Cloud-Native DevSecOps Security Architecture AWS
Kunde
About You GmbH
Einsatzort
Hamburg
1 Jahr 8 Monate

2019-05

2020-12

Hybrid Cloud Architecture Design and Security automation

Cloud Security Lead AWS Azure GitLab ...
Rolle
Cloud Security Lead
Projektinhalte
  • Designed cloud architecture and event-driven security on the Nokia Hybrid Cloud (AWS & Azure).
  • Performed CI / CD data builds, and cloud automation with GitLab CI, Terraform and Python scripts.
  • Managed PrivateLinks, VPC / VNet Peering, TGW and DX links on the Nokia Internal Network.
  • Managed IAM service role creation, federated logins, cross-account access and alarm configs.
  • Managed cloud security with AWS Security Hub, GuardDuty, Inspector and Azure Security Center.
  • Performed Hybrid Cloud services consulting, security assessments and compliance audits.
Kenntnisse
AWS Azure GitLab Terraform
Kunde
Nokia Solutions & Networks
Einsatzort
Accra, Ghana
2 Jahre 6 Monate

2016-12

2019-05

Providing managed cloud services

Cloud Operations Engineer
Rolle
Cloud Operations Engineer
Projektinhalte

  • Providing managed cloud services for customers on the Nokia Worldwide IoT Network Grid (WING)
  • Supported cloud migration and on-boarding of customer VNFs and applications
  • Monitored Telco Cloud infrastructure (OpenStack, VMware, KVM) with Zabbix, Nagios and Ganglia
  • Performing incident management and resolution of customer trouble tickets through Nokia GDC

Kunde
Nokia Solutions & Networks
Einsatzort
Accra, Ghana
2 Jahre 8 Monate

2014-04

2016-11

Alcatel-Lucent SPOC

Network Security Engineer
Rolle
Network Security Engineer
Projektinhalte

  • Alcatel-Lucent SPOC for infosec management and design on the NITA e-Government Project
  • Managed ArcSight SIEM, TippingPoint IPS, Radware WAFs and Mail Filters, and HP Firewalls
  • Initialized, lead and coordinated project security requirements of risk assessments, audits, security policies, acceptance testing, business continuity and crisis management planning

Kunde
Alcatel-Lucent (Nokia)
Einsatzort
Accra, Ghana
1 Jahr

2013-05

2014-04

Provided MPLS backbone support

Senior Network Engineer
Rolle
Senior Network Engineer
Projektinhalte

  • Provided MPLS backbone support as part of a 24/7 NOC team for customer wide area networks
  • Managed Point-to-Point (PTP) links, 4G Radio, WiMAX, LTE and VSAT satellite transmissions
  • Monitored network performance and KPIs with PRTG, Cacti, Solarwinds and WhatsUp Gold tools
  • Conducted failover to DR and Business Continuity Process (BCP) tests on the NOC infrastructure

Kunde
STL Group
Einsatzort
Accra, Ghana
Nokia Analytics, Virtualization & Automation (AVA) | Azure Migration Project


Customer: Nokia Solutions & Networks


Tasks:

  • Migration of Nokia's Cognitive Services AI Analytics and Machine Learning platform to Azure PaaS
  • This project included securing of the GitLab DevOps CI/CD pipeline, reviewing of Terraform templates, and the migration of workloads to Azure Kubernetes Service (AKS), Container Registry, HDInsights, and Azure SQL Database for deployment on staging and production
  • This service helps customers maximize their network & operational performance and quality of end-user experience

Nokia WING IoT Project


Customer: Nokia Solutions & Networks, Amsterdam & Frankfurt


Tasks:

  • Nokia?s Wordwide IoT Network Grid (WING) is a managed IoT service that offers operators the ability to support their enterprise customers with global IoT connectivity across borders and technologies
  • This as-as-service solution eliminates business and technology complexity for fast time to market for operators providing IoT sensors, user applications and business models suited to specific sectors

Nokia G-Cloud GCEP | ANPTIC, Government of Burkina Faso


Customer: Nokia Solutions & Networks


Tasks:

  • Provisioning of a Government Cloud Enablement Platform (G-CEP) for the National Agency for the Promotion of ICT (ANPTIC) in Ouagadougou, Burkina Faso
  • This project included the implementation of a Government Distributed Cloud Infrastructure (IaaS), an Open Government Environment (PaaS), and Government Enabler Applications (SaaS) to provide for e-Health, e-Learning and e-Government

National Information Technology Agency | NITA e-Gov Project


Customer: Alcatel-Lucent (Nokia)


Tasks:

  • Provisioning of end-to-end Managed Services for the National Information Technology Agency (NITA), Ministry of Communications in the management of nationwide e-Government infrastructure in Ghana.
  • This project extended the national backbone infrastructure to all districts in the country, provided a national data centre, a secondary data centre for DR capability, and ultimately connected all public institutions (MDAs and MMDAs) to a single shared communications and computing infrastructure

PCI DSS Compliance Project | CalBank Limited


Customer: Security Architectural Consult


Tasks:

  • Consulted and provided advisory services for CalBank?s PCI DSS compliance certification in Ghana
  • This project included the delivery and implementation of the AlienVault USM (SIEM), Symantec Data Loss Prevention (DLP) solution, McAfee Database Activity Monitoring (DAM) security suite and network segmentation of the bank?s cardholder data environment (CDE)

3 Jahre 11 Monate

2007-08

2011-06

Bachelor of Science (BSc.) Computer Science

Kwame Nkrumah University of Science and Technology
Institution, Ort
Kwame Nkrumah University of Science and Technology
Certification

2020-08 - 2020-08

  • AWS Certified Solutions Architect - Professional
  • Microsoft Certified Azure Administrator - Associate


2020-07 - 2020-07

Microsoft Certified Azure Solutions Architect - Expert


2020-06 - 2020-06

Microsoft Certified Azure Security Engineer - Associate


2020-04 - 2020-04

AWS Certified Advanced Networking - Specialty


2019-06 - 2019-06

AWS Certified Security - Specialty


2019-05 - 2019-05

AWS Certified Developer - Associate


2019-04 - 2019-04

AWS Certified Solutions Architect - Associate


2016-09 - 2016-09

Certified Ethical Hacker (CEH)


2016-08 - 2016-08

Certified Information Systems Auditor (CISA)


2016-07 - 2016-07

Certified Information Systems Security Professional (CISSP)


2013-04 - 2013-04

ITIL Foundation


Languages German

  • Goethe Zertifikat B2
  • Zertifikat Deutch B1

Cloud Security / DevSecOps / DevOps / Cloud Architect / Cloud Engineer / Cloud Migration / Security Architect / Independent Consultant

English British Council IELTS 8.0
German B2, B1

Top Skills
AWS Terraform Kubernetes Azure GCP GitlabCI Docker bash Python Ansible Flux PowerShell CircleCI CI/CD Cloud DevOps DevSecOps Cloud-Native GitOps IT-Sicherheitsarchitektur
Produkte / Standards / Erfahrungen / Methoden
Profile

A Hybrid and Multi-Cloud (AWS/Azure/GCP) Solutions Architect with expertise in DevSecOps, container security, CI/CD pipelines, Kubernetes and cloud automation using Terraform. I have experience providing innovative Managed Security and Cloud-based solutions for Start-Up, Government and Enterprise.


Internship

2013-02 - 2013-03

Role: Intern

Customer: EY Ghana, Accra, Ghana


Tasks:

  • Performed IS Audits for client companies to support EY's assurance financial statements
  • Used IT general controls (ITGCs) and application controls to perform security reviews and assurance


Skills:

  • Linux
  • Python
  • Bash Scripting
  • Networking
  • Docker
  • Kubernetes
  • Terraform
  • SIEM
  • Incident Response
  • Security Auditing
  • PenTesting
  • GitLab/CircleCi
  • AWS/Azure/GCP
  • OpenStack


Personality

  • Team Player
  • Creativity
  • Goal Oriented
  • Communication
  • Leadership
  • Innovation
  • Analysis
  • Time Management

References gladly on request
Ihr Kontakt zu Gulp

Fragen? Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Jetzt bei GULP Direkt registrieren und Freelancer kontaktieren