Freelancer: Cloud Security | DevSecOps | AWS | Azure DevOps | GCP | Terraform | Kubernetes

Freiberufler / Selbstst�ndiger

Remote-Arbeit

Verf�gbar ab: 02.12.2025

Verf�gbar zu: 100%

davon vor Ort: 100%

Top-Skills

AWS

Terraform

Kubernetes

Azure

GCP

GitlabCI

Docker

bash

Python

Ansible

Flux

PowerShell

CircleCI

CI/CD

Cloud

DevOps

DevSecOps

Cloud-Native

GitOps

IT-Sicherheitsarchitektur

Sprachen

English

German

Einsatzorte

L�nder

Deutschland, Schweiz, �sterreich

Remote-Arbeit

m�glich

Projekte

8 Monate

2025-01 - 2025-08

Security assessment and migration strategy

Cybersecurity Consultant

Rolle

Cybersecurity Consultant

Projektinhalte

Led the security assessment and migration strategy of Lufthansa Group?s global web infrastructure from Akamai to Cloudflare.
Designed Cloudflare web-security architecture diagrams illustrating Cloudflare integration as blueprint for the migration.
Developed service models for fully managed service, partially managed service and self-service tenants.
Developed and managed Azure DevOps Pipelines and Repos for Lufthansa Group entities (including Lufthansa, Brussels Air, Eurowings, SWISS, Lufthansa Cargo, Lufthansa Technik, Miles & More and Austrian Airlines) for the automated deployment of Cloudflare infrastructure using Terraform.
Implemented RBAC and API token assignments within Cloudflare and integrated Azure Key Vault for secure secrets management.
Delivered SSAD documentation detailing security controls, migration workflows and compliance requiremements for the adoption of Cloudflare.
Conducted knowledge transfer and training sessions for Lufthansa Group?s operations team to enable them independently manage the Cloudflare infrastructure, security policies and DevOps workflows post-migration.

Kunde

Lufthansa Group

Einsatzort

Frankfurt

6 Monate

2024-07 - 2024-12

Cloud Identity Platform

Senior Platform Engineer - GCP GitLab AWS Azure ...

Rolle

Senior Platform Engineer - GCP

Projektinhalte

Managed and maintained Deutsche Bank's Cloud Identity Platform (CloudIDP) for centralised Identity and Access management and WebSSO as part of a cloud infrastructure team with Terraform on Google Cloud.
Developed GitHub Actions workflows for CI/CD Helm deployments to DEV, UAT and PROD environments.
Automated SDLC controls to integrate checks for secret scanning, source code review and business requirements a part of release pipelines.
Migrated cloud-navtive application workloads from Google Kubernetes Engine (GKE) clusters to on-prem OpenShift clusters.
Published and updated docker image builds and Helm charts in J-Frog Artifactory repositories.
Monitoring web portal cross-platform observabiltiy, health and metrics using New Relic.

Kenntnisse

GitLab AWS Azure Terraform Informationssicherheit QRadar Prisma Cloud

Kunde

Deutsche Bank

Einsatzort

Eschborn

4 Jahre 1 Monat

2020-10 - 2024-10

Cloud Infrastructure and Security Automation Project

Senior DevSecOps Engineer AWS Terraform Kubernetes ...

Rolle

Senior DevSecOps Engineer

Projektinhalte

Designed and built from scratch AWS environments for dev, staging and prod, and DR in GCP using Terraform
Configured CircleCI pipelines for Docker build and Terraform deployment automation
Scripting with Python (boto3), Bash and Powershell for Lambda functions and userdata scripts
Deployed and managing EKS Clusters, ECR, RDS, DynamoDB, CloudFront, ACM, KMS, Route53 & WAF
Automated deployments to Kubernetes with GitOps using Flux and Helm
Implemented Single Sign-On, IAM, OAuth, Cognito, and Hashicorp Vault for auth, secrets store and SAML identity federation
Configured IPSec VPNs, BGP and TGW for secure connectivity between Cloud and on-premise networks

Kenntnisse

AWS Terraform Kubernetes Docker DevSecOps Python PowerShell Ansible

Kunde

Trisor GmbH

Einsatzort

Berlin

1 Jahr

2023-07 - 2024-06

Reviews of penetration tests

Cloud Security Consultant

Rolle

Cloud Security Consultant

Projektinhalte

Provided Cloud Security advisory to application teams in the areas of DevSecOps, IT Risk and vulnerability management.
Conducted pre-production security assessments and reviews of penetration tests for applications migrating to the Cloud.
Reviewed container image vulnerabilities and Terraform IaC compliance with JFrog Artifcatory, SonarQube, Checkov and tftest.
Investigated MSI (Market Sensitive Information) and CSI (Confidential Statistical Information) data flows across internal ECB and external ESCB (European System of Central Banks) communication systems.
Provided support, and conducted workshops on the use of Prisma Cloud for landing zone and cloud security posture management.

Kunde

European Central Bank

Rolle

Azure Architect

Projektinhalte

Managed Azure Hubs in 6 global regions (VNETs, Peerings, Firewalls, ExpressRoute, VPN Gateways, NSGs and UDRs) to provide Hybrid Cloud connectivity for 4000+ on-prem stores in 77 geographical and 60 online markets
Migrated Azure platform infrastructure code from ARM templates to Terraform
Configured and maintained Azure DevOps pipelines for the release of workloads to Test and Production environments
Supported Operations team in the deployment of Azure Firewall policies, IP Groups and the reliability of Active Directory Domain Controllers
Implemented Zscaler Private Access App Connectors in Azure Hubs, for Zero Trust Network Access (ZTNA) to SAP servers in spoke subscriptions
Monitored Azure cloud platform infrastructure with Azure Monitor, Alerts, and Log Analytics workspaces

Kunde

H&M Group

Einsatzort

Stockholm, Sweden

6 Monate

2023-01 - 2023-06

Developed and managed access control

AWS DevOps Engineer

Rolle

AWS DevOps Engineer

Projektinhalte

Deployed AWS landing zones to development and production accounts using Terragrunt and Terraform
Supported a team of Data and AI Engineers with infrastructure provisioning and AWS service requests such as SFTP, Aurora RDS, S3 and Kafka
Developed and managed access control using AWS SSO, Okta, CloudFlare, IAM roles and policies
Provided support for microservices deployment to Kubernetes clusters using ArgoCD, Helm charts and manifest files
Automated IaC deployments to production using CodeCommit, CodeBuild, Gitlab registries and CI/CD pipelines

Kunde

Allianz

Einsatzort

Munich, Germany

6 Monate

2022-07 - 2022-12

Conducted workshops

DevSecOps Consultant - Container Security

Rolle

DevSecOps Consultant - Container Security

Projektinhalte

Evaluated current and alternative solutions for SAST, DAST, IAST, SCA and container security by comparing tools such as�SonarQube, NetSparker, NexusIQ and Aqua, against Veracode, Checkmarx, Synopsys, and Snyk
Conducted workshops for application teams to assess their implementation of container security and worked with them to�reduce the overall organizational container security vulnerabilities by 28%
Reviewed Dockerfiles and Azure DevOps build pipelines for the implementation of container security best practices
Scanned container images for vulnerabilities in applications and third-party libraries with Aqua
Provided recommendations for updating base images to minor releases of less vulnerable ones based on CVSS scores
Investigated application security standards such as OWASP Application Security Verification Standard (ASVS), SANS Security�Web Application Technologies (SWAT) Checklist, and the NIST Secure Software Development Framework (SSDF) for mapping�against DevSecOps security tools

Kunde

Swiss Re

Einsatzort

Zurich, Switzerland

4 Monate

2021-10 - 2022-01

Kubernetes Security Project

Kubernetes Security Expert Kubernetes Docker Cloud-Native ...

Rolle

Kubernetes Security Expert

Projektinhalte

Performed security audits on EKS clusters to identify issues relating to cluster, node and application security
Reviewed AWS IRSA authentication, Kubernetes cluster RBAC Roles, Role Bindings, Service Accounts, Signed Certificate�holders and ConfigMaps
Investigated container runtime security, mutating and validating webhooks, admission controllers, network policies,�privileged access and security contexts.
Evaluated security of the DevOps lifecycle, CI/CD deployment pipelines, Helm charts and supply chain security
Proposed an implementation of OPA Gatekeeper Admission Controller and OPA agents for whitelisting of container registries
Performed automated cluster security assessments with Falco, Kubescape, and Kube-bench tools against CIS Benchmarks
Proposed an implementation of security best practises in Kubernetes for cluster access control, image and container�vulnerability scanning, and audit logging.
Deployed Conftest for static analysis of Dockerfiles and Kubernetes YAML manifests, and writing rules using rego commands
Proposed an implementation of hardened docker images for Debian and Alpine

Produkte

E-Commerce

Kenntnisse

Kubernetes Docker Cloud-Native DevSecOps Security Architecture AWS

Kunde

About You GmbH

Einsatzort

Hamburg

1 Jahr 8 Monate

2019-05 - 2020-12

Hybrid Cloud Architecture Design and Security automation

Cloud Security Lead AWS Azure GitLab ...

Rolle

Cloud Security Lead

Projektinhalte

Designed cloud architecture and event-driven security on the Nokia Hybrid Cloud (AWS & Azure)
Performed CI / CD data builds, and cloud automation with GitLab CI, Terraform and Python scripts
Managed PrivateLinks, VPC / VNet Peering, TGW and DX links on the Nokia Internal Network
Managed IAM service role creation, federated logins, cross-account access and alarm configs
Managed cloud security with AWS Security Hub, GuardDuty, Inspector and Azure Security Center
Performed Hybrid Cloud services consulting, security assessments and compliance audits

Kenntnisse

AWS Azure GitLab Terraform

Kunde

Nokia Solutions & Networks

Einsatzort

Accra, Ghana

2 Jahre 6 Monate

2016-12 - 2019-05

Providing managed cloud services

Cloud Operations Engineer

Rolle

Cloud Operations Engineer

Projektinhalte

Providing managed cloud services for customers on the Nokia Worldwide IoT Network Grid (WING)
Supported cloud migration and on-boarding of customer VNFs and applications
Monitored Telco Cloud infrastructure (OpenStack, VMware, KVM) with Zabbix, Nagios and Ganglia
Performing incident management and resolution of customer trouble tickets through Nokia GDC

Kunde

Nokia Solutions & Networks

Einsatzort

Accra, Ghana

2 Jahre 8 Monate

2014-04 - 2016-11

Alcatel-Lucent SPOC

Network Security Engineer

Rolle

Network Security Engineer

Projektinhalte

Alcatel-Lucent (Nokia) SPOC for infosec management and design on the NITA e-Government Project
Managed ArcSight SIEM, TippingPoint IPS, Radware WAFs and Mail Filters, and HP Firewalls
Initialized, lead and coordinated project security requirements of risk assessments, audits, security policies, acceptance testing, business continuity and crisis management planning

Kunde

Nokia Solutions & Networks

Einsatzort

Accra, Ghana

1 Jahr

2013-05 - 2014-04

Provided MPLS backbone support

Senior Network Engineer

Rolle

Senior Network Engineer

Projektinhalte

Provided MPLS backbone support as part of a 24/7 NOC team for customer wide area networks
Managed Point-to-Point (PTP) links, 4G Radio, WiMAX, LTE and VSAT satellite transmissions
Monitored network performance and KPIs with PRTG, Cacti, Solarwinds and WhatsUp Gold tools
Conducted failover to DR and Business Continuity Process (BCP) tests on the NOC infrastructure

Kunde

STL Group

Einsatzort

Accra, Ghana

2 Monate

2013-02 - 2013-03

IT Risk and Assurance | Advisory Services

Intern - IS Auditor

Rolle

Intern - IS Auditor

Projektinhalte

Performed IS Audits for client companies to support EY's assurance financial statements
Used IT general controls (ITGCs) and application controls to perform security reviews and assurance

Kunde

EY Ghana

Nokia Analytics, Virtualization & Automation (AVA) | Azure Migration Project

Kunde: Nokia Solutions & Networks

Aufgaben:

Migration of Nokia's Cognitive Services AI Analytics and Machine Learning platform to Azure PaaS
This project included securing of the GitLab DevOps CI/CD pipeline, reviewing of Terraform templates, and the migration of workloads to Azure Kubernetes Service (AKS), Container Registry, HDInsights, and Azure SQL Database for deployment on staging and production
This service helps customers maximize their network & operational performance and quality of end-user experience

Nokia WING IoT Project

Kunde: Nokia Solutions & Networks, Amsterdam & Frankfurt

Aufgaben:

Nokia?s Wordwide IoT Network Grid (WING) is a managed IoT service that offers operators the ability to support their enterprise customers with global IoT connectivity across borders and technologies
This as-as-service solution eliminates business and technology complexity for fast time to market for operators providing IoT sensors, user applications and business models suited to specific sectors

Nokia G-Cloud GCEP | ANPTIC, Government of Burkina Faso

Kunde: Nokia Solutions & Networks

Aufgaben:

Provisioning of a Government Cloud Enablement Platform (G-CEP) for the National Agency for the Promotion of ICT (ANPTIC) in Ouagadougou, Burkina Faso
This project included the implementation of a Government Distributed Cloud Infrastructure (IaaS), an Open Government Environment (PaaS), and Government Enabler Applications (SaaS) to provide for e-Health, e-Learning and e-Government

National Information Technology Agency | NITA e-Gov Project

Kunde: Alcatel-Lucent (Nokia)

Aufgaben

Provisioning of end-to-end Managed Services for the National Information Technology Agency (NITA), Ministry of Communications in the management of nationwide e-Government infrastructure in Ghana.
This project extended the national backbone infrastructure to all districts in the country, provided a national data centre, a secondary data centre for DR capability, and ultimately connected all public institutions (MDAs and MMDAs) to a single shared communications and computing infrastructure

PCI DSS Compliance Project | CalBank Limited

Kunde: Security Architectural Consult

Aufgaben

Consulted and provided advisory services for CalBank?s PCI DSS compliance certification in Ghana
This project included the delivery and implementation of the AlienVault USM (SIEM), Symantec Data Loss Prevention (DLP) solution, McAfee Database Activity Monitoring (DAM) security suite and network segmentation of the bank?s cardholder data environment (CDE)

Aus- und Weiterbildung

1 Monat

2020-08 - 2020-08

AWS Certified Solutions Architect - Professional

Cloud - AWS

Institution, Ort

Cloud - AWS

1 Monat

2020-08 - 2020-08

Microsoft Certified Azure Administrator - Associate

Cloud - Azure

Institution, Ort

Cloud - Azure

1 Monat

2020-07 - 2020-07

Microsoft Certified Azure Solutions Architect - Expert

Cloud - Azure

Institution, Ort

Cloud - Azure

1 Monat

2020-06 - 2020-06

Microsoft Certified Azure Security Engineer - Associate

Cloud - Azure

Institution, Ort

Cloud - Azure

Institution, Ort

Cloud - Azure

Institution, Ort

Cloud - AWS

Institution, Ort

Cloud - AWS

1 Monat

2019-04 - 2019-04

AWS Certified Advanced Networking - Specialty

Cloud - AWS

Institution, Ort

Cloud - AWS

Schwerpunkt

AWS Certified Solutions Architect - Associate

Institution, Ort

Security

Institution, Ort

Security

1 Monat

2016-07 - 2016-07

Certified Information Systems Security Professional (CISSP)

Security

Institution, Ort

Security

3 Jahre 11 Monate

2007-08 - 2011-06

Computer Science

Bachelor of Science (BSc.), Kwame Nkrumah University of Science and Technology, Kumasi, Ghana

Abschluss

Bachelor of Science (BSc.)

Institution, Ort

Kwame Nkrumah University of Science and Technology, Kumasi, Ghana

Position

Cloud Security
DevSecOps
DevOps
Cloud Architect
Cloud Engineer
Cloud Migration
Security Architect
Independent Consultant

Kompetenzen

Top-Skills

AWS Terraform Kubernetes Azure GCP GitlabCI Docker bash Python Ansible Flux PowerShell CircleCI CI/CD Cloud DevOps DevSecOps Cloud-Native GitOps IT-Sicherheitsarchitektur

Produkte / Standards / Erfahrungen / Methoden

Linux

Python

Bash Scripting

Networking

Docker / Helm

Kubernetes

Terraform

AWS/Azure/GCP

Flux /ArgoCD

GitLab CI/ CircleCI

Azure DevOps

SIEM

ISO 27001

Incident Response

Security Auditing

PenTesting

OpenStack

ED-202A

PROFILE:

A Cloud & Security Architect with expertise designing and implementing secure solution architecture�(AWS, Azure, GCP) and security standards (NIST, ED-202A, ISO 27001, ISO/SAE 21434). I have experience�providing innovative Managed Security and Cloud-based solutions for Start-Up, Government and Enterprise�in the aviation, automotive, insurance, banking, consumer and telecommunications industries.

Personality:

Team Player
Creativity
Leadership
Innovation
Goal Oriented
Communication
Analysis
Time Management

Einsatzorte

L�nder

Deutschland, Schweiz, �sterreich

Remote-Arbeit

m�glich

Projekte

8 Monate

2025-01 - 2025-08

Security assessment and migration strategy

Cybersecurity Consultant

Rolle

Cybersecurity Consultant

Projektinhalte

Led the security assessment and migration strategy of Lufthansa Group?s global web infrastructure from Akamai to Cloudflare.
Designed Cloudflare web-security architecture diagrams illustrating Cloudflare integration as blueprint for the migration.
Developed service models for fully managed service, partially managed service and self-service tenants.
Developed and managed Azure DevOps Pipelines and Repos for Lufthansa Group entities (including Lufthansa, Brussels Air, Eurowings, SWISS, Lufthansa Cargo, Lufthansa Technik, Miles & More and Austrian Airlines) for the automated deployment of Cloudflare infrastructure using Terraform.
Implemented RBAC and API token assignments within Cloudflare and integrated Azure Key Vault for secure secrets management.
Delivered SSAD documentation detailing security controls, migration workflows and compliance requiremements for the adoption of Cloudflare.
Conducted knowledge transfer and training sessions for Lufthansa Group?s operations team to enable them independently manage the Cloudflare infrastructure, security policies and DevOps workflows post-migration.

Kunde

Lufthansa Group

Einsatzort

Frankfurt

6 Monate

2024-07 - 2024-12

Cloud Identity Platform

Senior Platform Engineer - GCP GitLab AWS Azure ...

Rolle

Senior Platform Engineer - GCP

Projektinhalte

Managed and maintained Deutsche Bank's Cloud Identity Platform (CloudIDP) for centralised Identity and Access management and WebSSO as part of a cloud infrastructure team with Terraform on Google Cloud.
Developed GitHub Actions workflows for CI/CD Helm deployments to DEV, UAT and PROD environments.
Automated SDLC controls to integrate checks for secret scanning, source code review and business requirements a part of release pipelines.
Migrated cloud-navtive application workloads from Google Kubernetes Engine (GKE) clusters to on-prem OpenShift clusters.
Published and updated docker image builds and Helm charts in J-Frog Artifactory repositories.
Monitoring web portal cross-platform observabiltiy, health and metrics using New Relic.

Kenntnisse

GitLab AWS Azure Terraform Informationssicherheit QRadar Prisma Cloud

Kunde

Deutsche Bank

Einsatzort

Eschborn

4 Jahre 1 Monat

2020-10 - 2024-10

Cloud Infrastructure and Security Automation Project

Senior DevSecOps Engineer AWS Terraform Kubernetes ...

Rolle

Senior DevSecOps Engineer

Projektinhalte

Designed and built from scratch AWS environments for dev, staging and prod, and DR in GCP using Terraform
Configured CircleCI pipelines for Docker build and Terraform deployment automation
Scripting with Python (boto3), Bash and Powershell for Lambda functions and userdata scripts
Deployed and managing EKS Clusters, ECR, RDS, DynamoDB, CloudFront, ACM, KMS, Route53 & WAF
Automated deployments to Kubernetes with GitOps using Flux and Helm
Implemented Single Sign-On, IAM, OAuth, Cognito, and Hashicorp Vault for auth, secrets store and SAML identity federation
Configured IPSec VPNs, BGP and TGW for secure connectivity between Cloud and on-premise networks

Kenntnisse

AWS Terraform Kubernetes Docker DevSecOps Python PowerShell Ansible

Kunde

Trisor GmbH

Einsatzort

Berlin

1 Jahr

2023-07 - 2024-06

Reviews of penetration tests

Cloud Security Consultant

Rolle

Cloud Security Consultant

Projektinhalte

Provided Cloud Security advisory to application teams in the areas of DevSecOps, IT Risk and vulnerability management.
Conducted pre-production security assessments and reviews of penetration tests for applications migrating to the Cloud.
Reviewed container image vulnerabilities and Terraform IaC compliance with JFrog Artifcatory, SonarQube, Checkov and tftest.
Investigated MSI (Market Sensitive Information) and CSI (Confidential Statistical Information) data flows across internal ECB and external ESCB (European System of Central Banks) communication systems.
Provided support, and conducted workshops on the use of Prisma Cloud for landing zone and cloud security posture management.

Kunde

European Central Bank

Rolle

Azure Architect

Projektinhalte

Managed Azure Hubs in 6 global regions (VNETs, Peerings, Firewalls, ExpressRoute, VPN Gateways, NSGs and UDRs) to provide Hybrid Cloud connectivity for 4000+ on-prem stores in 77 geographical and 60 online markets
Migrated Azure platform infrastructure code from ARM templates to Terraform
Configured and maintained Azure DevOps pipelines for the release of workloads to Test and Production environments
Supported Operations team in the deployment of Azure Firewall policies, IP Groups and the reliability of Active Directory Domain Controllers
Implemented Zscaler Private Access App Connectors in Azure Hubs, for Zero Trust Network Access (ZTNA) to SAP servers in spoke subscriptions
Monitored Azure cloud platform infrastructure with Azure Monitor, Alerts, and Log Analytics workspaces

Kunde

H&M Group

Einsatzort

Stockholm, Sweden

6 Monate

2023-01 - 2023-06

Developed and managed access control

AWS DevOps Engineer

Rolle

AWS DevOps Engineer

Projektinhalte

Deployed AWS landing zones to development and production accounts using Terragrunt and Terraform
Supported a team of Data and AI Engineers with infrastructure provisioning and AWS service requests such as SFTP, Aurora RDS, S3 and Kafka
Developed and managed access control using AWS SSO, Okta, CloudFlare, IAM roles and policies
Provided support for microservices deployment to Kubernetes clusters using ArgoCD, Helm charts and manifest files
Automated IaC deployments to production using CodeCommit, CodeBuild, Gitlab registries and CI/CD pipelines

Kunde

Allianz

Einsatzort

Munich, Germany

6 Monate

2022-07 - 2022-12

Conducted workshops

DevSecOps Consultant - Container Security

Rolle

DevSecOps Consultant - Container Security

Projektinhalte

Evaluated current and alternative solutions for SAST, DAST, IAST, SCA and container security by comparing tools such as�SonarQube, NetSparker, NexusIQ and Aqua, against Veracode, Checkmarx, Synopsys, and Snyk
Conducted workshops for application teams to assess their implementation of container security and worked with them to�reduce the overall organizational container security vulnerabilities by 28%
Reviewed Dockerfiles and Azure DevOps build pipelines for the implementation of container security best practices
Scanned container images for vulnerabilities in applications and third-party libraries with Aqua
Provided recommendations for updating base images to minor releases of less vulnerable ones based on CVSS scores
Investigated application security standards such as OWASP Application Security Verification Standard (ASVS), SANS Security�Web Application Technologies (SWAT) Checklist, and the NIST Secure Software Development Framework (SSDF) for mapping�against DevSecOps security tools

Kunde

Swiss Re

Einsatzort

Zurich, Switzerland

4 Monate

2021-10 - 2022-01

Kubernetes Security Project

Kubernetes Security Expert Kubernetes Docker Cloud-Native ...

Rolle

Kubernetes Security Expert

Projektinhalte

Performed security audits on EKS clusters to identify issues relating to cluster, node and application security
Reviewed AWS IRSA authentication, Kubernetes cluster RBAC Roles, Role Bindings, Service Accounts, Signed Certificate�holders and ConfigMaps
Investigated container runtime security, mutating and validating webhooks, admission controllers, network policies,�privileged access and security contexts.
Evaluated security of the DevOps lifecycle, CI/CD deployment pipelines, Helm charts and supply chain security
Proposed an implementation of OPA Gatekeeper Admission Controller and OPA agents for whitelisting of container registries
Performed automated cluster security assessments with Falco, Kubescape, and Kube-bench tools against CIS Benchmarks
Proposed an implementation of security best practises in Kubernetes for cluster access control, image and container�vulnerability scanning, and audit logging.
Deployed Conftest for static analysis of Dockerfiles and Kubernetes YAML manifests, and writing rules using rego commands
Proposed an implementation of hardened docker images for Debian and Alpine

Produkte

E-Commerce

Kenntnisse

Kubernetes Docker Cloud-Native DevSecOps Security Architecture AWS

Kunde

About You GmbH

Einsatzort

Hamburg

1 Jahr 8 Monate

2019-05 - 2020-12

Hybrid Cloud Architecture Design and Security automation

Cloud Security Lead AWS Azure GitLab ...

Rolle

Cloud Security Lead

Projektinhalte

Designed cloud architecture and event-driven security on the Nokia Hybrid Cloud (AWS & Azure)
Performed CI / CD data builds, and cloud automation with GitLab CI, Terraform and Python scripts
Managed PrivateLinks, VPC / VNet Peering, TGW and DX links on the Nokia Internal Network
Managed IAM service role creation, federated logins, cross-account access and alarm configs
Managed cloud security with AWS Security Hub, GuardDuty, Inspector and Azure Security Center
Performed Hybrid Cloud services consulting, security assessments and compliance audits

Kenntnisse

AWS Azure GitLab Terraform

Kunde

Nokia Solutions & Networks

Einsatzort

Accra, Ghana

2 Jahre 6 Monate

2016-12 - 2019-05

Providing managed cloud services

Cloud Operations Engineer

Rolle

Cloud Operations Engineer

Projektinhalte

Providing managed cloud services for customers on the Nokia Worldwide IoT Network Grid (WING)
Supported cloud migration and on-boarding of customer VNFs and applications
Monitored Telco Cloud infrastructure (OpenStack, VMware, KVM) with Zabbix, Nagios and Ganglia
Performing incident management and resolution of customer trouble tickets through Nokia GDC

Kunde

Nokia Solutions & Networks

Einsatzort

Accra, Ghana

2 Jahre 8 Monate

2014-04 - 2016-11

Alcatel-Lucent SPOC

Network Security Engineer

Rolle

Network Security Engineer

Projektinhalte

Alcatel-Lucent (Nokia) SPOC for infosec management and design on the NITA e-Government Project
Managed ArcSight SIEM, TippingPoint IPS, Radware WAFs and Mail Filters, and HP Firewalls
Initialized, lead and coordinated project security requirements of risk assessments, audits, security policies, acceptance testing, business continuity and crisis management planning

Kunde

Nokia Solutions & Networks

Einsatzort

Accra, Ghana

1 Jahr

2013-05 - 2014-04

Provided MPLS backbone support

Senior Network Engineer

Rolle

Senior Network Engineer

Projektinhalte

Provided MPLS backbone support as part of a 24/7 NOC team for customer wide area networks
Managed Point-to-Point (PTP) links, 4G Radio, WiMAX, LTE and VSAT satellite transmissions
Monitored network performance and KPIs with PRTG, Cacti, Solarwinds and WhatsUp Gold tools
Conducted failover to DR and Business Continuity Process (BCP) tests on the NOC infrastructure

Kunde

STL Group

Einsatzort

Accra, Ghana

2 Monate

2013-02 - 2013-03

IT Risk and Assurance | Advisory Services

Intern - IS Auditor

Rolle

Intern - IS Auditor

Projektinhalte

Performed IS Audits for client companies to support EY's assurance financial statements
Used IT general controls (ITGCs) and application controls to perform security reviews and assurance

Kunde

EY Ghana

Nokia Analytics, Virtualization & Automation (AVA) | Azure Migration Project

Kunde: Nokia Solutions & Networks

Aufgaben:

Migration of Nokia's Cognitive Services AI Analytics and Machine Learning platform to Azure PaaS
This project included securing of the GitLab DevOps CI/CD pipeline, reviewing of Terraform templates, and the migration of workloads to Azure Kubernetes Service (AKS), Container Registry, HDInsights, and Azure SQL Database for deployment on staging and production
This service helps customers maximize their network & operational performance and quality of end-user experience

Nokia WING IoT Project

Kunde: Nokia Solutions & Networks, Amsterdam & Frankfurt

Aufgaben:

Nokia?s Wordwide IoT Network Grid (WING) is a managed IoT service that offers operators the ability to support their enterprise customers with global IoT connectivity across borders and technologies
This as-as-service solution eliminates business and technology complexity for fast time to market for operators providing IoT sensors, user applications and business models suited to specific sectors

Nokia G-Cloud GCEP | ANPTIC, Government of Burkina Faso

Kunde: Nokia Solutions & Networks

Aufgaben:

Provisioning of a Government Cloud Enablement Platform (G-CEP) for the National Agency for the Promotion of ICT (ANPTIC) in Ouagadougou, Burkina Faso
This project included the implementation of a Government Distributed Cloud Infrastructure (IaaS), an Open Government Environment (PaaS), and Government Enabler Applications (SaaS) to provide for e-Health, e-Learning and e-Government

National Information Technology Agency | NITA e-Gov Project

Kunde: Alcatel-Lucent (Nokia)

Aufgaben

Provisioning of end-to-end Managed Services for the National Information Technology Agency (NITA), Ministry of Communications in the management of nationwide e-Government infrastructure in Ghana.
This project extended the national backbone infrastructure to all districts in the country, provided a national data centre, a secondary data centre for DR capability, and ultimately connected all public institutions (MDAs and MMDAs) to a single shared communications and computing infrastructure

PCI DSS Compliance Project | CalBank Limited

Kunde: Security Architectural Consult

Aufgaben

Consulted and provided advisory services for CalBank?s PCI DSS compliance certification in Ghana
This project included the delivery and implementation of the AlienVault USM (SIEM), Symantec Data Loss Prevention (DLP) solution, McAfee Database Activity Monitoring (DAM) security suite and network segmentation of the bank?s cardholder data environment (CDE)

Aus- und Weiterbildung

1 Monat

2020-08 - 2020-08

AWS Certified Solutions Architect - Professional

Cloud - AWS

Institution, Ort

Cloud - AWS

1 Monat

2020-08 - 2020-08

Microsoft Certified Azure Administrator - Associate

Cloud - Azure

Institution, Ort

Cloud - Azure

1 Monat

2020-07 - 2020-07

Microsoft Certified Azure Solutions Architect - Expert

Cloud - Azure

Institution, Ort

Cloud - Azure

1 Monat

2020-06 - 2020-06

Microsoft Certified Azure Security Engineer - Associate

Cloud - Azure

Institution, Ort

Cloud - Azure

Institution, Ort

Cloud - Azure

Institution, Ort

Cloud - AWS

Institution, Ort

Cloud - AWS

1 Monat

2019-04 - 2019-04

AWS Certified Advanced Networking - Specialty

Cloud - AWS

Institution, Ort

Cloud - AWS

Schwerpunkt

AWS Certified Solutions Architect - Associate

Institution, Ort

Security

Institution, Ort

Security

1 Monat

2016-07 - 2016-07

Certified Information Systems Security Professional (CISSP)

Security

Institution, Ort

Security

3 Jahre 11 Monate

2007-08 - 2011-06

Computer Science

Bachelor of Science (BSc.), Kwame Nkrumah University of Science and Technology, Kumasi, Ghana

Abschluss

Bachelor of Science (BSc.)

Institution, Ort

Kwame Nkrumah University of Science and Technology, Kumasi, Ghana

Position

Cloud Security
DevSecOps
DevOps
Cloud Architect
Cloud Engineer
Cloud Migration
Security Architect
Independent Consultant

Kompetenzen

Top-Skills

AWS Terraform Kubernetes Azure GCP GitlabCI Docker bash Python Ansible Flux PowerShell CircleCI CI/CD Cloud DevOps DevSecOps Cloud-Native GitOps IT-Sicherheitsarchitektur

Produkte / Standards / Erfahrungen / Methoden

Linux

Python

Bash Scripting

Networking

Docker / Helm

Kubernetes

Terraform

AWS/Azure/GCP

Flux /ArgoCD

GitLab CI/ CircleCI

Azure DevOps

SIEM

ISO 27001

Incident Response

Security Auditing

PenTesting

OpenStack

ED-202A

PROFILE:

Personality:

Team Player
Creativity
Leadership
Innovation
Goal Oriented
Communication
Analysis
Time Management

Vertrauen Sie auf Randstad

Im Bereich Freelancing

Im Bereich Arbeitnehmer�berlassung / Personalvermittlung

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Name E-Mail-Adresse Ihre Frage

Telefonnummer Unternehmen

Ich habe die Datenschutzbestimmungen gelesen und bin damit einverstanden.

Einsatzorte

Projekte

Aus- und Weiterbildung

Position

Kompetenzen

Top-Skills

Produkte / Standards / Erfahrungen / Methoden

Einsatzorte

Projekte

Aus- und Weiterbildung

Position

Kompetenzen

Top-Skills

Produkte / Standards / Erfahrungen / Methoden

Vertrauen Sie auf Randstad

Fragen?

Rufen Sie uns an +49 89 500316-300 oder schreiben Sie uns:

Das Freelancer-Portal

Direktester geht's nicht! Ganz einfach Freelancer finden und direkt Kontakt aufnehmen.