Skip to main content
Menu

NotSoSecure

Senior Security Consultant • Dec 2018 – Present

Assesses, defines, implements, participates in and supports DevSecOps programs for NotSoSecure clients. Engagements span from simple IT projects to large-scale, enterprise-level transformation programs. Collaborate with teams and aid in developing consultative solutions to implement client DevSecOps capabilities to enable secure product development. Conduct methodology and architecture security assessments and define solutions to produce tailored DevSecOps platforms inclusive of target state people, process, and technology operating models.
  • Support clients achieving the benefits that DevSecOps can offer Contribute to/participate in the design and implementation of DevSecOps platforms which covers areas such as integrating security into build automation, deployment automation, test automation, SDLC orchestration, environment management, monitoring, and production release procedures.
  • Drive adoption of tools and practices as the client transitions to DevSecOps.
  • Containerization principles and frameworks (Docker, Kubernetes).
  • Infrastructure automation scripting (Terraform, Cloudformation).
  • Integrating Security capabilities into DevOps.
  • Multi-system Integration using industry standards such as REST, API, JSON, SOAP, etc Cloud security controls including tenant isolation, encryption at rest, encryption in transit, key management, vulnerability assessments, application firewalls, etc.
  • Deploys enterprise applications in cloud platforms, incorporating automation, security, and reliability
  • AWS provisioning, configuration management, storage management, network management, virtualization
  • Architects and Creates automated CI/CD pipelines and automating all aspects of infrastructure