Sfoglia categorie
Esplora
Fiverr Pro
Italiano
$
USD
I will implement devsecops best practices and harden your AWS environment
Senior DevOps Engineer
I am a dynamic and results-driven DevOps Engineer with over 6 years of experience in optimising cloud infrastructure and automating workflows. I have expertise in AWS cloud solutions and Infrastructur...
Informazioni su questo servizio
Security can't be bolted on at the end. If you're shipping infrastructure without security guardrails baked in from the start, you're building on borrowed time.
I work with teams to shift security left embedding it into the pipeline and infrastructure, not just ticking a compliance box.
What Transform DevOps covers in this engagement:
- AWS account hardening (IAM least privilege, SCPs, MFA enforcement)
- Security Hub, GuardDuty, Config Rules, and CloudTrail setup
- Secrets management with AWS Secrets Manager or HashiCorp Vault
- Static IaC security scanning (Checkov, tfsec, cfn-nag)
- Pipeline security gates SAST, SCA, container image scanning
- VPC security - security groups, NACLs, private subnet architecture
- CIS AWS Foundations Benchmark alignment
- Help working towards security certification (ISO 27001, SOC 2, PCI)
Delivered with a clear findings report and remediation guide your whole team can reference.
Framework:
Npm
•
Terraform
•
Pulumi
•
Ansible
•
Marionetta
Provider Cloud:
Amazon Web Services
Linguaggio di programmazione:
Bash
•
JavaScript
•
PHP
•
Python
•
Ruby
Expertise:
Installazione
•
Migrazione
•
Configurazione
FAQ
Do I need to meet a specific compliance standard for this to be useful?
No. The engagement is valuable whether you're working towards SOC 2, ISO 27001, or simply want a more secure baseline. I'll note compliance alignment where relevant.
Will this break anything in my existing pipeline?
No changes are made without discussion. Security gates are introduced incrementally and tested before being enforced.
What CI/CD tools do you support for pipeline security scanning?
GitHub Actions, GitLab CI, Bitbucket Pipelines, Jenkins, and CircleCI but am open to look at any other tools with the consideration of delivery times being extended.
Do you cover container security?
Yes — image scanning with Trivy or ECR scanning, and Dockerfile best practices are included in Standard and Premium packages.
Can you help us pass a security audit or penetration test?
I can significantly reduce your attack surface and findings count ahead of a pentest. I don't perform the pentest itself.
How often should security patches and tooling be updated?
Critical patches should be applied within 24–72 hours of release. Non-critical updates monthly. I'll set up automated scanning tools and alerting in your pipeline so vulnerabilities are caught continuously, not just at review time.
