Cloud Engineering | DevSecOps | CISSP
Securing and
cloud infrastructure
This website is a living example of my ability to build, automate, and secure cloud infrastructure. Leveraging experience across systems, data, and automation, I implement practical DevSecOps strategies grounded in deep operational understanding.
Live Infrastructure Metrics
Total Git Commits
Security Score
Live IaC Resources
CI/CD Runs
Project Spotlight
This CI/CD Pipeline
Deployed via GitHub Actions
Secure DevSecOps Pipeline with GRC Compliance
This site demonstrates a comprehensive DevSecOps pipeline running on AWS infrastructure. The entire deployment process—from infrastructure creation to content update—is fully automated via GitHub Actions. It features a secure two-container architecture: an Nginx reverse proxy with SSL termination, and a Node.js API providing real-time GitHub statistics. The pipeline includes integrated security scanning, compliance mapping, policy-as-code validation, and centralized monitoring via CloudWatch.
- ✓ Terraform IaC: Manages EC2, EIP, and Security Group, with PoLP via IAM Role integration.
- ✓ Security Scanning: Trivy vulnerability scanning and PyLint policy checks integrated into deployment pipeline.
- ✓ GRC Dashboard: Interactive compliance mapping to NIST, CIS, and HIPAA frameworks with real-time scoring.
- ✓ Dynamic API: Real-time GitHub statistics via containerized Node.js API with resilience checks.
- ✓ SSL Management: Automated certificate renewal via Certbot with Route 53 DNS validation.
- ✓ GitHub Actions: Orchestrates the entire build/deploy cycle from a single `git push`.
- ✓ CloudWatch Monitoring: Centralized logging and monitoring with automated Nginx access log collection for security analysis.