Purpose: Engineered secure network architectures which embedded DevSecOps principles into infrastructure and deployment pipelines, enabling continuous security validation, threat mitigation, and operational resilience.
🔹About
🔹Projects
🔹Certifications
🔹Talks & Writing
🔹Contact
🌐 Multi-Cloud | 🔐 Security | 🛠️ DevSecOps | 🧠 Lifelong Learner
- Multi-cloud infrastructure ( AWS, Azure, Oracle )
- Data protection & IAM
- DevSecOps and automation (Terraform)
- Sustained availability and control of SaaS application and database environments within regulated industries, ensuring alignment with enterprise security architecture principles.
- Home-lab projekts with STIG-aligned lockdown of Ubuntu | Rocky Linux | RHEL
servers.
- Oracle, AWS RDS, and MySQL database administration.
- Experience with secure deployments using multi-layered authentication for high-security environments.
- Systems administration, including SSO/LDAP/Shibboleth integrity post-checks.
- Network automation of cloud platform resources using Terraform and
Ansible.
- Recognised for effective cross-functional collaboration, and proficiency in
air-gapped and compliance-driven environments.
| 🧩 Domain | 🔧 Experience | 🏛️ Enterprise Relevance |
|---|---|---|
| 🛡️ System Lockdown | Hands-on professional & home-lab experience applying STIG-aligned hardening across Ubuntu, RHEL, and Rocky Linux servers | Strengthened secure baselines in highly regulated and multi-layered secure environments |
| 🗄️ Database Administration | Managed and secured database services supporting application workloads | Preserved data integrity and operational reliability in compliance-driven systems |
| 🔑 Identity Integration | Implemented SSO, LDAP, and Shibboleth integrations for centralized authentication | Reinforced access governance and enterprise identity controls |
| ⚙️ Secure Automation | Automated infrastructure provisioning and configuration using Terraform and Ansible | Reduced configuration drift and embedded security into deployment workflows |
| ⚖️ Compliance & Air-Gapped Operations | Operated within air-gapped and regulatory-sensitive environments | Maintained audit readiness and control enforcement under strict compliance requirements |
| 🤝 Cross-Functional Execution | Collaborated with engineering and compliance stakeholders | Aligned technical execution with enterprise security objectives |
| Project | Description | ☁️ Services |
|---|---|---|
| 🛡️ Placeholder | 🛠️ Text goes here. | - Placeholder - Placeholder - Placeholder - Placeholder - Placeholder - Placeholder |
| 🛡️ Automated Security Findings Pipeline | 🛠️ 🔐 A DevSecOps pipeline that used pre-deployment and post-scan analysis to transform infrastructure security findings into structured, actionable security events | - checkov scanner - tfsec - jq - PowerShell - Transformed JSON output - Amazon S3 bucket - AWS SDK (boto3) - AWS S3 API endpoint |
| 🛡️ Manage Access Securely Azure Active Directory Groups and Roles |
🛠️ Designed and validated role-based access control (RBAC) by: - Creation of a test user - Assigned group-based permissions - Verified least-privilege access through controlled login testing. |
- Microsoft Entra ID (Azure AD) - Users - Groups - Azure RBAC - Built-in Reader Role - Access Control (IAM) |
| CloudTrail Monitoring & Security Infrastructure (Terraform) | Provisioned a secure AWS environment with logging, monitoring, and alerting using Terraform IaC. | CloudTrail, S3, EC2, SQS, SNS, Lambda function, IAM, Terraform, VS Code, and AWS SDK (Boto3) |
| Hybrid Identity x File Server Migration Projekt | Synchronize On-Premises Identity + Migrate File Shares to Microsoft Cloud Services with Zero Trust Controls | EntraID, Entra Connect, Azure VM, Conditional Access, Log Analytics, Microsoft Purview, SharePoint |
| AD Sync with Microsoft Entra ID | Set up Microsoft Entra Connect Sync between an on-premise Active Directory (DC-1) and Microsoft Entra ID | EntraID, PowerShell, Microsoft 365 |
| On-premise Active Directory (simulated Azure vm) to Entra ID x SharePoint Migration | Migrated users and file shares securely from legacy infrastructure to Microsoft 365 cloud services. | EntraID, PowerShell, Microsoft 365 |
| 🧭 AD-Entra-Connect-Sync-Entra-ID | Set up Microsoft Entra Connect Sync between an on-premise Active Directory (DC-1) and Microsoft Entra ID | EntraID, PowerShell, Microsoft 365 |
| 📦 On-Prem AD to Entra ID x SharePoint Migration | 🔁 Migrate Users & File Shares Securely from Legacy Infrastructure to Microsoft 365 Cloud Services | EntraID, Entra Connect, Active Directory |
| CloudFormation from CLI | Python-based automation for secure resource deployment with IAM roles and audit logging | Python, AWS CLI, CloudTrail |
| 🚀 AWS Beginner’s Guide to AWS App Integration | Trigger Lambda with S3 uploads and monitor via CloudWatch logs | Lambda, S3, CloudWatch |
| 🛠️ AWS Beginner’s Guide to AWS Step Functions DynamoDB SNS | A simple event-driven workflow | AWS Step Functions, DynamoDB, SNS |
| 🛠️ AWS - Decoupled Event Processing with SQS Triggers | Fully serverless workflow | Lambda, DynamoDB, SNS, SQS, CloudWatch, IAM |
| 🚀 AWS Event-Driven Order Processing Workflow |
🏗️ End-to-end serverless workflow to handle: - Orders - Alerts - Message queuing |
- 🧠 Lambda - DynamoDB - SNS - SQS - CloudWatch - IAM |
| 🐍 PYTHON 🔐 Secure Task Logger |
Lightweight Python CLI application demonstrating secure, auditable task logging with modular design, explicit user context capture, and structured audit-style logs. | Python, CLI, Logging, Modular Design, User Context, Audit Trail |
| 💜 Terraform projekt: - Edge Security by Design |
Designed and provisioned a secure, production-grade CloudFront distribution with Lambda@Edge request inspection, AWS WAF IP blocking, and S3 origin protection, using Terraform modules and least-privilege IAM. Edge security controls. Deterministic module outputs. Auditable IaC workflows | - Python - CLI - Logging - CloudFront - WAF - Terraform Modules |
| Hybrid Identity and File Migration Projekt: 🛡️ Microsoft Zero Trust 🔐 IAM Data Migration |
🛠️ Built a secure hybrid identity setup by syncing (simulated) on-premise Active Directory to Microsoft Entra ID. - Applied Conditional Access policies. - Migrated file shares to SharePoint Online. - Verified secure cloud sign-ins. - Zero Trust behaviour using Entra logs and Purview auditing. |
- Windows Server - Active Directory - Microsoft EntraID - Microsoft Entra Connect - SharePoint Online - Conditional Access -Microsoft Purview -Log Analytics -IAM -Zero Trust Architekture |
| 👩💻 Beginner’s Guide to AWS Lambda + DynamoDB + CloudWatch + IAM | 🛠️ Developed a Bash-based network diagnostics utility: - To perform ICMP-based internet connectivity checks - Validate DNS resolution using system name services - To enumerate active listening ports and scanned for commonly exposed or high-risk ports - To implement modular functions - User-friendly interactive menus - With enhanced terminal features (spinners & ASCII banners). |
🔧 Technical Stack - Bash (Shell Scripting) - Linux Networking Tools: ping, ss, getent⚙️ Process Management: - Background jobs & PIDs Terminal UX: - ANSI colors - Structured output - ASCII banners |
| 🐧 Network Health Check | 🛠️ Developed a Bash-based network diagnostics utility: - To perform ICMP-based internet connectivity checks - Validate DNS resolution using system name services - To enumerate active listening ports and scanned for commonly exposed or high-risk ports - To implement modular functions - User-friendly interactive menus - With enhanced terminal features (spinners & ASCII banners). |
🔧 Technical Stack - Bash (Shell Scripting) - Linux Networking Tools: ping, ss, getent⚙️ Process Management: - Background jobs & PIDs Terminal UX: - ANSI colors - Structured output - ASCII banners |
- ISC2 Certified in Cybersecurity
- Oracle Certified Data Platform Foundations Associate
- Oracle Certified Cloud Infrastructure AI Foundations Associate
- Oracle Cloud Infrastructure Foundations Associate
- AWS Certified Solutions Architect – Associate
- AWS Certified Cloud Practitioner
- Microsoft Azure Fundamentals (AZ-900)
- Microsoft Security, Compliance, and Identity (SC-900)
- 🧩 Blog post "Asking the right questions in Cloud Security"
https://coder1life.blogspot.com/2025/08/asking-right-questions-in-cloud-security.html - 🧩 Blog post "How AWS Protects Your Data Privacy and Security"
https://coder1life.blogspot.com/2024/12/how-aws-protects-your-data-privacy-and.html - 🧩 Blog post “AWS Cloud Services: The key to keeping monolithic, legacy systems competitive” https://coder1life.blogspot.com/2025/02/aws-cloud-services-key-to-keeping.html
- Member: Women in CyberSecurity (WiCyS) 2025
- Member: Women in Security and Privacy (WISP) 2024
- ISC2 Certified in Cybersecurity - Member 2025
- WomenTech Social Media Volunteer (2026)
- Hacker Summer Camp (2025)
- WISP Volunteer Manager for BlackHat
- DefCon Volunteer for WISP Community and Vendour Booth
- The Diana Initiative - WISP volunteer
- Grace Hopper Celebration (AnitaB.org) (2025) - Review member
- 🧠 O’Reilly - On staff as a technical reviewer
- AWS re:Invent 2025
- SANS 2025 Cloud Securite Exchange 2025
- Hacker Summer Camp (BlackHat, DefCon, The Diana Initiative) 2025
- Identiverse 2025-06
- Cloud Security Alliance: CSA Virtual Cloud Non-Human Identity Summit 2025 2025-15/16-07
- Women in Tech Global Conference (Virtual) 2025-05
- Developer Week (Virtual) 2025-02
- Hacker Summer Camp (BlackHat, DefCon, The Diana Initiative) 2024
- AWS re:Invent 2024
- Cloud Native Securite Con (CNSC) 2024
- AWS All Builder's Welcome re:Invent grant recipient 2023
- 🐙 GitHub: github.com/cloud-whisperer
Thank you for visiting! This portfolio is a work in progress — more updates soon!