Purpose: Architect secure computer networks which transform regulatory mandates into enforceable operational controls, with provable compliance and audit integrity built in.
๐นAbout
๐นProjects
๐นCertifications
๐นTalks & Writing
๐นContact
๐ Multi-Cloud ย | ย ๐ Security ย | ย ๐ ๏ธ DevSecOps ย | ย ๐ง Lifelong Learner
- Multi-cloud infrastructure ( AWS, Azure, Oracle )
- Data protection & IAM
- DevSecOps and automation (Terraform)
- Sustained availability and control of SaaS application and database environments within regulated industries, ensuring alignment with enterprise security architecture principles.
- Home-lab projekts with STIG-aligned lockdown of Ubuntu | Rocky Linux | RHEL
servers.
- Oracle, AWS RDS, and MySQL database administration.
- Experience with secure deployments using multi-layered authentication for high-security environments.
- Systems administration, including SSO/LDAP/Shibboleth integrity post-checks.
- Network automation of cloud platform resources using Terraform and
Ansible.
- Recognised for effective cross-functional collaboration, and proficiency in
air-gapped and compliance-driven environments.
| ๐งฉ Domain | ๐ง Experience | ๐๏ธ Enterprise Relevance |
|---|---|---|
| ๐ก๏ธ System Lockdown | Hands-on professional & home-lab experience applying STIG-aligned hardening across Ubuntu, RHEL, and Rocky Linux servers | Strengthened secure baselines in regulated and high-assurance environments |
| ๐๏ธ Database Administration | Managed and secured database services supporting application workloads | Preserved data integrity and operational reliability in compliance-driven systems |
| ๐ Identity Integration | Implemented SSO and LDAP integrations for centralized authentication | Reinforced access governance and enterprise identity controls |
| โ๏ธ Secure Automation | Automated infrastructure provisioning and configuration using Terraform and Ansible | Reduced configuration drift and embedded security into deployment workflows |
| โ๏ธ Compliance & Air-Gapped Operations | Operated within air-gapped and regulatory-sensitive environments | Maintained audit readiness and control enforcement under strict compliance requirements |
| ๐ค Cross-Functional Execution | Collaborated with engineering and compliance stakeholders | Aligned technical execution with enterprise security objectives |
| Project | Description | โ๏ธ Services |
|---|---|---|
| ๐ก๏ธ Manage Access Securely Using Azure Active Directory Groups and Roles | ๐ ๏ธ Design and validate role-based access control (RBAC) by creating a test user, assigning group-based permissions, and verifying least-privilege access through controlled login testing. | - Microsoft Entra ID (Azure AD) - Users - Groups - Azure RBAC - Built-in Reader Role - Access Control (IAM) |
| ๐ก๏ธ Manage Access Securely Azure Active Directory Groups and Roles |
๐ ๏ธ Designed and validated role-based access control (RBAC) by: - Creation of a test user. - Assigned group-based permissionsl - Verified least-privilege access through controlled login testing. |
- Microsoft Entra ID ย ย (Azure AD) - Users - Groups - Azure RBAC - Built-in Reader Role - Access Control (IAM) |
| CloudTrail Monitoring & Security Infrastructure (Terraform) | Provision a secure AWS environment with logging, monitoring, and alerting using Terraform IaC. | CloudTrail, S3, EC2, SQS, SNS, Lambda function, IAM, Terraform, VS Code, aws cli |
| Hybrid Identity x File Server Migration Projekt | Synchronize On-Premises Identity + Migrate File Shares to Microsoft Cloud Services with Zero Trust Controls | EntraID, Entra Connect, Azure VM, Conditional Access, Log Analytics, Microsoft Purview, SharePoint |
| AD Sync with Microsoft Entra ID | Set up Microsoft Entra Connect Sync between an on-premise Active Directory (DC-1) and Microsoft Entra ID | EntraID, PowerShell, Microsoft 365 |
| On-premise Active Directory (simulated Azure vm) to Entra ID x SharePoint Migration | Migrated users and file shares securely from legacy infrastructure to Microsoft 365 cloud services. | EntraID, PowerShell, Microsoft 365 |
| ๐งญ AD-Entra-Connect-Sync-Entra-ID | Set up Microsoft Entra Connect Sync between an on-premise Active Directory (DC-1) and Microsoft Entra ID | EntraID, PowerShell, Microsoft 365 |
| ๐ฆ On-Prem AD to Entra ID x SharePoint Migration | ๐ Migrate Users & File Shares Securely from Legacy Infrastructure to Microsoft 365 Cloud Services | EntraID, Entra Connect, Active Directory |
| CloudFormation from CLI | Python-based automation for secure resource deployment with IAM roles and audit logging | Python, AWS CLI, CloudTrail |
| ๐ AWS Beginnerโs Guide to AWS App Integration | Trigger Lambda with S3 uploads and monitor via CloudWatch logs | Lambda, S3, CloudWatch |
| ๐ ๏ธ AWS Beginnerโs Guide to AWS Step Functions DynamoDB SNS | A simple event-driven workflow | AWS Step Functions, DynamoDB, SNS |
| ๐ ๏ธ AWS - Decoupled Event Processing with SQS Triggers | Fully serverless workflow | Lambda, DynamoDB, SNS, SQS, CloudWatch, IAM |
| ๐ AWS Event-Driven Order Processing Workflow |
๐๏ธ End-to-end serverless workflow to handle: - Orders - Alerts - Message queuing |
- ๐ง Lambda - DynamoDB - SNS - SQS - CloudWatch - IAM |
| ๐ PYTHON ๐ Secure Task Logger |
Lightweight Python CLI application demonstrating secure, auditable task logging with modular design, explicit user context capture, and structured audit-style logs. | Python, CLI, Logging, Modular Design, User Context, Audit Trail |
| ๐ Terraform projekt: - Edge Security by Design |
Designed and provisioned a secure, production-grade CloudFront distribution with Lambda@Edge request inspection, AWS WAF IP blocking, and S3 origin protection, using Terraform modules and least-privilege IAM. Edge security controls. Deterministic module outputs. Auditable IaC workflows | - Python - CLI - Logging - CloudFront - WAF - Terraform Modules |
| Hybrid Identity and File Migration Projekt: ๐ก๏ธ Microsoft Zero Trust ๐ IAM Data Migration |
๐ ๏ธ Built a secure hybrid identity setup by syncing (simulated) on-premise Active Directory to Microsoft Entra ID. - Applied Conditional Access policies. - Migrated file shares to SharePoint Online. - Verified secure cloud sign-ins. - Zero Trust behaviour using Entra logs and Purview auditing. |
- Windows Server - Active Directory - Microsoft EntraID - Microsoft Entra Connect - SharePoint Online - Conditional Access -Microsoft Purview -Log Analytics -IAM -Zero Trust Architekture |
| ๐ฉโ๐ป Beginnerโs Guide to AWS Lambda + DynamoDB + CloudWatch + IAM | ๐ ๏ธ Developed a Bash-based network diagnostics utility: - To perform ICMP-based internet connectivity checks - Validate DNS resolution using system name services - To enumerate active listening ports and ย ย ย scanned for commonly exposed or high-risk ports - To implement modular functions - User-friendly interactive menus - With enhanced terminal features (spinners & ASCII banners). |
๐ง Technical Stack - Bash (Shell Scripting) - Linux Networking Tools: ping, ss, getentโ๏ธ Process Management: - Background jobs & PIDs Terminal UX: - ANSI colors - Structured output - ASCII banners |
| ๐ง Network Health Check | ๐ ๏ธ Developed a Bash-based network diagnostics utility: - To perform ICMP-based internet connectivity checks - Validate DNS resolution using system name services - To enumerate active listening ports and ย ย ย scanned for commonly exposed or high-risk ports - To implement modular functions - User-friendly interactive menus - With enhanced terminal features (spinners & ASCII banners). |
๐ง Technical Stack - Bash (Shell Scripting) - Linux Networking Tools: ping, ss, getentโ๏ธ Process Management: - Background jobs & PIDs Terminal UX: - ANSI colors - Structured output - ASCII banners |
- ISC2 Certified in Cybersecurity
- Oracle Certified Data Platform Foundations Associate
- Oracle Certified Cloud Infrastructure AI Foundations Associate
- Oracle Cloud Infrastructure Foundations Associate
- AWS Certified Solutions Architect โ Associate
- AWS Certified Cloud Practitioner
- Microsoft Azure Fundamentals (AZ-900)
- Microsoft Security, Compliance, and Identity (SC-900)
- ๐งฉ Blog post "Asking the right questions in Cloud Security"
https://coder1life.blogspot.com/2025/08/asking-right-questions-in-cloud-security.html - ๐งฉ Blog post "How AWS Protects Your Data Privacy and Security"
https://coder1life.blogspot.com/2024/12/how-aws-protects-your-data-privacy-and.html - ๐งฉ Blog post โAWS Cloud Services: The key to keeping monolithic, legacy systems competitiveโ https://coder1life.blogspot.com/2025/02/aws-cloud-services-key-to-keeping.html
- Member: Women in CyberSecurity (WiCyS) ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 2025
- Member: Women in Security and Privacy (WISP) ย ย ย ย ย ย 2024
- ISC2 Certified in Cybersecurity - Member ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย ย 2025
- WomenTech Social Media Volunteer (2026)
- Hacker Summer Camp (2025)
- WISP Volunteer Manager for BlackHat
- DefCon Volunteer for WISP Community and Vendour Booth
- The Diana Initiative - WISP volunteer
- Grace Hopper Celebration (AnitaB.org) (2025) - Review member
- ๐ง OโReilly - On staff as a technical reviewer
- AWS re:Invent 2025
- SANS 2025 Cloud Securite Exchange 2025
- Hacker Summer Camp (BlackHat, DefCon, The Diana Initiative) 2025
- Identiverse 2025-06
- Cloud Security Alliance: CSA Virtual Cloud Non-Human Identity Summit 2025 2025-15/16-07
- Women in Tech Global Conference (Virtual) 2025-05
- Developer Week (Virtual) 2025-02
- Hacker Summer Camp (BlackHat, DefCon, The Diana Initiative) 2024
- AWS re:Invent 2024
- Cloud Native Securite Con (CNSC) 2024
- AWS All Builder's Welcome re:Invent grant recipient 2023
- ๐ GitHub: github.com/cloud-whisperer
Thank you for visiting! This portfolio is a work in progress โ more updates soon!