Building secure, scalable cloud infrastructure — and hunting the threats that target it.

View Full Project Portfolio →

I work across the full cloud security stack: infrastructure automation with Terraform and Ansible, container orchestration with Kubernetes and Docker, CI/CD pipelines with Jenkins, and proactive threat detection using CrowdStrike Falcon and Splunk. My projects reflect real-world engineering problems — not tutorials.

Cloud & Infrastructure AWS · Azure · Terraform · Ansible · EC2 · S3 · Lambda · Key Vault · Auto Scaling · Load Balancers

Containers & Orchestration Kubernetes · Docker · Docker Compose · Docker Swarm · Spring Boot on K8s

CI/CD & Automation Jenkins (multi-node, pipelines, Groovy libraries) · Python CD · Infrastructure as Code

Security & Threat Detection CrowdStrike Falcon · Splunk · MITRE ATT&CK · SOC Monitoring · Threat Hunting · EDR · Azure Key Vault

• k8s-container-security-pipeline — Trivy · OPA Gatekeeper · Falco · three-layer Kubernetes security pipeline
• wiz-paloalto-cloud-ir-playbook — Wiz Toxic Combination detection · Palo Alto Cortex XDR · cloud incident response
• crowdstrike-threat-hunt-portfolio — CrowdStrike Falcon threat hunt · SCATTERED SPIDER · MITRE ATT&CK
• splunk-soc-monitoring-lab — Splunk SOC monitoring and detection

• aws-terraform-ec2-iac — EC2 provisioning with Terraform IaC
• aws-serverless-web-lambda — Serverless web application on AWS Lambda
• azure-key-vault-lab — Azure secrets management
• disaster-recovery-strategy-aws — AWS multi-region DR strategy
• load-balanced-autoscaling-webservers — ALB + ASG with Terraform
• terraform-remote-state-s3 — Remote Terraform state in S3
• modular-webserver-infrastructure — Modular Terraform web infrastructure
• python-appserver-provisioner — EC2 Python app server via Terraform + Ansible

• kubernetes-rolling-deployment-demo — Zero-downtime K8s rolling deployments
• kubernetes-core-namespaces-demo — Kubernetes namespace architecture
• kubernetes-mysql-persistent-volume-demo — MySQL with persistent volumes on K8s
• kubernetes-cluster-ec2-infrastructure — K8s cluster on EC2 with Terraform
• spring-boot-k8s-vulnerability-remediation — Spring Boot containerisation and K8s security hardening
• docker-swarm-ec2-provisioner — Docker Swarm on EC2 with Terraform + Ansible
• ghost-blog-docker-compose — Ghost + MySQL via Docker Compose
• docker-springboot-container-build — Spring Boot Docker container build

• jenkins-ci-cd-springboot-docker — Jenkins pipeline for Spring Boot + Docker
• jenkins-docker-springboot-ci — Jenkins + Docker + Maven CI for Spring Boot
• jenkins-multi-node-infrastructure — Multi-node Jenkins master setup on EC2
• jenkins-groovy-reporting-library — Reusable Groovy library for Jenkins build reports
• python-ci-cd-pipeline — Jenkins + Ansible CD pipeline for Python apps

• ansible-control-node-provisioner — Provision Ansible control node on EC2
• ansible-managed-nodes-provisioner — Provision managed nodes for Ansible
• ansible-control-node-setup — SSH key generation and control node config
• ansible-sandbox-ec2 — EC2 sandbox with Ansible pre-installed
• mariadb-ansible-setup — MariaDB install and config via Ansible
• httpd-static-web-deployment — Apache HTTP static site deployment via Ansible

• terratest-infrastructure — Infrastructure testing with Terratest

• Expanding the CrowdStrike threat hunting portfolio
• Cloud security architecture and detection engineering

View All Repositories