π Cloud Security Engineer | DevSecOps | Security Architecture Track
π Colombia | π Open to remote opportunities
I am an Electronic Engineer with over 3 years of hands-on experience in cybersecurity, specializing in cloud security, DevSecOps practices, and security automation.
My work focuses on building secure-by-design systems, automating security controls with code, and embedding security into CI/CD pipelines and cloud-native architectures. I enjoy working at the intersection of security, cloud, and software engineering, with a long-term goal of growing into a Security Architect role.
---- Cloud Security Engineering (Azure-first, multi-cloud mindset)
- DevSecOps pipelines & CI/CD security
- Security automation with Python
- Container & Kubernetes security fundamentals
- Identity & Access Management (IAM)
- Security by Design & Threat Modeling
π Repo: devsecops-pipeline-python
A CI/CD pipeline designed with security-by-design principles.
Highlights:
- Python-based security automation
- Security gates inside CI/CD
- Dependency & secrets scanning
- Architecture and threat modeling documentation
β‘οΈ Focus: DevSecOps Β· Automation Β· Security by Design
π Repo: kubernetes-security-lab
Secure deployment of containerized applications on Kubernetes.
Highlights:
- Secure container deployment
- RBAC concepts
- Kubernetes security fundamentals
- Architecture diagrams and risk considerations
β‘οΈ Focus: Containers Β· Kubernetes Β· Cloud Security
π Repo: cloud-security-architecture
Collection of cloud and multi-cloud security architecture references.
Includes:
- Azure & AWS secure reference architectures
- Identity-first security models
- Zero Trust concepts
- Architecture Decision Records (ADR)
β‘οΈ Focus: Security Architecture Β· Design Decisions Β· Risk
π Repo: python-cybersecurity-tools
Python scripts for security automation and analysis.
Examples:
- Log analysis
- Vulnerability parsing
- Threat intelligence enrichment
β‘οΈ Focus: Python Β· Automation Β· Cybersecurity
Across all projects, I prioritize:
- Clear architecture diagrams
- Risk-based decision making
- Security trade-offs
- Cloud shared responsibility model
- Identity as the security perimeter
I believe security is an architectural decision, not a final control.
- Advanced DevSecOps practices
- Kubernetes security fundamentals
- Multi-cloud security (Azure β AWS β OCI)
- Technical English for cloud & security roles
- LinkedIn: https://linkedin.com/in/jh-ar-sa
- GitHub: https://github.com/JhoAraSan
- Email: jarangos@outlook.com
βGood security is invisible to users β and obvious to architects.β