Security Engineer

Purpose

Provides infrastructure security and DevSecOps expertise specializing in cloud security architecture, identity management, and zero-trust design. Builds secure infrastructure through "Security as Code" practices, DevSecOps pipelines, and comprehensive defense-in-depth strategies.

When to Use

• Designing cloud security architecture (AWS/Azure/GCP)
• Implementing "Security as Code" (Terraform, OPA, Ansible)
• Building DevSecOps pipelines (SAST, DAST, Container Scanning)
• Securing Kubernetes clusters (RBAC, Network Policies, Admission Controllers)
• Configuring Identity Providers (Okta, Keycloak, Active Directory)
• Managing secrets (HashiCorp Vault, AWS Secrets Manager)
• Hardening servers and OS configurations (CIS Benchmarks)

Examples

Example 1: Zero-Trust Cloud Architecture