Name : Su
Role : DevSecOps Engineer
Focus : Cloud Native Security · Infrastructure as Code · CI/CD Automation
Passions : [Kubernetes, Security Hardening, Multi-Cloud, Open Source]
Currently : Master's (MPhil) research, building production-grade pipelines 🔐
Available : Open to DevSecOps / Platform Engineering opportunities 🎯- 🔭 Building and securing cloud-native infrastructure with Kubernetes, Terraform & CI/CD pipelines
- 🔐 Passionate about shifting security left integrating SAST, DAST, and policy-as-code into every pipeline
- 👯 Looking to collaborate on open-source DevSecOps tooling and cloud-native security projects
- 💬 Ask me about Kubernetes, container security, IaC, or compliance-as-code
- I believe the best security team is one that makes it easier to do the right thing than the wrong thing.
Cloud & Infrastructure
Containers & Kubernetes
CI/CD & GitOps
Security Tooling
Languages & Scripting
Monitoring & Observability
| Project | Description | Stack |
|---|---|---|
| 3-Tier K8s Automation: Phase 1 | CKAD‑style deployment of PostgreSQL, Flask API, and Nginx frontend using Kustomize, initContainers, and resource governance. Foundation for zero‑trust security lab. | Kubernetes · Kustomize · PostgreSQL · Flask · Nginx |
| 3-Tier K8s Hardening: Phase 2 | Hardened version with Pod Security Standards, non‑root users, read‑only filesystems, dropped capabilities, network policies, and secret management. | Kubernetes · Pod Security Standards · NetworkPolicies |
| Terraform Associate Pocket Guide | A comprehensive pocket guide for the Terraform Associate certification exam. | Terraform · Infrastructure as Code |
⭐ If you find my work helpful, consider starring a repo, it means a lot! ⭐