Building secure, scalable cloud infrastructure — and hunting the threats that target it.
I work across the full cloud security stack: infrastructure automation with Terraform and Ansible, container orchestration with Kubernetes and Docker, CI/CD pipelines with Jenkins, and proactive threat detection using CrowdStrike Falcon and Splunk. My projects reflect real-world engineering problems — not tutorials.
Cloud & Infrastructure AWS · Azure · Terraform · Ansible · EC2 · S3 · Lambda · Key Vault · Auto Scaling · Load Balancers
Containers & Orchestration Kubernetes · Docker · Docker Compose · Docker Swarm · Spring Boot on K8s
CI/CD & Automation Jenkins (multi-node, pipelines, Groovy libraries) · Python CD · Infrastructure as Code
Security & Threat Detection CrowdStrike Falcon · Splunk · MITRE ATT&CK · SOC Monitoring · Threat Hunting · EDR · Azure Key Vault
| Project | What It Is |
|---|---|
| CrowdStrike Threat Hunt — SCATTERED SPIDER | Hypothesis-driven threat hunt against a real-world eCrime group using CrowdStrike Falcon CQL, mapped to MITRE ATT&CK v14 |
| Splunk SOC Monitoring Lab | End-to-end SOC monitoring environment built in Splunk with detection rules and dashboards |
| AWS Disaster Recovery Strategy | Multi-region AWS DR architecture with RTO/RPO targets and automated failover |
| Azure Key Vault Lab | Secrets management and access policy automation using Azure Key Vault |
| Kubernetes Rolling Deployment | Zero-downtime rolling deployments on Kubernetes with health checks and rollback |
| Load-Balanced Autoscaling Web Servers | AWS ALB + Auto Scaling Group provisioned end-to-end with Terraform |
- crowdstrike-threat-hunt-portfolio — CrowdStrike Falcon threat hunt · SCATTERED SPIDER · MITRE ATT&CK
- splunk-soc-monitoring-lab — Splunk SOC monitoring and detection
- aws-terraform-ec2-iac — EC2 provisioning with Terraform IaC
- aws-serverless-web-lambda — Serverless web application on AWS Lambda
- azure-key-vault-lab — Azure secrets management
- disaster-recovery-strategy-aws — AWS multi-region DR strategy
- load-balanced-autoscaling-webservers — ALB + ASG with Terraform
- terraform-remote-state-s3 — Remote Terraform state in S3
- modular-webserver-infrastructure — Modular Terraform web infrastructure
- python-appserver-provisioner — EC2 Python app server via Terraform + Ansible
- kubernetes-rolling-deployment-demo — Zero-downtime K8s rolling deployments
- kubernetes-core-namespaces-demo — Kubernetes namespace architecture
- kubernetes-mysql-persistent-volume-demo — MySQL with persistent volumes on K8s
- kubernetes-cluster-ec2-infrastructure — K8s cluster on EC2 with Terraform
- spring-boot-k8s-vulnerability-remediation — Spring Boot containerisation and K8s security hardening
- docker-swarm-ec2-provisioner — Docker Swarm on EC2 with Terraform + Ansible
- ghost-blog-docker-compose — Ghost + MySQL via Docker Compose
- docker-springboot-container-build — Spring Boot Docker container build
- jenkins-ci-cd-springboot-docker — Jenkins pipeline for Spring Boot + Docker
- jenkins-docker-springboot-ci — Jenkins + Docker + Maven CI for Spring Boot
- jenkins-multi-node-infrastructure — Multi-node Jenkins master setup on EC2
- jenkins-groovy-reporting-library — Reusable Groovy library for Jenkins build reports
- python-ci-cd-pipeline — Jenkins + Ansible CD pipeline for Python apps
- ansible-control-node-provisioner — Provision Ansible control node on EC2
- ansible-managed-nodes-provisioner — Provision managed nodes for Ansible
- ansible-control-node-setup — SSH key generation and control node config
- ansible-sandbox-ec2 — EC2 sandbox with Ansible pre-installed
- mariadb-ansible-setup — MariaDB install and config via Ansible
- httpd-static-web-deployment — Apache HTTP static site deployment via Ansible
- terratest-infrastructure — Infrastructure testing with Terratest
- Expanding the CrowdStrike threat hunting portfolio
- Cloud security architecture and detection engineering