Development and Operations (DevOps)
Kubernetes and Platform Engineering
Solution and Infrastructure Architecture
Cloud engineering and Infrastructure as code
Observability and Application Performance
Infrastructure and application security

Infrastructure and Application Security


IT Security Challenges in Modern IT

Infrastructure and application architectures are becoming increasingly complex. Modern environments consist of a mix of SAAS, PAAS. IAAS, public- and private cloud infrastructure. Software is a mix of closed- and open-source components, developed by both external and internal parties.

Organizations must implement changes frequently to meet business demands, and this speed inevitably introduces risk. The convenience of public cloud services is both a strength and a potential weakness: configuration mistakes can be made easily and may directly impact core business functionality or an organization’s reputation.

The attack surface of modern applications often extends beyond direct organizational control, particularly when using SaaS solutions in (for instance) a best-of-breed architecture. Having a clear understanding of the overall environment is difficult but essential. Despite advances in tooling and automation, human error remains the most significant security risk.

Security is one of the broadest topics in IT. It releates to almost everything, from end-user behavior to database queries and the actions of data center or application engineer.

My Experience

I have worked with organizations where security is the highest priority, as well as with teams that focus primarily on time-to-market. Balancing these priorities is often challenging.

Automation, observability, and robust security tooling play a key role in achieving this balance. Equally important are clear documentation and effective knowledge sharing. The human factor can only be addressed through awareness, standardization, and by removing guesswork from day-to-day IT operations.

What I Can Do for You

  • Perform technical security audits of cloud and/or application environments
  • Improve team processes and operational practices to reduce risk
  • Implement cloud security best practices
  • Review and help remediate penetration test findings
  • Enforce the principle of least privilege across cloud environments (e.g., networking/firewalling and IAM)
  • Strengthen web-based environments using a Web Application Firewall (WAF) and/or Security-enhanced CDN
  • Design and implement Kubernetes security tooling using solutions such as Aqua Security, Red Hat Advanced Cluster Security, or Sysdig
  • Enhance Kubernetes cluster security through software-defined networking and in-transit encryption using a service mesh (e.g., Istio or Cilium)

Let’s discuss your challenges and plan an intake. For more information, please refer to my resume.