Theo Rutter

Experience

• Designed and implemented a new access control model for a project replacing write access for all developers with reduced privileges in higher environments. Created a repository to store developer access as code and automated the access granting process to remove bottlenecks on team leads
• Led threat modelling sessions with development teams using the STRIDE framework to identify vulnerabilities in their designs
• Performed code reviews for product teams and explained security best practices
• Developed and maintained a service to rotate AWS IAM user secrets and synchronise them with applications in Azure Active Directory

• Developed CI/CD pipelines for Python applications with stages for linting, unit tests, SAST and SCA with Checkmarx and deployment to Azure
• Refactored an AWS microservice to use step functions instead of independent scheduled steps; the refactor reduced the average time to run from hours to minutes while making the service easier to understand and maintain
• Created documentation on best practices for writing integration tests of serverless applications so that they can be integrated in CI/CD pipelines

Projects

• Created a web application reporting my Spotify listening habits. The app is deployed in AWS using a Lambda backend to refresh a Glue table hourly; the front end queries the table using Athena. The infrastructure is created with the AWS CDK and deployed using Github Actions. Link here.

Education

Skills

• Python
• C#
• Powershell
• Bash
• AWS
• Azure
• ADO YAML Pipelines
• IaC (Cloudformation, Bicep)
• Linux
• Git
• Docker

Written by Theo Rutter who lives and works in Nottingham. You should check out their github profile.