Experience
Oct 2021 - PresentSecurity Engineer at bp
- Designed and implemented a new access control model for a project replacing write access for all developers with reduced privileges in higher environments. Created a repository to store developer access as code and automated the access granting process to remove bottlenecks on team leads
- Led threat modelling sessions with development teams using the STRIDE framework to identify vulnerabilities in their designs
- Performed code reviews for product teams and explained security best practices
- Developed and maintained a service to rotate AWS IAM user secrets and synchronise them with applications in Azure Active Directory
Cloud Engineer at Elastacloud
- Developed CI/CD pipelines for Python applications with stages for linting, unit tests, SAST and SCA with Checkmarx and deployment to Azure
- Refactored an AWS microservice to use step functions instead of independent scheduled steps; the refactor reduced the average time to run from hours to minutes while making the service easier to understand and maintain
- Created documentation on best practices for writing integration tests of serverless applications so that they can be integrated in CI/CD pipelines
Projects
- Created a web application reporting my Spotify listening habits. The app is deployed in AWS using a Lambda backend to refresh a Glue table hourly; the front end queries the table using Athena. The infrastructure is created with the AWS CDK and deployed using Github Actions. Link here.
Education
Sep 2015 - Jul 2019University of Nottingham
Integrated Master's in Mathematics and Statistics (First Class)
Skills
- Python
- C#
- Powershell
- Bash
- AWS
- Azure
- ADO YAML Pipelines
- IaC (Cloudformation, Bicep)
- Linux
- Git
- Docker
Written by Theo Rutter who lives and works in Nottingham. You should check out their github profile.