Theo Rutter


Oct 2021 - Present
Security Engineer at bp
  • Designed and implemented a new access control model for a project replacing write access for all developers with reduced privileges in higher environments. Created a repository to store developer access as code and automated the access granting process to remove bottlenecks on team leads
  • Led threat modelling sessions with development teams using the STRIDE framework to identify vulnerabilities in their designs
  • Performed code reviews for product teams and explained security best practices
  • Developed and maintained a service to rotate AWS IAM user secrets and synchronise them with applications in Azure Active Directory
Oct 2020 - Sep 2021
Cloud Engineer at Elastacloud
  • Developed CI/CD pipelines for Python applications with stages for linting, unit tests, SAST and SCA with Checkmarx and deployment to Azure
  • Refactored an AWS microservice to use step functions instead of independent scheduled steps; the refactor reduced the average time to run from hours to minutes while making the service easier to understand and maintain
  • Created documentation on best practices for writing integration tests of serverless applications so that they can be integrated in CI/CD pipelines


  • Created a web application reporting my Spotify listening habits. The app is deployed in AWS using a Lambda backend to refresh a Glue table hourly; the front end queries the table using Athena. The infrastructure is created with the AWS CDK and deployed using Github Actions. Link here.


Sep 2015 - Jul 2019
University of Nottingham
Integrated Master's in Mathematics and Statistics (First Class)


  • Python
  • C#
  • Powershell
  • Bash
  • AWS
  • Azure
  • ADO YAML Pipelines
  • IaC (Cloudformation, Bicep)
  • Linux
  • Git
  • Docker
Profile picture

Written by Theo Rutter who lives and works in Nottingham. You should check out their github profile.