🚀 About Me

I'm a passionate DevOps and DevSecOps professional focused on building secure, scalable, and automated infrastructure. I bridge the gap between development, operations, and security to deliver robust solutions that protect and empower organizations.

• 🔐 Specializing in DevSecOps practices and security automation
• ☁️ Building and securing cloud infrastructure on AWS, Azure, and GCP
• 🛠️ Automating everything from CI/CD pipelines to security compliance
• 📚 Continuous learner, always exploring new tools and methodologies
• 🤝 Open source contributor and community advocate

💼 Core Expertise

DevOps

CI/CD: Jenkins, GitLab CI, GitHub Actions, CircleCI
GitOps: ArgoCD, Argo Workflows, Argo Rollouts, FluxCD
Containers: Docker, Kubernetes, Helm, Podman
IaC: Terraform, Ansible, CloudFormation, Pulumi
Monitoring: Prometheus, Grafana, ELK Stack, Datadog, New Relic
Cloud: AWS, Azure, GCP, Multi-cloud architectures

DevSecOps

Security Tools: Vault, Aqua Security, Trivy, Snyk, SonarQube
Compliance: CIS Benchmarks, NIST, SOC 2, ISO 27001
SAST/DAST: Checkmarx, Fortify, OWASP ZAP, Burp Suite
Secrets Management: HashiCorp Vault, AWS Secrets Manager
Threat Detection: Falco, Wazuh, OSSEC, Splunk

🛠️ Tech Stack

📊 GitHub Stats

🏆 Certifications

• 🎖️ AWS Certified Solutions Architect - Professional
• 🎖️ Certified Kubernetes Administrator (CKA)

🔥 Featured Projects

🚀 Kubernetes Security Hardening

Complete security hardening guide for Kubernetes clusters with automated compliance checks and policy enforcement.

Tech: Kubernetes, OPA, Falco, Trivy, Kyverno

🔐 Automated DevSecOps Pipeline

End-to-end security automation pipeline integrating SAST, DAST, SCA, and container scanning into CI/CD workflows.

Tech: Jenkins, GitLab CI, Snyk, SonarQube, Trivy, OWASP ZAP

☁️ Multi-Cloud Infrastructure

Terraform modules for deploying secure, scalable infrastructure across AWS, Azure, and GCP with unified monitoring.

Tech: Terraform, Ansible, Prometheus, Grafana

🛡️ Security Compliance Automation

Automated compliance scanning and remediation for CIS benchmarks, NIST, and custom security policies.

Tech: Python, Ansible, InSpec, AWS Config

📝 Latest Blog Posts

• Building a Zero-Trust Architecture in Kubernetes
• Automating Security Compliance with Infrastructure as Code
• Best Practices for Secrets Management in CI/CD Pipelines
• Implementing DevSecOps: A Practical Guide

💡 What I'm Currently Working On

• 🔭 Building a comprehensive DevSecOps platform for automated security testing
• 🌱 Learning eBPF for advanced security monitoring and observability
• 👯 Contributing to open-source security and DevOps tools
• 📖 Writing technical articles on cloud security and automation

🤝 Let's Connect

I'm always interested in collaborating on DevOps and security projects, discussing new technologies, or helping others in the community. Feel free to reach out!

• 💼 Open to consulting and collaboration opportunities
• 🎤 Available for speaking engagements and workshops
• 📧 Reach me at: sohandogra703@gmail.com