Harish Kumar Srinivasan
Cleveland,OH
Summary
Senior DevSecOps engineer with expertise in AWS and Terraform, focused on enhancing cloud security compliance and automating patching processes. Achievements include significant improvements in security posture and successful leadership in incident management. Proven track record of fostering team collaboration to drive efficiency and innovation in CI/CD processes.
Overview
10
10
years of professional experience
1
1
Certification
Work History
Principal Cloud Engineer
Clickbank
United States
10.2023 - Current
- Architected and implemented comprehensive patch management automation using AWS Systems Manager across 100+ instances, orchestrating complex multi-stage patching workflows.
- Replaced costly PagerDuty runbook solution, reducing operational expenses by $50K annually and improving patch compliance from 60% to 98%.
- Achieved an 85% reduction in cloud security misconfigurations through implementation of service control policies and automated remediation workflows with AWS Config and EventBridge.
- Strengthened security posture by enabling development teams with shift-left security via automated compliance scanning and real-time visibility into CI/CD pipelines, reducing production security incidents by 70%.
- Led migration from legacy on-premises network and VPN infrastructure to modern Secure Access Service Edge (SASE) architecture, enhancing zero-trust controls.
- Improved remote access performance by 40% while reducing infrastructure attack surface for over 100 distributed users.
- Implemented automated remediation workflows to bolster compliance and security across cloud environments.
- Facilitated secure connectivity solutions for distributed teams, ensuring scalability and robust security measures.
Senior DevSecOps Engineer
Secureworks Inc
, United States
10.2021 - 08.2023
- Created controlled maintenance-free Terraform CI/CD deployment pipelines with short-lived AWS credentials backed by Hashicorp Vault which improved compliance for cloud security frameworks
- Integrated gitlab semgrep SAST plugin and DAST for web application in CI/CD to uncover vulnerabilities early in the cycle improving the security of countermeasure lifecycle applications
- Improved observability and visibility of malware detonating applications hosted in on-premise datacenter by forwarding service logs to centralized log management solutions like Datadog improving SLA of the application by 30%
- Automated various operating systems patching on AWS servers using AWS State Manager associations with AWS provided and custom baselines for development and productions servers respectively improving security posture by 50% and eliminating manual efforts.
- Improved global network routing and VPN capabilities for software-based malware analysis using small virtual machines with Alpine Linux-based network routers backed by Packer and QEMU.
- Improved Zero Trust Architecture for s3 hosted global application by migrating from country based whitelisting to novel solution of authenticating to CloudFront using AWS Lambda@Edge and AWS Lambda functions in tandem
- A Dell Company
Senior DevSecOps Engineer
A+E Networks
New Jersey, United States
01.2018 - 09.2021
- Containerized PHP, Drupal, NodeJS and Wordpress applications in Docker and migrated hosting from AWS EC2 hosting to AWS ECS Fargate benefitting in reduced overhead of server maintenance, improved resource usage to cost optimization and quick horizontal scaling during peak and burst traffic.
- Assisted and created workflow for web application team to fix Qualys scanned OWASP vulnerability findings by validating the findings using DAST tools like Burpsuite and ZAP proxy and suggesting the necessary code changes improving the overall security code design
- Hours of on-call PagerDuty training has honed the incident and problem management techniques by bringing the team on the triage bridge, sending out communication to business and concerned third parties, following up with deep dive root cause analysis and proposing corrective actions for making environment robust.
- Designed and Developed an efficient python script that runs every week runs in AWS CodeBuild project to apply patch on all Alpine based OS vulnerabilities found by security scanning tool, Trivy on all the latest ECR docker images and deploy new patched version in ECS Fargate Service.
- Worked on Compliance tools like Evident.io, Prowler and reviewing CIS scores to find the security posture of the Cloud infrastructure which allows us follow best practice everyday by having right governance and controls in place.
System Administrator
Synmeta LLC
New York, United States
06.2016 - 12.2017
- Configured and provided support and maintainence for network firewall, storage, load balancer, operating systems and software in AWS EC2 Instances.
- Responsible for managing the User groups and Group policy for different locations users by Windows server 2012S.
- Managed network troubleshooting and data recovery service to provide high volume marketing applications.
- Maintaining S3 versioning and lifecycle policies to backup files and archive files in Amazon Glacier.
Education
Master of Science - Electrical Engineering
NYU Tandon School of Engineering
New York07.2016
Bachelor of Technology - Electronics and Communication Engineering
National Institute of Technology
Calicut, India06.2014
Skills
- AWS and Azure
- Linux and Windows
- macOS and iOS
- Container orchestration (ECS, EKS, Fargate)
- Infrastructure as code (CloudFormation, Terraform)
- Database management (MySQL, PostgreSQL, MongoDB)
- Version control (Git, SVN)
- Scripting languages (Python, Bash, PowerShell)
- Monitoring and logging (CloudWatch, Datadog)
- Security compliance (ISO 27001, NIST, SOC2)
- Continuous integration/continuous deployment (Jenkins, GitLab)
- Networking protocols (HTTP, TCP/IP, DNS)
Websites
Certification
- AWS Certified Solutions Architect - Associate
- Certified Kubernetes Administrator (CKA)
Honor Awards
CTU Star of the Month, 12/01/21, Secureworks Inc
Timeline
Principal Cloud Engineer
Clickbank
10.2023 - Current
Senior DevSecOps Engineer
Secureworks Inc
10.2021 - 08.2023
Senior DevSecOps Engineer
A+E Networks
01.2018 - 09.2021
System Administrator
Synmeta LLC
06.2016 - 12.2017
Master of Science - Electrical Engineering
NYU Tandon School of Engineering
Bachelor of Technology - Electronics and Communication Engineering
National Institute of Technology