DevSecOps • Security Engineering • Cloud & Platform Security

Security-minded engineer building secure delivery pipelines, GitOps workflows, and cloud-native platforms.

I focus on CI/CD hardening, GitOps operations, vulnerability management, artifact integrity, deployment security, and production-minded platform troubleshooting.

View Projects View Resume

What I Build

I build delivery systems that emphasize trust, auditability, and operational clarity: GitHub Actions pipelines, registry workflows, Kubernetes deployments, GitOps reconciliation, software supply chain controls, and policy-based admission enforcement.

Current Focus

DevSecOps and CI/CD security
GitOps and Kubernetes operations
Cloud and container security
Artifact integrity and vulnerability management
Production troubleshooting and platform reliability

Featured Project

K3s Resume Platform

Personal DevSecOps / GitOps Homelab Project

Built a GitOps-driven K3s platform to host a resume application and RSS aggregation service, with secure build, publish, scan, signing, promotion, and policy enforcement workflows.

GitHub Actions CI with GHCR publishing
SBOM generation with Syft
Vulnerability gating with Trivy
Artifact signing with Cosign
GitOps reconciliation with Flux CD
Prod image policy enforcement with Kyverno

Read project details →