I will implement azure devsecops and secure ci cd pipelines

David Borja

Mexico

I speak Spanish, English

Cibersecurity Expert

I help businesses stay safe online by preventing fraud, protecting sensitive information, and reducing digital risks. My goal is simple: make sure your company, your clients, and your reputation stay ...
Read More
About this Gig

Security is often the bottleneck in rapid deployment. As an experienced Senior Systems Engineer, I help organizations integrate security checkpoints directly into their Azure Pipelines or GitHub Actions. I don't just find vulnerabilities; I build automated systems that prevent them from ever reaching production.


By combining my software development background with cloud infrastructure expertise, I ensure your DevSecOps journey is seamless, automated, and audit-ready.


My Azure DevSecOps Toolkit:

  • Azure Pipelines Security: Integration of SAST (SonarQube/Checkmarx) and DAST inside Azure DevOps.
  • Infrastructure as Code (IaC) Auditing: Automated scanning of Bicep, ARM Templates, or Terraform using Checkov/Terrascan.
  • Secret Management: Migrating credentials to Azure Key Vault using Managed Identities (No more secrets in code).
  • Container Security: Vulnerability scanning for Azure Container Registry (ACR) and hardening for AKS.
  • Compliance Automation: Implementing Azure Policy as Code to meet SOC2/ISO 27001 requirements automatically.


Read More
implement azure devsecops and secure ci cd pipelines
Full Screen
implement azure devsecops and secure ci cd pipelines
View Presentation
implement azure devsecops and secure ci cd pipelinesimplement azure devsecops and secure ci cd pipelines

Tools:

Docker

GitHub

Frameworks:

Terraform

Ansible

Cloud Provider:

Microsoft Azure

Programming language:

Java

Python

Expertise:

Development

Configuration

My Portfolio

Related tags