Oliver Ewert, Developer in Wellington, New Zealand
Oliver is available for hire
Hire Oliver

Oliver Ewert

Verified Expert  in Engineering

Software Developer

Location
Wellington, New Zealand
Toptal Member Since
March 19, 2020

Oliver在云中的自动化方面拥有超过五年的经验——从自动化防火墙设备配置到现代, serverless web applications. Along with a strong security and systems background, he's successfully worked as a full-stack developer. 他开始做自由职业者是因为他喜欢新的挑战,帮助别人,想要更大的灵活性. Oliver is an active member in his local developer community, speaking at conferences and contributing to open source.

System AdministrationCloud SecuritySecurityWeb SecurityAWS DevOpsPython 3PythonPython 2Amazon Web Services (AWS)AWS IAMAWS CloudFormationDockerAuth0Web DevelopmentCloudflareXero

Portfolio

Fantail Consulting
亚马逊网络服务(AWS)、Azure、Azure物联网中心、Auth0、Web安全、Balena...
Permiso Security
AWS Lambda, Amazon API Gateway, API Gateway, Terraform, Web Security...
Environmental Science and Research Ltd
Azure, Azure Kubernetes Service (AKS), Kubernetes, Palo Alto Networks, Docker...

Experience

Python 3 - 7 yearsDevOps - 6 yearsAmazon Web Services (AWS) - 6 yearsSecurity - 6 yearsDocker - 3 yearsAuth0 - 2 yearsAzure - 2 yearsAzure Kubernetes Service (AKS) - 2 years

Availability

Part-time

Preferred Environment

Docker、Python 3、亚马逊网络服务(AWS)、Azure、网络安全

The most amazing...

...我所做的事情是对“无法自动化”的遗留系统的部署进行自动化," saving us countless hours of pain and suffering.

Work Experience

Cloud Native Security Consultant

2020 - PRESENT
Fantail Consulting
  • 开发从设计电路板到嵌入式Python的端到端物联网解决方案, device operating system management, cloud connectivity, and Azure IoT Hub management. Utilized Raspberry Pi, balenaCloud, and 4G IoT networks.
  • 帮助小型企业将遗留软件迁移到容器中, streamlining deployment, update processes, and database management through automation.
  • Migrated on-premise infrastructure to the cloud, 从将应用程序迁移到云/无服务器的容器,到将电子邮件服务器迁移到G Suite/Microsoft 365/ProtonMail.
  • Developed custom dashboards to integrate multiple systems, providing a bespoke integration point, utilizing Python, AWS Lambda, and DynamoDB/Amazon RDS.
  • 向小型组织咨询如何以最小的努力提高其安全状态. 这包括风险分析和与工作人员就基本知识(如.g., MFA, etc.),以确保开发实践和基础设施的安全.
Technologies: 亚马逊网络服务(AWS)、Azure、Azure物联网中心、Auth0、Web安全、Balena, PyCharm, Content Delivery Networks (CDN), Cloud Security, Web Development, GitHub, Python 3, Python 2, AWS CloudFormation, Web App Security, Django, Bash, Amazon S3 (AWS S3), DevOps, Continuous Delivery (CD), Network Security, AWS Lambda, Amazon CloudWatch, Kubernetes, Linux, System Administration, Cybersecurity, Amazon EKS

Senior Cloud Security Engineer

2021 - 2022
Permiso Security
  • 改进了部署代码和基础设施的CI/CD过程, including importing resources into Terraform, automating manual deployment steps and checks, improving pipeline security and speed, and reducing errors.
  • Improved AWS environment security, cost, and toil by improving management automation, 使IAM资源和网络更加细化并锁定它们. 实现VPC端点,大幅降低NAT网关成本.
  • Improved incident response and post-mortem processes, 在过程中引入更多的结构,并使其对团队参与过程更加友好.
  • Improved logging, monitoring, 通过实现Grafana Cloud仪表板、警报和Loki日志收集来发出警报. 统一的日志输出格式,允许更容易地搜索和聚合日志.
  • 向产品开发团队建议如何在安全运营环境中使用他们的软件, what workflows for different security roles look like, 以及他们如何为这些工作流简化他们的应用程序.
Technologies: AWS Lambda, Amazon API Gateway, API Gateway, Terraform, Web Security, Cloud Security, DevOps, GitHub, Cloud, Security, Amazon Web Services (AWS), AWS IAM, Amazon S3 (AWS S3), Continuous Delivery (CD), Network Security, Jira, Amazon CloudWatch, JavaScript, PostgreSQL, Amazon DynamoDB, Elasticsearch, Amazon Virtual Private Cloud (VPC), Continuous Integration (CI), DevSecOps, Grafana, CI/CD Pipelines, Web Development, Content Delivery Networks (CDN), AWS CloudFormation, Web App Security, Bash, Linux, System Administration, Cybersecurity

Security Consultant

2020 - 2021
Environmental Science and Research Ltd
  • 使用Azure DevOps部署和支持Azure管理的Kubernetes集群, Terraform, 和Helm的基础设施作为代码部署的自动化管道.
  • 管理和改进了Azure环境架构和安全性, 实现各种Azure安全特性,减少浪费和成本.
  • 支持开发团队构建CI/CD管道,以自动化部署应用程序, 包括实现自动伸缩代理池和基于每个管道服务原则的身份验证,以及改进秘密管理.
  • Sole technical advisor on a multi-agency board to appoint vCISO; supported the process from the board's inception to the selection and onboarding of vCISO.
  • 根据NIST和PSR评估组织安全成熟度. 实施工作计划以提升组织安全成熟度.
  • Managed the external security resource, 包括系统的范围和调度安全评估, overseeing the resulting work items, 并与开发团队一起理解和处理潜在的系统问题.
Technologies: Azure, Azure Kubernetes Service (AKS), Kubernetes, Palo Alto Networks, Docker, ShinyProxy, Helm, Azure DevOps, Auth0, CI/CD Pipelines, Security, Python 3, DevOps, IT Security, Network Security, PostgreSQL 10, Cloud Security, Terraform, PostgreSQL, Web Security, Web Application Firewall (WAF), Web Development, GitHub, Web App Security, SecOps, Bash, Continuous Delivery (CD), Linux, System Administration, Cybersecurity

Platform Engineer (Contract)

2020 - 2020
Westpac New Zealand, Limited
  • 将Java应用程序从遗留基础设施迁移到Kubernetes环境.
  • 通过度量实现对Prometheus和Grafana的可见性和监控,并将日志记录到Elasticsearch集群.
  • 通过预先构建用于本地开发和维护遗留Java应用程序的容器,改进了开发人员的体验.
Technologies: Elasticsearch, Grafana, Prometheus, Jenkins, Kubernetes, Security, DevOps, IT Security, CI/CD Pipelines, ELK (Elastic Stack), Helm, DevSecOps, Continuous Integration (CI), Cloud Security, Web Development, Web Security, Bash, Continuous Delivery (CD), Linux

Security Engineer

2015 - 2020
Xero
  • 通过在前端和后端实现RBAC,为Netflix的开源工具security Monkey(现已不幸停产)做出了贡献.
  • 构建一个完全自动化的CI/CD管道,通过AWS CodePipeline和CodeBuild将应用程序部署到AWS ECS中.
  • 使用Lambda在大约100个AWS账户中实现审计和合规自动化, cross-account IAM roles.
  • 与产品团队就AWS架构中的安全性、最佳实践和成本节约进行咨询.
  • 经过验证的平台和应用程序级安全问题—命令注入, cache poisoning, token misuse, server-side request forgery (SSRF), domain hijacking, and more.
  • Led the development of DevSecOps practice at Xero, 在开发管道中实现各种自动化工具,使安全性和开发人员在部署应用程序之前对其安全性更有信心.
Technologies: Amazon Web Services (AWS), Jenkins, Python, Docker, AWS Cloud Architecture, Security, Python 3, DevOps, Amazon DynamoDB, IT Security, CI/CD Pipelines, Xero API, DevSecOps, PagerDuty, Slack, Continuous Integration (CI), Jenkins Pipeline, Amazon Virtual Private Cloud (VPC), Amazon Elastic Container Service (Amazon ECS), Xero, Network Security, PostgreSQL 10, Cloud Security, PostgreSQL, JavaScript, Web Security, Web Application Firewall (WAF), Content Delivery Networks (CDN), Web Development, API Gateways, Amazon API Gateway, GitHub, Python 2, AWS CloudFormation, Web App Security, SecOps, Django, Bash, Amazon S3 (AWS S3), Continuous Delivery (CD), Jira, AWS Lambda, Amazon CloudWatch, Linux, System Administration, Cybersecurity

IAM Action Tracker

http://aktion.io/
An app to track and manage available AWS IAM actions, services, and policies by scraping open-data sources. It has a serverless architecture hosted on GitHub pages. 它是与前同事合作用Go语言编写的,前端是Bootstrap.

Languages

Python 3, Python, Python 2, Bash, JavaScript, Ruby, C#

Tools

AWS IAM, Amazon Elastic Container Service (Amazon ECS), AWS CloudFormation, Auth0, Jira, Xero, Amazon Virtual Private Cloud (VPC), Amazon CloudWatch, Jenkins, Bitbucket, Slack, Azure Kubernetes Service (AKS), Terraform, PyCharm, Grafana, Sentry, Helm, NGINX, ELK (Elastic Stack), ShinyProxy, Azure IoT Hub, GitHub, Amazon EKS

Platforms

Docker、Amazon Web Services (AWS)、AWS Lambda、Kubernetes、Mailgun、PagerDuty、Azure、Linux、Heroku

Industry Expertise

Cybersecurity, Network Security

Other

Security, AWS DevOps, Cloud Security, Web Security, Web Application Firewall (WAF), System Administration, Akamai, Cloudflare, Web App Security, SecOps, IT Security, Balena, CI/CD Pipelines, AWS Cloud Architecture, Web Development, Content Delivery Networks (CDN), Prometheus, Slackbot, Palo Alto Networks, Amazon API Gateway, API Gateways, Cloud

Frameworks

Django

Libraries/APIs

Jenkins Pipeline, Xero API

Paradigms

DevOps, DevSecOps,持续交付(CD),持续集成(CI), Azure DevOps

Storage

Amazon S3 (AWS S3), AWS CodeStar, PostgreSQL, Elasticsearch, Amazon DynamoDB, PostgreSQL 10

2013 - 2017

Bachelor of Engineering Degree in Network Engineering

Victoria University of Wellington - Wellington, New Zealand

SEPTEMBER 2018 - PRESENT

Akamai Bot Manager Foundations

Akamai

AUGUST 2018 - PRESENT

Akamai Kona Site Defender

Akamai

JULY 2018 - PRESENT

Akamai Web Performance Foundations

Akamai

MARCH 2018 - MARCH 2021

AWS Certified Solutions Architect Associate

AWS

Collaboration That Works

How to Work with Toptal

在数小时内,而不是数周或数月,我们的网络将为您直接匹配全球行业专家.

1

Share your needs

在与Toptal领域专家的电话中讨论您的需求并细化您的范围.
2

Choose your talent

在24小时内获得专业匹配人才的简短列表,以进行审查,面试和选择.
3

Start your risk-free talent trial

与你选择的人才一起工作,试用最多两周. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring