Marvin Murithi | Site Reliability Engineer

Security and Compliance Automation

Enhanced the security posture of cloud infrastructure and applications through automated security tools and compliance checks.

Implemented Automated Security Testing in CI/CD Pipelines

  • Security Testing with OWASP ZAP: Integrated OWASP ZAP into CI/CD pipelines to perform automated security scanning, identifying vulnerabilities during the development process.
  • Static Code Analysis with SonarQube: Utilized SonarQube for static code analysis, ensuring code quality and detecting potential security issues early.

Ensured Compliance with Standards such as ISO 27001, SOC 2, and GDPR

  • Automated Compliance Checks: Developed automated compliance checks using Terraform to enforce security and regulatory standards across cloud environments.
  • Compliance Reporting: Implemented reporting mechanisms to generate compliance reports, facilitating audits and continuous compliance monitoring.
September 15, 2024security compliance automation