Ethan Salzman

DevSecOps Engineer

About Me

I'm a highly driven Cybersecurity Analyst and DevSecOps Engineer. I enjoy ensuring the in-depth security of computer systems as well as building these systems to be secure from the ground up. I also enjoy creating and maintaining game servers for my friends and I to play on.

Skills

Experience

DevSecOps Engineer | Aeropay

2022 - Present


Audit Log Aggregation Pipeline and SIEM Integration

Built pipeline for aggregating CloudTrail logs, GuardDuty logs, and Config compliance packs in AWS Organization to ensure 100% account coverage

Integrated DataDog SIEM with custom rules to push alerts to Slack


Mobile Device Management Implementation

Designed and conducted an implementation of JumpCloud Mobile Device Management for a combination of Windows, Mac, and Linux computers


SSO Implementation

Initialized and integrated JumpCloud SSO organization-wide

Implemented Role-Based Access Control to manage access to applications and resources

Wrote code for an SSO integration with in-house tooling


Secure Cloud Architecture Development

Utilized AWS cloud platform to build and maintain multiple architectures for payment services, including both traditional and serverless architectures

Used IAC tools such as AWS CDK, Serverless Framework, SAM, CloudFormation, and Terraform to create and manage platform, ECS, and serverless stacks

Managed release pipelines using AWS CodePipeline, and integrated to CI testing via Github Actions

Vulnerability scanning integrated into CI testing suite via Snyk

Designed and managed hub-and-spoke network topology


SOC Compliance

Instrumented automation tools to maintain SOC 2 Type 2 compliance

Achieved compliance for three straight audit periods


AWS Organizations

Used OrgFormation to create and manage an AWS Organization with 100+ accounts

Set up automation pipelines to facilitate creation and deployment of organization accounts

Built automated pipeline to clear default AWS network infrastructure and replace with interconnected VPCs via Transit Gateway

Integrated hybrid cloud architecture between AWS and on-prem via AWS Direct Connect and Transit Gateway


Reliability and Continuity

Developed an automated performance test of REST API-based products

Developed documentation for new services and procedures including installation guides, runbooks, and network diagrams

Managed internal ticketing system and designed ticketing system with respective SLOs and SLA

Education

Bachelor of Science, Cybersecurity and Information Assurance | Western Governors University

Graduated: 2024

Certifications

CompTIA

PenTest+, CySA+, Security+, Network+, Project+, A+, CNSP, CNVP, CSAP, CSIS, CIOS

ISC2

SSCP, CCSP

LPI

Linux Essentials

Axelos

ITIL 4 Foundations