James Kariuki
@jameskariuki6
DevSecOps and Cloud engineer automating secure, observable CI/CD and cloud-native systems.
What I'm looking for
I’m a Cloud, DevOps/DevSecOps Engineer and Full-Stack Developer with hands-on experience (4 years +) designing and automating scalable, secure, and highly available infrastructures. I specialize in CI/CD pipelines, container orchestration, and infrastructure as code, with a strong emphasis on monitoring, logging, and compliance.
In my DevSecOps role, I designed and maintained secure CI/CD pipelines using GitHub Actions and Jenkins, embedding SAST, DAST, and IaC security scanning (tfsec + OPA policies for Terraform) to catch issues early in the SDLC. I built and deployed Dockerized microservices on Kubernetes (AWS EKS) using hardened images and production-grade security controls through image scanning with trivy.
I’m proud of implementing policy-as-code with Kyverno (Kubernetes) and OPA (Terraform) to enforce security, compliance, and governance consistently across infrastructure and workloads. I also applied Zero Trust architecture across AWS and Kubernetes—using least-privilege IAM, secure service-to-service communication, and network segmentation with istio, Cillium, Falco, and RBAC.
I improve outcomes through observability and operational excellence: I implemented end-to-end observability using OpenTelemetry and Tempo for unified metrics, logs, and traces, and strengthened monitoring with Prometheus, Grafana, and ELK/EFK to reduce MTTR. I’ve automated provisioning with Terraform and Ansible for multi-environment deployments (dev, staging, prod), reduced cloud costs by ~30% via Kubernetes optimization, and supported secure, auditable GitOps deployments with Argo CD.
Experience
Work history, roles, and key accomplishments
Cloud & DevSecOps Engineer
Namarunu
Jan 2022 - Jan 2025 (3 years)
Designed and maintained secure CI/CD pipelines and embedded SAST/DAST and IaC security scanning to prevent misconfigurations and vulnerabilities early in the SDLC. Built and operated hardened Docker/Kubernetes workloads on AWS EKS with policy-as-code, Zero Trust controls, and centralized observability to improve reliability and governance.
Fullstack Developer
Likel Procurement China
Jan 2019 - Jan 2021 (2 years)
Built scalable microservices using Next.js, Node.js, and Django with modular service boundaries. Improved performance and security by optimizing databases and caching, implementing JWT/RBAC with OWASP Top 10 practices, and automating CI/CD to reduce deployment time.
Education
Degrees, certifications, and relevant coursework
Harvard University
CS50 (Computer Science), Computer Science
Completed CS50 (Computer Science) via edX. Coursework covered core computer science fundamentals.
Techworld with nana
AWS re/Start (DevOps), DevOps
Completed the AWS re/Start program focused on DevOps. Trained on applying AWS cloud skills in a DevOps context.
Amazon Web Services (AWS)
AWS Cloud Practitioner, Cloud Computing
Earned the AWS Cloud Practitioner certification. Demonstrated foundational knowledge of AWS cloud concepts and services.
Techworld with nana
Graduate Cloud Native Associate, Cloud Native (Kubernetes and AWS)
Completed KCNA: Kubernetes and AWS re/Start as a Graduate Cloud Native Associate. Focused on cloud-native and Kubernetes-related skills.
Linux Foundation
LFS250: Kubernetes, Kubernetes
Completed LFS250 focused on Kubernetes (additional course details not provided).
Linux Foundation
LFS158: Introduction to LFS, Linux Foundation
Completed LFS158: Introduction to LFS (course details not fully specified).
Linux Foundation
LFS101: Introduction to Cloud Native Essentials, Cloud Native Essentials
Completed LFS101: Introduction to Cloud Native Essentials, covering Kubernetes and Linux fundamentals. Course content emphasized cloud-native concepts.
Tech stack
Software and tools used professionally
AWS IAM
GitHub
GitLab
SonarQube
Kubernetes
Jenkins
GitHub Actions
GitLab CI
MySQL
PostgreSQL
MongoDB
Gmail
Node.js
Django
Next.js
Redis
Terraform
Azure DevOps
JavaScript
Java
Loki
Istio
Grafana
Prometheus
OpenTelemetry
Linux
ZAP
Falco
Ansible
Vercel
sso
dockerized
Zap
Root Cause
Burp Suite
Trivy
Kyverno
ArgoCD
Semgrep
CodeQL
Argo CD
OWASP ZAP
Bash
Radius
Remote
Availability
Location
Authorized to work in
Website
james-kariuki.vercel.appPortfolio
james-kariuki.vercel.appJob categories
Skills
Interested in hiring James?
You can contact James and 90k+ other talented remote workers on Himalayas.
Message JamesGet matched with your dream remote job
Sign up now and join over 250,000+ remote workers who receive personalized job alerts, curated job matches, and more for free!
