Cloud & DevOps Engineer | Cybersecurity & SOC
MSc Cybersecurity (Awarded 2025) · 19+ Years Enterprise IT · AWS · Azure · Terraform · Security Onion · DevSecOps
DevOps and Cybersecurity professional with MSc-level security knowledge, hands-on cloud engineering across AWS and Azure, and 19 years of enterprise IT experience in regulated financial services — now specialising in infrastructure as code, DevSecOps, and security operations.
19+
Years Enterprise IT
MSc
Cybersecurity
Active
DevOps Micro-Internship
10+
Cloud & DevOps Projects
10 yr
Sole Security Owner, Regulated FS
Selected Work
Production-grade work across DevOps, cloud engineering, and cybersecurity — built, documented, and delivered as real engineering output.
DMI Internship
Designed and implemented a complete enterprise DevOps automation workflow for the EpicBook full-stack application using two separate repositories and two Azure DevOps pipelines — one for infrastructure provisioning with Terraform, one for configuration and deployment with Ansible.
DMI Internship
Applied agentic AI workflows using Claude Code and MCP subagents to audit Terraform infrastructure for security issues. Automated checks across S3, CloudFront, HTTPS, TLS, and state management — identified and triaged 8 confirmed security findings.
DMI Internship
Reproduced a production-style 3-tier architecture on Azure — Next.js/Nginx on public VMs, Node.js backend on private VMs managed by PM2, and Azure MySQL Flexible Server with High Availability and a read replica, connected through private networking and NSG rules.
DMI Internship
Deployed a production-grade Book Review application on AWS in a secure 3-tier architecture — Next.js on EC2 behind a public ALB, Node.js API on private EC2 behind an internal ALB, and Amazon RDS MySQL in a private subnet with no direct internet exposure.
MSc Cybersecurity — Robert Gordon University
Deployed and operated Security Onion SIEM to investigate a simulated ransomware intrusion. Performed IDS packet analysis and log forensics, traced the infection vector to a spear-phishing campaign, and produced a professional incident report with remediation recommendations.
Approach
01
Map requirements, constraints, and risk before writing a line of config — whether that is a cloud migration, a CI/CD pipeline, or a security programme. Clarity first, implementation second.
02
Infrastructure as code, CI/CD pipelines, and security embedded from the first commit — not bolted on later. Least-privilege IAM, secrets management, and reproducible environments by default.
03
Production-grade, version-controlled, and handed over clean — with diagrams, runbooks, and audit trails that outlast the engagement.
Technical Stack
Hands-on experience across security, cloud, DevOps, and enterprise IT — applied in real projects and professional environments.
AWS
EC2 · VPC · S3 · RDS
Azure
VM · VNet · NSG · MySQL
Terraform
IaC · Multi-cloud
SIEM & SOC
Security Onion · Alerts
Pen Testing
Kali · Burp · Metasploit
Incident Response
Detection · Forensics
CI/CD
GitHub Actions · Pipelines
Docker
Containers · Compose
Linux
Ubuntu · CentOS · Bash
Windows Server
2008–2022 · AD · M365
IAM & Zero Trust
Access Control · MFA
Databases
MySQL · SQL Server
ISO 27001
NIST · GDPR · Compliance
VMware
Virtualisation · vSphere
Python & Node.js
Scripting · Automation
Background
Profile
Sonny Enchill
UK — Remote / Hybrid / On-site
Nineteen years in regulated financial services gave me something most candidates in this space don't have — real accountability. Not advisory oversight, but direct ownership of cybersecurity posture, cloud decisions, and board-level reporting. That operational depth, combined with an awarded MSc and current hands-on DevOps engineering, is what I bring into my next role.
MSc Cybersecurity
Awarded 2025
CompTIA Security+ (SY0-701)
Exam Scheduled August 2026
MCSA: Windows Server 2012
Certified
Microsoft Certified Professional (MCP)
Certified
Continuing Education
GitHub
Last 12 months — updated hourly
404
Contributions
334
Commits
41
Pull Requests
20
Public Repos
Learning Journal
Documented learnings from real projects — written for engineers, readable by anyone.
Open to the right opportunity
DevOps / DevSecOps, Cloud Engineering, Cybersecurity / SOC — UK remote, hybrid, or on-site. If you are looking for someone who brings both operational depth and hands-on technical delivery, let's talk.