Open to new opportunities

Edward
Rerkphuritat

DevSecOps & Cloud Engineer — Building secure, automated infrastructure
across AWS and Azure that scales without compromise.

View Projects → Get In Touch
Scroll to explore
01 // About

Security isn't
an afterthought.

I'm a DevSecOps & Cloud Engineer with 8+ years of experience designing and securing multi-cloud infrastructure on AWS and Azure. I don't bolt security on at the end — I architect it in from day one.

At Tevora, I've led complex projects including hub-and-spoke network architectures, VMware Cloud on AWS hybrid environments, and AWS landing zones — all built with Terraform and aligned to PCI-DSS, HIPAA, and SOC compliance frameworks.

I also teach the next generation of security professionals as a Cybersecurity Instructor at ThriveDX, covering Azure AD, IAM, and identity management best practices.

Let's talk →
8+
Years experience
3
Cloud platforms
30%
Faster provisioning
5+
Certifications
02 // Skills

What I work with.

Tools and technologies I use to build secure, automated, and scalable cloud infrastructure.

☁️
Multi-Cloud Infrastructure
Resilient, highly available architectures across AWS and Azure with cost governance and compliance built in.
AWSAzureEC2S3VPCLambda
🏗️
Infrastructure as Code
Reusable Terraform modules enabling consistent, 30% faster provisioning across multiple environments.
TerraformAWS CDKCloudFormationHCL
🔒
Cloud Security
Compliance-aligned controls across PCI-DSS, HIPAA, and SOC. IAM least-privilege, centralized logging, continuous threat detection.
Security HubCloudTrailOrca SecurityRapid7IAM
⚙️
DevOps & CI/CD
Automated pipelines from commit to production. Docker golden images, GitHub Actions, zero-downtime deployments.
GitHub ActionsDockerECRCI/CD
🌎
Networking
Hub-and-spoke topologies, Transit Gateways, VPN, and Direct Connect for complex hybrid environments.
Transit GatewayVPNDirect ConnectRoute53
💻
Automation & Scripting
Eliminating manual toil through code. If it's repeatable, it's automated.
PythonBashPowerShellCloudWatch
03 // Projects

Things I've built.

Cloud infrastructure and security engineering work.

Project 01 — Featured
This Portfolio — DevSecOps in Practice
This site demonstrates DevSecOps principles end-to-end. Containerized with Docker as a golden image, infrastructure provisioned via Terraform, auto-deployed via GitHub Actions on every push. Zero-downtime deployments, SSL via Let's Encrypt, and security headers baked in.
TerraformDockerGitHub ActionsAWS ECREC2Let's Encrypt
View on GitHub →
1# golden image pipeline
2FROM nginx:alpine
3COPY ./website /usr/share/nginx/html
4EXPOSE 80 443
5
6# push -> deploy -> https
Project 02
Multi-Account AWS Architecture
Designed and implemented a secure multi-account AWS architecture using Organizations, Control Tower, and Transit Gateway for a retirement finance client. Full compliance alignment.
AWS OrganizationsControl TowerTransit GatewayTerraform
Project 03
Hybrid Cloud — AWS + VMware
Implemented a hybrid AWS-VMware solution for seamless workload migration between on-premises and cloud. Hub-and-spoke network with Transit Gateways across dev, prod, and shared services.
VMware CloudAWSTransit GatewayVPN
Project 04
DR Solution — 30min RTO
Architected a disaster recovery solution using AWS services achieving a 30-minute RTO for critical business applications. Automated failover with Route53 health checks and cross-region replication.
AWSRoute53RDSTerraform
Project 05
GitHub Actions OIDC Federation
Eliminated long-lived IAM access keys from the CI/CD pipeline by implementing OIDC federation between GitHub Actions and AWS IAM. GitHub now requests a short-lived token scoped to the exact repo and branch at runtime. Trust policy and IAM role fully automated via Terraform. Previously implemented for enterprise clients in production.
OIDCIAM FederationGitHub ActionsTerraformAWS STS
View writeup →
Project 06
Rerkt.AI — AI Portfolio Assistant
Built and deployed an AI assistant at ai.rerktserver.com on the same $6.50/mo EC2 infrastructure. A Node.js proxy container holds the API key server-side, rate limits requests per IP, and validates request origin before forwarding to the Anthropic API. The chat UI, proxy, and SSL cert are all deployed through the same GitHub Actions pipeline.
Claude APINode.jsDockernginxEC2GitHub Actions
Try it live →
Project 07
Rerkt.AI Bedrock — Native AWS AI Integration
Extended the AI assistant using AWS Bedrock instead of the Anthropic API directly. The Node.js proxy authenticates via EC2 IAM instance role — no API keys required. Demonstrates the architectural difference between external API calls and native AWS AI services. Deployed as a third container on the same EC2 with a dedicated subdomain, SSL cert, and daily request cap to control costs.
AWS BedrockIAM RolesNode.jsDockernginxClaude Haiku
Try it live →
04 // Experience

Where I've worked.

A track record of building secure, scalable infrastructure at every level.

July 2021 — Present
Senior Cloud Engineer
Tevora — Remote
  • Architected centralized AWS hub-and-spoke network with Transit Gateways across dev, prod, and shared services.
  • Deployed VMware Cloud on AWS for hybrid workload migration between on-premises and cloud platforms.
  • Developed reusable Terraform modules, reducing provisioning time by 30% across multiple environments.
  • Conducted AWS Well-Architected Framework reviews, improving reliability and reducing operational costs.
  • Contributed to PCI-DSS, HIPAA, and SOC compliance initiatives across cloud infrastructures.
  • Centralized logging and monitoring via AWS Security Hub, CloudTrail, and CloudWatch.
October 2022 — Present
Cybersecurity Instructor
ThriveDX — Remote
  • Delivered training on Azure AD, LDAP integrations, MFA, and identity management best practices.
  • Provided hands-on guidance for complex IAM configurations and cloud security troubleshooting.
  • Conducted GPO training in Windows environments demonstrating effective security policy controls.
February 2017 — June 2021
Cloud Engineer
MVRKETREE
  • Utilized AWS services (S3, CloudFront, EC2) for scalable web solutions optimized for performance and security.
  • Conducted regular security audits and managed SSL/TLS certificates ensuring secure communications.
  • Developed secure, responsive websites implementing security best practices throughout.
05 // Certifications

Credentials.

Industry certifications validating cloud, security, and infrastructure expertise.

🏆
AWS Solutions Architect
Amazon Web Services — Associate
☁️
AWS Cloud Practitioner
Amazon Web Services
🏗️
Terraform Associate
HashiCorp
🔒
CompTIA Security+
CompTIA
🔑
Okta Professional
Okta
🎓
Cybersecurity Program
UC Irvine Continued Education
06 // Contact

Let's build
something secure.

Open to senior cloud, DevSecOps, and platform engineering roles. Also available for consulting on AWS architecture, security compliance, and infrastructure automation.

Email
[email protected]
GitHub
github.com/rerkted
LinkedIn
/in/ererkphuritat