resume.md
resume.pdf
resume.epub
resume.docx
resume.tex
resume.odt

Colin Tufts

Resume & Profile

Profile

Linux Systems / DevSecOps / Information Security / Cloud Security Engineering

About me

Seasoned security engineering leader interested in protecting critical infrastructure and defense systems. Combining deep expertise in threat intelligence, incident response, and security automation with a strong foundation in cloud architecture and DevSecOps. Passionate about implementing robust security frameworks and advancing canadian national security interests through technology. Current OSCP and CPTS Candidate with extensive experience in both offensive and defensive security operations. Working towards completing my CISSP.

Colin Tufts

Details

Name:
Colin Tufts
Location:
Remote, Ontario, Canada, Earth

I deployed this resume via Python Flask and Jinja2 framework using Twitter Bootstrap. Deployed in a kubernetes cluster via Gitlab CI/CD.

Recent Experiences

“Protons give an atom its identity, electrons its personality.”
- Bill Bryson, A short history of nearly everything

Career

Senior DevSecOps Engineer

February 2025 - Current

Peoples Group Leading security-focused automation and CI/CD pipeline implementation efforts for People's Group, ensuring robust compliance and efficient cloud migrations. Leading the Security Centre of Excellence

Show Extensive Accomplishments
  • Architect and implement CI/CD pipelines from the ground up to support secure software delivery.
  • Integrate AWS and Azure environments into Microsoft Sentinel for centralized security monitoring.
  • Leading the Security Centre of Excellence, ensuring security is a focus of our SDLC.
  • Reevaluate and enhance AWS configurations, supporting a seamless migration to Azure cloud.
  • Develop and enforce infrastructure as code practices using Terraform and GitHub Actions.
  • Implement Azure Blueprints to ensure consistent policy enforcement across resources.
  • Conduct regular threat modeling and risk assessment sessions to mitigate security vulnerabilities.
  • Integrate and tune SAST/DAST tools for continuous security scanning.
  • Collaborate with development teams to embed security processes in the SDLC.
Toronto, ON | http://peoplestrust.com

Cloud Security Engineer

July 2023 - Current

Firmex Responsible for the day-to-day delivery of Security Operations for Firmex. Leading the security vision and strategy around cloud-based applications including IaaS/PaaS/SaaS.

Show Extensive Accomplishments
  • Actively monitor and research cyber threats impacting business operations or technology infrastructure
  • Handle Incident Management and Incident Response, leading the organization in cyber threat management.
  • Conduct Vulnerability Management and Penetration Testing, and ensure compliance with PCI, HIPAA, GDPR, SOC
  • Work collaboratively within a team of security professionals across the organization on security best practices and product support
  • Collaborate with engineering, infrastructure services, and application development to integrate technology solutions
  • Develop subject matter expertise on assigned security technologies for efficient delivery of security services
  • Implement custom software solutions using python and applicable scripting languages, including writing scripts in PowerShell/Bash
  • Configure, automate and actively monitor threats within AWS using SecurityHub and GuardDuty
  • Develop standards in partnership with other teams
  • Create, Implement, advance security posture and status via CI/CD pipelines
  • Make use of Kali linux and security tools such as Burpsuite, Wireshark to find and test vulnerabilities in our applications
  • Make use of the Microsoft Azure suite of tooling, including Microsoft Sentinel, Defender Security Platform, to analyze the environment for threats as well as triage incidents
  • Contribute to the Development of Standards, Technical Security Specifications, and Operating Procedures
  • Provide support to various IT, IT Security, and Business projects with insights on security technologies
  • Manage and configure AWS services, including writing Cloudformation templates
  • Work extensively with Windows, Linux infrastructure, and SaaS/PaaS environments in a 24x7 production environment across multiple data centers and Public Cloud providers
Toronto, Canada | http://firmex.com

Industrious

March 2022 - February 2023

DevSecOps Engineer Part of a large DevSecOps team implementing best practices in IaC, CI/CD pipelines and promoting good workflows and development operations.

Show Extensive Accomplishments
  • Working with Github actions and other build tools such as CircleCI in a CI/CD process to build and deploy to AWS cloud environment
  • Maintain, update ACLs, VPC environments, to keep all systems secure.
  • Containerize and upgrade legacy applications to provide better adaptability and provide continuous delivery of the applications.
  • Deploying/implementing Grafana, Prometheus, and other monitoring tools for observability of traditional services and micro-services.
  • Monitoring all environments (via tools like Elastic Beanstalk, EC2, S3, Cloudwatch, Cloudtrail) acting preemptively to prevent system failures and outages
  • Implement systems architecture and data strategy projects while minimizing impact on internal teams and members
  • Architect, implement and build deployment solutions for downstream consumption.
  • Increase reliability, maintainability, scalability of existing and future stacks
Montreal, QC | http://industriousoffice.com

Cloud Administrator

November 2020 - March 2022

Deluxe Support team member maintaining log ingestion, site reliability, primary resource implementing application performance management.

Show Extensive Accomplishments
  • Member of the production SRE team during incidents and outages with investigation of stack / node / container failures.
  • Grafana dashboard and Observability SME.
  • Container triage and management SME.
  • Turbonomic (Application Performance Management) SME.
  • Incident responder, including threat and vulnerability management.
  • Built dashboards for both executive management and production support consumption for insight into deeper environmental stability.
  • Regularly contributed to our internal tooling to manage administrative operations across the environment.
  • Heavy usage of scripting (ansible, bash, powershell, powercli) to automate and create tooling to increases operation effectiveness.
  • Responsible for the overall support, maintenance, and deployment of Private and Public cloud infrastructure.
  • Instructing junior staff with incident management tasks, operational tasks, and administrative tasks some examples are server level restorations, tool development, application deployment, vulnerability remediation.
  • Provisioning, configuring, operating, maintaining, patching, and backing up all infrastructure through manual and automated processes.
  • Responsible for Bare metal through all levels of virtualization and containerization.
  • Senior escalation point for incident response.
Minneapolis, MN | http://deluxe.com

Systems Administrator

August 2019 - November 2020

IMS Worked in a cross-discipline devops team managing everything bare metal and up, including multiple types of virtualization and containerization. Used best security practices in a strict IS027001 environment, while maintaining ease of use.

Show Extensive Accomplishments
  • Created and Implemented auditing system, reducing auditing timeline from 3 weeks to 30 minutes.
  • Configured Nagios and Centreon monitoring scripts for production systems.
  • Liason to executive leadership team for monitoring and observability.
  • Worked with management and external customers to establish and evaluate SLAs and SLOs
  • AWS SME for multi-cloud environment.
  • Lead VMware cluster upgrade, requiring the management and distribution of work to multiple departments and resources.
  • Lead Stakeholder in Data-Center Infrastructure & Maintenance
  • Cassandra SME, lead all efforts related to maintenance and integration with Cassandra
  • Trained and evaluated new-hires and upskilling employees for the Operations Team
  • Implemented changes following ITIL best practices and encouraged others to do so.
  • VMware SME, lead for all things virtual.
Waterloo, ON | http://ims.tech

Abilities

“We all have ability. The difference is how we use it.”
- Charlotte Whitton

Hypervisors/Virtualization

  • VMWare ESXi
  • VMWare vCenter
  • Bash/Shell
  • AWS ec2
  • AWS ecs
  • XenServer
  • KVM
  • MaaS
  • YAML
  • vROps
  • vRA
  • AWS Elastic Beanstalk
  • Openstack

Devops Tools

  • Turbonomic
  • Terraform/HCL
  • AWS Cloudwatch
  • Docker-Compose
  • Puppet
  • Grafana
  • Prometheus
  • Chef
  • Vagrant

Build / CI Tools

  • Gitlab
  • Jenkins
  • CircleCI
  • Github Actions

Skills

  • Python
  • Ansible
  • MySQL
  • Docker
  • Linux
  • Nginx
  • Apache
  • JSON
  • Wordpress
  • Kubernetes
  • MongoDB
  • XML
  • DNS
  • Git (SCM)
  • Nagios
  • Redis
  • Networking
  • Javascript
  • Typescript
  • HTML(5)
  • Postgres
  • SMTP
  • Postfix
  • ChatGPT
  • LLM
  • Prompt Engineering
  • ElasticSearch
  • PHP
  • Cassandra
  • Splunk
  • Kibana
  • GuardDuty
  • SecurityHub
  • Microsoft Sentinel
  • jira
  • Wazuh
  • REST Frameworks
  • CSS(3)
  • Observium
  • AWS DynamoDB
  • Bootstrap Framework
  • Tomcat
  • Ruby
  • Perl
  • C/C++
  • Golang
  • Oracle
  • JQuery
  • Java

Pentesting Skills

  • nmap
  • Metasploit
  • Forensics
  • Vulnerability Research
  • Enumeration
  • BurpSuite
  • Reverse Engineering
  • PoC Development

Languages

  • English

Contact Me