to secure the development lifecycle and infrastructure of an AI-driven communications SaaS platform. This is a part?time / freelance role. We will share the regular works as per your availability. We need to do the below tasks immediately and would like to know your expected time for this tasks and the payment. If your offer is with our expectation and best out of your competitor then we will make agreement for the regular works from our company.
The
immediate priority
is to take ownership of our GitHub repositories, establish a secure CI/CD pipeline, and implement a highly secure, locked-down
Virtual Desktop Infrastructure (VDI) using Amazon WorkSpaces (Ubuntu)
. The objective is to onboard freelance developers into a restricted environment where data exfiltration risks are minimized, source code is protected, and all activity is audited.
Following the VDI implementation, you will continue to work on hardening the broader multi-cloud infrastructure, standardizing deployments, and ensuring safe, observable environments for production.
Provision Ubuntu WorkSpaces via Terraform to serve as the exclusivesecure development environment for freelancers.
Golden Image Creation:
Create and maintain a standard golden image with pre-installed tools (VS Code, Docker, Node.js LTS, Python 3.x, Git CLI, Postman, pgAdmin, kubectl, SourceTree).
Automated Setup:
Implement bootstrap scripts to ensure tools and compliance configs are ready immediately upon provisioning.
Data Loss Prevention (DLP):
Apply strict policies to block USB access, file uploads/downloads, and screenshots. Limit clipboard functionality to "WorkSpace-to-WorkSpace" only.
2. Surveillance, Auditing & Screen Monitoring
Screen Recording:
Implement full screen recording and activity reporting on the VDI and key development servers so sessions can be reviewed for compliance and security.
Activity Auditing:
Enable deep session logging using Amazon CloudWatch, store audit data securely in S3, and visualize metrics using Grafana.
RDP/Access Monitoring:
Ensure all remote access is logged, monitored, and attributable to specific users.
3. Source Code Protection & CI/CD
Repo Takeover:
Take immediate handover of GitHub repositories. Enforce least-privilege access; restrict who can pull full repositories or access sensitive branches.
Secure CI/CD:
Strengthen GitHub Actions pipelines with secure secrets management, artifact handling, and audit trails.
Secret Management:
Separate production secrets from developer environments. Ensure developers have no access to raw production data.
Workflow:
Ensure developers can deploy and test code in the dev environment via the pipeline without strictly requiring the VDI for basic validation.
4. Network Architecture & Identity
Network Design:
Design robust network layouts (VPC, private subnets, routing, NAT, VPN/peering) to avoid public exposure.
Access Control:
Restrict access using VPN (WireGuard or OpenVPN) with strict IP allow-listing so VDI and GitHub are only accessible from the secured environment.
Identity Management:
Manage developer identities using AWS Simple AD along with IAM, SSO, and Role-Based Access Models (RBAC).
5. General Server & Cloud Hardening
Infrastructure as Code:
Provision and track all infrastructure using Terraform (or Pulumi) for reproducible updates.
VM & Container Security:
Harden VMs and containers against intrusion, brute?force attempts, and privilege escalation.
Have you worked with the similar project earlier ? if yes what was it ? how successfully you completed it ?
Are you working in any project or company right now ?
When can you start with the task at the earliest ?
how much time you are expecting to complete the tasks ?
How much you are expecting for this task ?
Experience:
Devops: 3 years (Preferred)
Work Location: Remote
Beware of fraud agents! do not pay money to get a job
MNCJobsGulf.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.