Subhashree Dhal

I am a passionate and driven DevSecOps Engineer with over five years of experience in Cloud Security, Platform Engineering, Software Development, and DevOps. My expertise lies in designing, architecting, and implementing scalable, secure, and automated solutions that enhance efficiency and resilience in cloud environments.

My professional journey began at Capgemini, followed by SAP Labs, and most recently, I was part of the Platform Security Engineering team at British Petroleum (BP). At BP, I played a key role in mentoring junior engineers and working extensively with AWS services, Kubernetes (EKS), and cloud security.

With a strong background in software development, I have designed and built cloud-native applications and automation solutions using Python, TypeScript, and Bash scripting. I have experience in serverless architectures on AWS, leveraging Lambda, API Gateway, and DynamoDB, and have built microservices-based applications deployed in Kubernetes (EKS). I have also implemented infrastructure automation using Terraform and CloudFormation, ensuring scalability and reliability in production environments.

I have extensive experience working with containers and Kubernetes (EKS), covering the entire lifecycle of containerized applications:

• Image Building & Container Management: I have built and optimized Docker images, managed container registries (AWS ECR, Docker Hub), and ensured efficient container security and performance.
• Deployment & Helm: I have deployed containerized applications to AWS EKS using Helm, implementing Helm Charts for package management and version control. I have also followed GitOps practices using tools like ArgoCD and Flux to ensure declarative deployments and automated rollbacks.
• Kubernetes Upgrades & Scaling: I have managed and upgraded Kubernetes clusters, ensuring multi-AZ high availability and optimizing node scaling for cost efficiency.
• Monitoring & Observability: I have set up comprehensive monitoring using Prometheus, Grafana, and Datadog for both cluster health and application performance. I have also implemented alerting mechanisms to proactively detect and resolve issues.

Security has been at the core of my work. I have architected multi-layered security solutions to protect public-facing assets and built automated security workflows for threat detection and incident response. Some key highlights include:

• Automated Security Agent Deployment: Designed an automated workflow for deploying security agents like CrowdStrike Falcon and Microsoft Defender across thousands of EC2 instances, ensuring compliance with ISO 27001 and CIS benchmarks.
• SIEM Integration & Threat Detection: Integrated AWS security logs (CloudTrail, GuardDuty, Security Hub, and AWS WAF logs) into SIEM solutions like Microsoft Sentinel, enabling real-time threat detection and automated incident response.
• SAST & SCA Integration: Implemented shift-left security by integrating tools like Snyk, SonarQube, and Checkmarx into CI/CD pipelines, reducing security vulnerabilities before deployment.

I have hands-on experience with CI/CD pipelines, optimizing software delivery and deployment using:

• Azure DevOps, GitHub Actions, and Jenkins for automated build, test, and deployment.
• Infrastructure as Code (IaC) with Terraform and CloudFormation to manage and scale cloud environments.
• Configuration Management using Ansible for automating deployments and system configurations.

Beyond technical skills, I am always looking for ways to optimize processes, enhance security posture, and drive innovation. Whether it's automating AWS account onboarding, implementing GitOps practices, or designing robust cloud-native architectures, I focus on scalability, security, and operational excellence.

I thrive in fast-paced, growth-driven teams, and I’m always eager to take on new challenges that push me to learn and innovate.