Freelance Cloud Security Engineers in FriscoFreelance Cloud Security Engineers in Frisco
ProjectsPeople
Paul G's avatar
Paul G
pro
Frisco, USA
Expert cloud & platform consultant building AI platforms
New to Contra
Expert cloud & platform consultant building AI platforms
Cover image for Architected an enterprise Kubernetes platform
Architected an enterprise Kubernetes platform on Azure AKS for a fintech company running 40+ microservices. Traffic enters through Application Gateway with WAF v2 policies and Azure Firewall before reaching the AKS cluster inside a hub-spoke VNet. ArgoCD manages all deployments through GitOps with automatic drift detection and self-healing. ACR stores container images built by Azure DevOps Pipelines with integrated vulnerability scanning. Workloads connect to Cosmos DB, PostgreSQL Flexible Server, and Redis Cache through private endpoints. Azure ML handles fraud detection model inference called directly from within cluster pods. Entra ID with Managed Identities provides passwordless auth across all services.
0
28
Cover image for Designed and deployed a multi-account
Designed and deployed a multi-account AWS landing zone using Control Tower and Organizations for a healthcare SaaS company handling PHI data. The architecture separates management, security, network, and workload accounts with dedicated IAM boundaries. Traffic routes through CloudFront and WAF into a Transit Gateway hub before reaching production VPCs running ECS Fargate workloads. Security Hub aggregates findings from GuardDuty, Inspector, and AWS Config across all accounts. CloudTrail feeds into EventBridge for real-time alerting through SNS. All encryption managed through a centralized KMS account. Infrastructure provisioned entirely with Terraform and Terragrunt modules. Achieved SOC 2 Type II and HIPAA compliance within 90 days.
0
41
Cover image for I built a production-ready serverless
I built a production-ready serverless LLM API on GCP designed for low cost, strong security, and fast inference. Requests flow through CDN, load balancing, WAF, and API management before hitting a Cloud Run FastAPI service that handles prompts, session history, caching, and model routing. The system switches between Gemini 2.5 Pro for deep reasoning and Gemini Flash for fast responses, with RAG support using Vector Search over 768-dim embeddings. Data is stored in Firestore, cached in Redis, and logged to BigQuery. Everything is secured with VPC Service Controls, Workload Identity, KMS, Secret Manager, and DLP. CI/CD is fully automated with Terraform and Cloud Build using canary rollouts and auto-rollback on SLO violations. At around 50K requests per day, the platform runs at about $1K/month and scales to zero when idle.
0
51
Cover image for Here's how I'd build a
Here's how I'd build a scalable ticketing backend with Supabase & Stripe. The backend is where everything lives or breaks. Supabase handles auth and Row Level Security out of the box, Postgres enforces ticket inventory and access at the database level, and Stripe Checkout processes payments with webhooks that keep everything in sync. Capacity limits, discount logic, and user access all of it stay consistent when real traffic hits. Built to scale without needing a full rewrite six months down the road.
0
22
Cloud Security Engineer(3)