resume.md
resume.pdf
resume.epub
resume.docx
resume.tex
resume.odt

Colin Tufts

Resume & Profile

Profile

Linux Systems / DevSecOps / Information Security / Cloud Security Engineering

About me

Seasoned security engineering leader interested in protecting critical infrastructure and defense systems. Combining deep expertise in threat intelligence, incident response, and security automation with a strong foundation in cloud architecture and DevSecOps. Passionate about implementing robust security frameworks and advancing canadian national security interests through technology. Extensive experience in both offensive and defensive security operations. Current CPTS candidate. Working towards completing my CISSP.

Colin Tufts

Details

Name:
Colin Tufts
Location:
Remote, Ontario, Canada, Earth

I deployed this resume via Python Flask and Jinja2 framework using Twitter Bootstrap. Deployed in a kubernetes cluster via Gitlab CI/CD.

Recent Experiences

“Protons give an atom its identity, electrons its personality.”
- Bill Bryson, A short history of nearly everything

Career

Peoples Group Toronto, ON

Team Lead, DevSecOps Engineering

June 2026 - Current

Lead a DevSecOps engineering team while maintaining direct technical contribution — setting security strategy, driving hiring and mentorship, and owning vendor and stakeholder relationships alongside hands-on delivery.

Show Extensive Accomplishments
  • Lead, mentor, and grow a team of DevSecOps engineers, conducting regular 1:1s and supporting career development.
  • Drive hiring efforts including candidate screening, technical interviews, and onboarding of new team members.
  • Define and execute the DevSecOps security strategy and roadmap in alignment with organizational goals.
  • Own Purchase Order approvals and budget tracking for security tooling and infrastructure.
  • Manage vendor relationships and lead annual and ad-hoc vendor renewals for security platforms.
  • Lead the Security Centre of Excellence, establishing standards and championing security across the SDLC.
  • Collaborate with executive stakeholders to communicate security posture, risk, and program progress.
  • Architect and iterate on CI/CD pipelines using GitHub Actions and Terraform to support secure, automated software delivery.
  • Maintain and expand integration of AWS and Azure environments into Microsoft Sentinel for centralized threat detection and monitoring.
  • Lead cloud security posture reviews across AWS and Azure, driving remediation of misconfigurations and enforcing least-privilege access.
  • Develop and enforce infrastructure as code standards using Terraform and Azure Blueprints for consistent, policy-compliant resource provisioning.
  • Integrate and continuously tune SAST/DAST tooling across development pipelines for automated vulnerability detection.
  • Conduct threat modeling and risk assessment sessions with engineering and product teams to proactively surface and mitigate security risks.
  • Configure and manage AWS security services including SecurityHub, GuardDuty, and CloudTrail for continuous compliance and threat visibility.
  • Leverage Microsoft Defender and Sentinel to triage and respond to security incidents across hybrid cloud environments.
  • Implement and maintain security automation using Python and Bash to reduce manual toil and accelerate incident response.
  • Collaborate with development teams to embed security checkpoints and controls throughout the SDLC.

Senior DevSecOps Engineer

February 2025 - June 2026

Drove security automation and CI/CD pipeline maturity across Peoples Group, championing compliance as code and cloud migration security. Founded and led the Security Centre of Excellence.

Show Extensive Accomplishments
  • Architect and implement CI/CD pipelines from the ground up to support secure software delivery.
  • Integrate AWS and Azure environments into Microsoft Sentinel for centralized security monitoring.
  • Leading the Security Centre of Excellence, ensuring security is a focus of our SDLC.
  • Reevaluate and enhance AWS configurations, supporting a seamless migration to Azure cloud.
  • Develop and enforce infrastructure as code practices using Terraform and GitHub Actions.
  • Implement Azure Blueprints to ensure consistent policy enforcement across resources.
  • Conduct regular threat modeling and risk assessment sessions to mitigate security vulnerabilities.
  • Integrate and tune SAST/DAST tools for continuous security scanning.
  • Collaborate with development teams to embed security processes in the SDLC.

Firmex Toronto, ON

Cloud Security Engineer

July 2023 - February 2025

Responsible for the day-to-day delivery of Security Operations for Firmex. Leading the security vision and strategy around cloud-based applications including IaaS/PaaS/SaaS.

Show Extensive Accomplishments
  • Actively monitor and research cyber threats impacting business operations or technology infrastructure
  • Handle Incident Management and Incident Response, leading the organization in cyber threat management.
  • Conduct Vulnerability Management and Penetration Testing, and ensure compliance with PCI, HIPAA, GDPR, SOC
  • Work collaboratively within a team of security professionals across the organization on security best practices and product support
  • Collaborate with engineering, infrastructure services, and application development to integrate technology solutions
  • Develop subject matter expertise on assigned security technologies for efficient delivery of security services
  • Implement custom software solutions using python and applicable scripting languages, including writing scripts in PowerShell/Bash
  • Configure, automate and actively monitor threats within AWS using SecurityHub and GuardDuty
  • Develop standards in partnership with other teams
  • Create, Implement, advance security posture and status via CI/CD pipelines
  • Make use of Kali linux and security tools such as Burpsuite, Wireshark to find and test vulnerabilities in our applications
  • Make use of the Microsoft Azure suite of tooling, including Microsoft Sentinel, Defender Security Platform, to analyze the environment for threats as well as triage incidents
  • Contribute to the Development of Standards, Technical Security Specifications, and Operating Procedures
  • Provide support to various IT, IT Security, and Business projects with insights on security technologies
  • Manage and configure AWS services, including writing Cloudformation templates
  • Work extensively with Windows, Linux infrastructure, and SaaS/PaaS environments in a 24x7 production environment across multiple data centers and Public Cloud providers

Industrious Montreal, QC

DevSecOps Engineer

March 2022 - February 2023

Part of a large DevSecOps team implementing best practices in IaC, CI/CD pipelines and promoting good workflows and development operations.

Show Extensive Accomplishments
  • Working with Github actions and other build tools such as CircleCI in a CI/CD process to build and deploy to AWS cloud environment
  • Maintain, update ACLs, VPC environments, to keep all systems secure.
  • Containerize and upgrade legacy applications to provide better adaptability and provide continuous delivery of the applications.
  • Deploying/implementing Grafana, Prometheus, and other monitoring tools for observability of traditional services and micro-services.
  • Monitoring all environments (via tools like Elastic Beanstalk, EC2, S3, Cloudwatch, Cloudtrail) acting preemptively to prevent system failures and outages
  • Implement systems architecture and data strategy projects while minimizing impact on internal teams and members
  • Architect, implement and build deployment solutions for downstream consumption.
  • Increase reliability, maintainability, scalability of existing and future stacks

Deluxe Minneapolis, MN

Cloud Administrator

November 2020 - March 2022

Maintained log ingestion pipelines and site reliability for Deluxe's cloud platform, serving as the primary owner of application performance management tooling.

Show Extensive Accomplishments
  • Member of the production SRE team during incidents and outages with investigation of stack / node / container failures.
  • Grafana dashboard and Observability SME.
  • Container triage and management SME.
  • Turbonomic (Application Performance Management) SME.
  • Incident responder, including threat and vulnerability management.
  • Built dashboards for both executive management and production support consumption for insight into deeper environmental stability.
  • Regularly contributed to our internal tooling to manage administrative operations across the environment.
  • Heavy usage of scripting (ansible, bash, powershell, powercli) to automate and create tooling to increases operation effectiveness.
  • Responsible for the overall support, maintenance, and deployment of Private and Public cloud infrastructure.
  • Instructing junior staff with incident management tasks, operational tasks, and administrative tasks some examples are server level restorations, tool development, application deployment, vulnerability remediation.
  • Provisioning, configuring, operating, maintaining, patching, and backing up all infrastructure through manual and automated processes.
  • Responsible for Bare metal through all levels of virtualization and containerization.
  • Senior escalation point for incident response.

IMS Waterloo, ON

Systems Administrator

August 2019 - November 2020

Managed full-stack infrastructure from bare metal through virtualization and containers in a System Administration team. Operated under ISO 27001 compliance, balancing security rigor with operational usability.

Show Extensive Accomplishments
  • Created and Implemented auditing system, reducing auditing timeline from 3 weeks to 30 minutes.
  • Configured Nagios and Centreon monitoring scripts for production systems.
  • Liason to executive leadership team for monitoring and observability.
  • Worked with management and external customers to establish and evaluate SLAs and SLOs
  • AWS SME for multi-cloud environment.
  • Lead VMware cluster upgrade, requiring the management and distribution of work to multiple departments and resources.
  • Lead Stakeholder in Data-Center Infrastructure & Maintenance
  • Cassandra SME, lead all efforts related to maintenance and integration with Cassandra
  • Trained and evaluated new-hires and upskilling employees for the Operations Team
  • Implemented changes following ITIL best practices and encouraged others to do so.
  • VMware SME, lead for all things virtual.

Abilities

“We all have ability. The difference is how we use it.”
- Charlotte Whitton

Hypervisors/Virtualization

  • VMWare ESXi
  • VMWare vCenter
  • Bash/Shell
  • AWS ec2
  • AWS ecs
  • XenServer
  • KVM
  • MaaS
  • YAML
  • vROps
  • vRA
  • AWS Elastic Beanstalk
  • Openstack

Devops Tools

  • Turbonomic
  • Terraform/HCL
  • AWS Cloudwatch
  • Docker-Compose
  • Puppet
  • Grafana
  • Prometheus
  • Chef
  • Vagrant

Build / CI Tools

  • Gitlab
  • Jenkins
  • CircleCI
  • Github Actions

Skills

  • Python
  • Ansible
  • MySQL
  • Docker
  • Linux
  • Nginx
  • Apache
  • JSON
  • Wordpress
  • Kubernetes
  • MongoDB
  • XML
  • DNS
  • Git (SCM)
  • Nagios
  • Redis
  • Networking
  • Javascript
  • Typescript
  • HTML(5)
  • Postgres
  • SMTP
  • Postfix
  • ChatGPT
  • LLM
  • Prompt Engineering
  • ElasticSearch
  • PHP
  • Cassandra
  • Splunk
  • Kibana
  • GuardDuty
  • SecurityHub
  • Microsoft Sentinel
  • jira
  • Wazuh
  • REST Frameworks
  • CSS(3)
  • Observium
  • AWS DynamoDB
  • Bootstrap Framework
  • Tomcat
  • Ruby
  • Perl
  • C/C++
  • Golang
  • Oracle
  • JQuery
  • Java

Pentesting Skills

  • nmap
  • Metasploit
  • Forensics
  • Vulnerability Research
  • Enumeration
  • BurpSuite
  • Reverse Engineering
  • PoC Development

Languages

  • English

Contact Me