Mario de Jesus
DevSecOps Engineer Β· Technical Lead Β· Cloud Architect
Building secure, scalable cloud systems with AI-powered automation. 15+ years turning complex security challenges into measurable business outcomes.
About Me
Security-first engineer with a bias for automation
DevSecOps Engineer and Technical Lead with 15+ years driving security-first initiatives, cloud transformation, and cross-functional team leadership. I specialize in AWS security architecture, vulnerability remediation at scale, and building resilient systems with measurable business impact. Currently based in Montreal (open work permit, no sponsorship required) and open to opportunities across Canada.
Experience
Leading enterprise AWS security architecture, automated vulnerability remediation, and DevSecOps culture adoption for a cross-functional team of 14.
Led security-first development for containerized e-commerce platforms, CI/CD pipelines, and a team of 6 engineers.
Conducted enterprise security audits and penetration testing across Java, .NET, PHP, and database stacks.
Technical Skills
Tools & technologies I work with
Cloud & AWS
DevOps & CI/CD
Security
Languages & Automation
Case Studies
Real problems, measurable outcomes
A selection of security and infrastructure challenges I've solved in production environments.
Cloud Security
AWS Security Transformation
From 45% to 92% compliance in 8 months
Led an enterprise-wide security overhaul addressing 111+ critical vulnerabilities across 23 AWS services, establishing automated compliance monitoring and zero-downtime remediation workflows.
Cloud Infrastructure
AWS Cost Optimization
46% cost reduction without performance trade-offs
Designed and implemented a comprehensive cost optimization program using Python/Boto3 automation, right-sizing analysis, and lifecycle policies β fully automated and repeatable.
DevSecOps
CI/CD Security Pipeline
Security-first deployments at 10Γ the velocity
Replaced manual deployment bottlenecks with GitHub Actions pipelines featuring automated SAST/DAST gates, container scanning, and blue/green deployments β eliminating manual steps entirely.
Platform Engineering
Multi-Tenant AI Agent Platform
Zero open ports. Per-tenant isolation. Production AI agents.
Designed and built a production cloud platform to run OpenClaw β an autonomous AI agent β for multiple isolated tenants. Evolved from single-tenant EC2 to Docker-containerized multi-tenancy with SSM-only access and zero open inbound ports.
Cybersecurity
Cybersecurity Compliance Program
29% β 87% compliance across 5 security frameworks
Led an end-to-end compliance program for a multi-carrier insurance platform β from gap analysis to automated controls β achieving 87% compliance against ISO 27001, CIS Controls v8, and LFPDPPP in under 6 weeks while managing 5 simultaneous insurer security questionnaires.