available for projects

Jose
Caicedo

Cloud & DevSecOps Engineer · 12+ years

I design, automate, and secure cloud and on-premise infrastructure. I embed security at every stage of the lifecycle —from code to deployment— turning complex environments into reliable, measurable, and compliant systems.

View my work Let’s talk
−90%CI/CD vulnerabilities
99.9%production uptime
250+companies supported
AWS GCP Azure DevOps Terraform CI/CD Linux WordPress
Jose Caicedo

Certified · Security+ · Network+ · Linux+

// what i do

Design, automation, AI, and security

End to end: from architecture to secure operations, in the cloud and on-premise.

Architecture design

I design cloud and on-premise infrastructure with security by design: network segmentation, least-privilege IAM, high availability, and optimized cost from the very first diagram.

ArchitectureIaCCloudOn-premise

Automation

CI/CD pipelines with built-in security (shift-left): SAST/SCA scanning, IaC validation, and policy as code that blocks insecure configurations before deployment. Repeatable, fast, and auditable releases.

TerraformCI/CDAzure DevOpsCloud Build

Artificial Intelligence

I integrate AI into operations and products: intelligent automation, AI-assisted scheduling, and workflows that connect models with your stack —with data governance and security controls.

AI AutomationIntegrationMLOps

Cybersecurity

I reduce the attack surface with hardening, vulnerability management, secrets management, and continuous monitoring, and put compliance (PCI DSS) into practice across cloud and on-premise.

On-premiseCloudPCI DSSHardening

// about me

About me

I’m a Cloud & DevSecOps engineer with over 12 years of experience, at the intersection of cloud, automation, and security. My path runs from on-premise systems and networking to large-scale cloud environments, and includes front-end development and custom WordPress solutions —large sites and projects, plus published plugins— giving me a complete view of how technology supports the business.

I’ve led migrations, CI/CD pipelines, and DevSecOps practices that build security in from the start (shift-left), improving the scalability, reliability, and compliance of critical systems. I hold the CompTIA Security+, Network+, and Linux+ certifications, and I see security as a shared responsibility across the entire lifecycle, not a final stage.

I contribute to open-source communities such as Red Hat and WordPress, and I’m currently building SAFE-PIPE, my own static code analysis tool that brings AI into scanning and testing, designed to run inside deployment pipelines (in beta).

Based in Colombia Spanish · English Available remotely Freelance & consulting 12+ years of experience WordPress & front-end Open-source contributor

// experience

Experience

2022 — 2024

Senior Software / DevOps Engineer

Payvalida · Payment gateway

  • IaC on AWS with PCI DSS compliance.
  • Security-automated pipelines on Azure DevOps: −90% vulnerabilities and −70% deployment time.
  • Observability with CloudWatch.

2020 — Present

Founder · DevOps & Backend

My Appointment

  • Cloud-native SaaS on GCP with Terraform and Cloud Build.
  • 99.9% uptime and +45% performance.
  • AI-assisted scheduling and multi-tenant architecture.

2016 — 2021

IT Infrastructure · Sysadmin

Actualizamos Consultores

  • Centralized infrastructure for 250+ companies.
  • Migrated core servers to AWS during the pandemic, enabling remote operations and business continuity.

2010 — 2016

IT Infrastructure Engineer

Nexsys de Colombia

  • On-premise infrastructure: Windows/Linux servers, networks, and VPNs.
  • +40% stability through proactive maintenance and secure configurations.

// work

Featured projects

A sample of what I’ve built and secured.

SAFE-PIPE

My own static code analysis tool with AI built into scanning and testing, designed to run inside deployment pipelines. In beta.

View on GitHub →
SASTAICI/CDDevSecOps

My Appointment

Scheduling SaaS platform for professionals, cloud-native on GCP with Terraform and Cloud Build, integrated AI, and multi-tenant architecture. 99.9% uptime.

View project →
GCPTerraformAISaaS

DevSecOps Pipeline

Secure CI/CD pipelines on Azure DevOps with automated scanning (SAST/SCA), IaC validation, and PCI DSS compliance; −90% vulnerabilities.

View project →
Azure DevOpsPCI DSSCI/CD

WordPress · sites & plugins

Front-end development and custom WordPress solutions —large sites and projects, including this one— and published plugins, focused on performance and maintainable code.

View project →
WordPressFront-endPluginsPHP

// contact

Shall we build something secure and well-made?

Tell me about your project — architecture, automation, AI, or security, in the cloud or on-premise. I respond quickly.

Let’s talk Download CV