Hi, I'm
Isuru Herath

DevOps & Cloud Security Engineer with 4+ years of experience in building secure, scalable, and automated infrastructure solutions. I specialize in bridging security and performance across multi-cloud platforms.

Let’s Work TogetherView Projects
Isuru Herath

About Me

I'm Isuru Herath, a passionate DevOps & Cloud Security Engineer with over 4 years of hands-on experience.

I specialize in securing infrastructure, streamlining CI/CD pipelines, and building automation across multi-cloud environments.

I’ve worked with FinTech systems, taught DevOps, and currently serve in a full CISO role to ensure governance and compliance.

Professional Highlights

As the Lead Information Security and DevSecOps Specialist under the designation of Senior Engineer - DevOps and Cloud Security, I lead secure transformation initiatives, automate infrastructure, and mentor the next generation of DevOps engineers. I believe in building secure-by-design systems that scale.

4+

Years Experience

100+

Students Taught

10+

Secured Projects

25+

Courses Conducted

Tech Stack

DevOps Tools

Docker
Kubernetes
Terraform
Jenkins
GitHub
GitHub Actions
AWS Pipeline
AWS Code Build
Azure DevOps
CircleCI
Grafana
Prometheus
ArgoCD
Git
GitLab
Jira
DataDog
NewRelic
Nagios
Slack

Cloud Platforms

AWS
GCP
Azure
Oracle
Huawei

Security & Compliance

WAF (Imperva, F5)
SonarQube
Snyk
CheckMarkx
Cortex XSIAM
Prisma Cloud
PCI-DSS
ISO 27001
CIS Framework
Secret Management
DevSecOps
Cloud Security

Languages & Databases

Python
Node.js
C
C++
C#
MERN Stack
Java
Spring Boot
MongoDB
Oracle ATP
MySQL

Experience Timeline

  1. Senior DevOps & Cloud Security Engineer | Lead InfoSec and Middleware

    Infinitum360 (Pvt) Ltd2025 - Present

  2. Fonder

    ClouDev Technologies2024 - Present

  3. DevSecOps & Cloud Security Engineer | Acting CISO for Internal FinTech & Co-Banking Projects

    LOLC Technologies2021 – 2024

  4. DevOps Intern, Educator, Mentor

    SLIIT, Freelance2020 – 2021

Quick Facts

📍 Based in Colombo, Sri Lanka — delivering global impact through secure infrastructure and scalable DevOps solutions.
🎙️ Regular speaker at industry webinars and DevOps/Cybersecurity forums, sharing expertise in CI/CD, cloud security, and governance.
🎓 Holds an MSc in Cyber Security (University of Westminster, UK) and a BSc in IT (Software Engineering) from SLIIT.
💼 Currently serving in a full-time CISO role, overseeing Governance, Application Security, Infrastructure Security, and Compliance programs across cloud and hybrid environments.
"My mission is to lead secure-by-design infrastructure, scale DevSecOps practices, and drive cloud security excellence — from the CISO’s desk to the last deployment."

Projects

Microservice Resource Management

Streamlined release pipelines across multi-cloud with microservice architecture.

View More →

DevOps Education Platform

Created a platform to teach DevOps, CI/CD, and Cloud Security to Sri Lankan students.

View More →

Secure Mobile App Pipeline

Integrated SAST, SCA, and secrets scanning for FinTech mobile apps in CI/CD.

View More →

Skills

DevSecOps Engineering
Cloud Security Architecture
CI/CD Pipeline Hardening
AWS Security Best Practices
Azure IAM & Policy Management
Kubernetes RBAC & Network Policies
Terraform Infrastructure as Code
Docker Image Security & Registry Management
GitHub Actions Security Automation
Jenkins CI with Secret Injection
Shell Scripting for Automation
SAST/SCA (SonarQube, Snyk, Checkmarx)
Web Application Firewalls (Imperva, F5)
SIEM & Threat Detection (Cortex XSIAM)
GRC (Governance, Risk & Compliance)
Security Compliance (ISO 27001, PCI-DSS, CIS)
Incident Response & Governance Leadership

Why These Skills Matter

My skill set is carefully developed to meet the real-world demands of modern enterprise security, DevOps integration, and cloud-native operations. From creating secure CI/CD pipelines to building multi-cloud infrastructure and enforcing compliance frameworks, these capabilities allow me to lead both technical and strategic initiatives.

I bring not just hands-on experience, but also leadership in Governance, Risk, and Compliance (GRC), aligning engineering efforts with business goals and regulatory standards.

If you're seeking a security-focused DevOps engineer who can architect, implement, and lead secure cloud transformations — you're in the right place.

Let’s Connect

Have an opportunity, question, or collaboration idea? I’d love to hear from you.

Email

isuruh@cloudev.lk

Phone

+94 76 141 4844

Location

Colombo, Sri Lanka

Website

www.cloudev.lk