Designing & securing AWS infrastructure — every resource provisioned with Terraform, every layer hardened with cloud security best practices.
Cloud engineer. Security-minded. Infrastructure-first. Everything is code.
I'm Emircan Özkara — a cloud engineer focused on building and securing AWS infrastructure using Terraform. No manual configuration. No drift. Every resource is version-controlled.
My AWS Security Specialty reflects a genuine focus on identity management, data protection, threat detection and automated incident response. Security isn't an afterthought — it's designed in from the start.
I believe cloud infrastructure should be reproducible, auditable, and drift-free. If it can't be expressed as Terraform, it shouldn't exist.
Architecture · Security · Automation — the three pillars.
VIEW ON CREDLY →
AWS infrastructure · cloud security · Terraform IaC.
Full AWS Organization with automated account vending, SCPs, centralized CloudTrail, and cross-account VPC networking — provisioned with reusable Terraform modules across 3 regions.
Zero trust using VPC Lattice, IAM Identity Center, and GuardDuty. Automated threat response via Lambda and Security Hub. Full east-west traffic encryption.
Event-driven pipeline using Lambda, Kinesis, and DynamoDB — 10M+ events/day. Fully Terraformed with CloudWatch observability and KMS encryption at rest.
Terraform-driven CIS AWS Benchmark baseline — Security Hub, Config rules, IAM Access Analyzer, and auto-remediation Lambda functions enforcing compliance at scale.
Opinionated Terraform modules for VPCs, IAM roles, S3, and RDS — enforcing encryption, tagging standards, and least-privilege by default across all AWS deployments.
Open to cloud engineering and cloud security roles.
Open to cloud engineering and cloud security roles. I work best on teams that treat infrastructure quality and security seriously.
Whether building a new AWS environment from scratch, hardening an existing one, or needing Terraform expertise — let's talk.