Kody Baker

Kody Baker

This site is built on GitHub Pages using HTML, CSS, and JavaScript and is deployed via GitHub Actions. Powered by modern web tech, caffeine, and a dash of AI magic.

Maryland
Baltimore Aventds
Lakers
The Office Meme

"Identity theft is not a joke, Jim!" – Dwight Schrute

Technical Skills & Tools

Cloud Platforms

AWS
GCP
Azure

Operating Systems

Linux
Windows Server
Mac OS

Identity & Data Management

SSO (SAML 2.0)
Active Directory
SQL
PostgreSQL

Security & Monitoring

Trend
Nessus
Web App Security
Burp
Elastic/ELK
Splunk
Grafana
FEDRAMP
Prismacloud

DevOps & Infrastructure

DevOps
Git
CI/CD Pipeline
Packer
Ansible
Terraform
Lucid
GitLab
IaaC

Containerization & Orchestration

Docker
Kubernetes

Networking

DNS
Networking

Education

Frostburg State University

B.Sc. in Information Technology,
Minor in Secure Computing

Frostburg, MD | Aug 2018 - Apr 2022

Cum Laude; Dean’s List 2018-2022

Relevant Coursework: Data Analysis, Algorithms, Operating Systems, Python, Network Segmentation & Security

Northumbria School of Law

Study Abroad Program in International Law

Northumbria Upon Tyne, UK | Jul 2022 - Jan 2023

Honorable Mentions: University of the Year 2022, Awarded Full CIE Rowe Scholarship

Professional Experience

Coalfire

Cloud Security Infrastructure Engineer

2024 - Present

Architected enterprise FedRAMP compliant Infra.

Designed Zero Trust architectures.

Engineered CI/CD pipelines.

Deployed & Developed Terraform Modules for IaC.

Administered STIG-hardened Linux machines.

IdeaScale

Site Reliability Engineer

2023 - 2024

Managed Kubernetes clusters.

Built observability pipelines.

Optimized CI/CD workflows.

Administered dockerized workloads in a multi-region deployment.

Professional Projects

Kubernetes Migration Initiative

AWS | May 2023 – Nov 2023

Migrated Dockerized microservices to Kubernetes with Istio for secure communications.

Reduced operational overhead by 15% with Fargate-based scaling.

Leveraged Terraform + Terragrunt for multi-regional EKS deployments.

Implemented blue-green deployment for zero downtime.

Created Grafana dashboards for monitoring.

FedRAMP HIGH & DoD IL5 CSP Reference Architecture (RADD)

AWS & Azure | July 2024 – Aug 2024

Developed DoD IL5-compliant multi-cloud architecture.

Integrated AWS GovCloud & Azure Gov.

Implemented Zero Trust frameworks.

Configured Sentinel, Defender, and Log Analytics for insights.

GCP Cloud Native Architecture Design & Build

GCP | Oct 2024 – Dec 2024

Identified security and architectural gaps for FedRAMP & FIPS 140-2 compliance.

Deployed GKE and Cloud IAP for a containerized control plane.

Leveraged Terraform and Google Chronicle SIEM for threat detection.

SPLUNK REV 5 UPLIFT

Amazon Web Services | Oct 2024 – Dec 2024

Upgraded a Splunk “cluster” from RHEL 7 to STIG‑compliant RHEL 8.10, meeting Rev 5 FedRamp requirements. Designed a blue‑green migration strategy to replace cluster components with minimal downtime.

Built STIG‑hardened AMIs using Packer and RHEL STIG guidelines, achieving 85%+ vulnerability scan results meeting compliance.

Automated deployment with Terraform, provisioning VMs and AMIs.

Used cloud‑init scripts to configure TLS and Splunk installation.

Migrated Heavy Forwarders (HF), Cluster Manager (CM), Indexers, and Deployment Server (DS) to RHEL 8.10.

Navigated and troubleshot Splunk configurations under /opt/splunk, debugging logs, permissions, and system processes for stability.

Certifications

HashiCorp Certified

Terraform Associate (003)

Azure Networking Engineer

Associate (Sitting 2/19)

AWS Advanced Networking

Specialty (In Progress)

Microsoft Azure Fundamentals (AZ-900)

Certified