Daniel Bzura | Cybersecurity Engineer & DevSecOps

01. About Me

I'm a 23-year-old Cybersecurity Engineer and DevSecOps Engineer based in Stroudsburg, PA. I hold an Active Top Secret clearance and have spent years hardening DoD production systems where the cost of failure is mission-critical.

The discipline I developed securing classified environments — enforcing DISA STIGs at scale, iterating on POA&Ms, and treating every access request with least-privilege scrutiny — translates directly to modern cloud-native infrastructure. Whether I'm writing pod security contexts for a Kubernetes workload or scoping IAM policies in AWS, I apply the same zero-trust, defense-in-depth rigor I learned in classified systems.

Security is not a checkbox. It is a continuous process of validation, remediation, and improvement — running in every pipeline, on every commit, at every layer of the stack.

CISSP
CISA
AZ-500
SC-200
AZ-104
SC-900
AWS CCP
AWS SysOps
CySA+
Pentest+
Security+
Network+
A+
CC

Clearance Active TS

Certs 14

Focus Zero Trust

Domain DoD + Cloud

02. Projects

01

DoD-Inspired Secure Kubernetes Platform Lab

Bootstrapped a two-node Kubernetes cluster from scratch on Rocky Linux 8 using kubeadm, containerd, and Flannel CNI on AWS EC2. Provisioned 13 AWS resources with Terraform. Implemented GitOps with ArgoCD. Hardened manifests with non-root UID, read-only filesystem, dropped capabilities, seccomp, and SHA256 image pinning.

Four-job GitHub Actions security pipeline: tfsec, Checkov, Trivy, Gitleaks. Checkov passing checks improved from 29 to 41+ through iterative remediation mirroring DoD POA&M processes.

02

STIG Compliance Automation Pipeline

Built a GitLab CI/CD security pipeline from scratch using PowerShell CI YAML automating DISA STIG validation, IAVM tracking, and POA&M evidence collection across 10+ DoD production systems. Integrated Evaluate-STIG, Nessus, Semgrep, Fortify SCA, Trivy, and Bandit as automated CI stages.

Ansible playbooks for RHEL and Windows hardening across 50+ systems. Reduced manual compliance effort by 50%+.

03

Azure Sentinel Honeypot & Attack Map

Custom PowerShell script extracting Windows Event Viewer telemetry enriched with geolocation API data, written to Azure Log Analytics Workspace. Configured Azure Sentinel to visualize global RDP brute-force attacks on a live world map workbook using KQL queries.

03. Volunteering & Community

Polish Youth Association (PSM)

Chief Technology Officer (Volunteer)

since December 2024 — 5-person technology team

PSM is a 501(c)(3) nonprofit based in New York that amplifies the voice of young Polish-American people by connecting them with networking events, volunteer opportunities, jobs, internships, scholarships, and student clubs. Their mission is to help young people become valuable individuals through community, education, and international cooperation.

As CTO I lead a 5-person volunteer technology team responsible for the organization's digital infrastructure and technical direction.

FC Orły Stroudsburg

Co-Founder

A Polish community soccer club based in Stroudsburg, PA bringing together Polish-American families — dads and kids — for Sunday games after church. About 50 active members. Founded to build Polish community roots in the Stroudsburg area.

04. Skills

DevSecOps & CI/CD

Terraform
Kubernetes
kubeadm
ArgoCD
GitOps
GitLab CI/CD
GitHub Actions

Security Tools

Checkov
tfsec
Trivy
Gitleaks
Semgrep
Nessus
Tenable
Trellix EDR
Wazuh
CrowdStrike

Cloud

AWS EC2
AWS VPC
AWS IAM
AWS CloudTrail
AWS S3
Azure Sentinel
Azure Defender
Log Analytics

Automation

PowerShell
Python
Ansible
Bash

Compliance

DISA STIGs
DoD RMF
NIST 800-53
POA&Ms
IAVMs
ATO
CIS Benchmarks
Zero Trust

OS & Infra

RHEL 8
Rocky Linux 8
Windows Server
SELinux
Cisco IOS

05. Contact

Open to opportunities

Available for security engineering and DevSecOps roles. I respond quickly.

Email dannybzura@gmail.com Send a message

LinkedIn /in/daniel-bzura Connect

GitHub @bzuracyber View projects

Stroudsburg, PA • Active Top Secret (TS)