Open to remote roles — US-based · No sponsorship required

Darius
Powell

Vulnerability & Linux Security Engineer

5+ years securing enterprise infrastructure — automating vulnerability remediation, hardening Linux systems to CIS/NIST standards, and deploying resilience at scale across AWS, Azure, and GCP.

View Experience Contact Me
5+
Years in Security
9
Certifications
3
Cloud Platforms
500+
Servers Hardened
About

Security engineer.
Automation architect.

I'm a Vulnerability & Linux Security Engineer specializing in automating security operations across hybrid cloud environments. At Alvaria, I led the full vulnerability management lifecycle — from scan to remediation — across hundreds of Linux servers using Tenable, Splunk, and Ansible.

I build the automated pipelines that fix problems, not just find them. My Ansible playbooks enforce CIS Benchmark Level 2 and NIST 800-53 baselines with near-zero manual intervention, cutting exposure windows and eliminating recurring audit findings.

I bring Chaos Engineering expertise — using Gremlin and AWS FIS to simulate failure scenarios and validate auto-remediation workflows before incidents happen. A capability most engineers don't have.

Based in Watervliet, Michigan. 100% remote. No sponsorship required.

Vulnerability Management at Scale

Managed VM operations across 500+ Linux servers — reduced MTTD on critical CVEs by 40%+ with Tenable + Ansible automated pipelines.

CIS / NIST Compliance Hardening

Engineered Ansible roles enforcing CIS Benchmark Level 2 and NIST 800-53 — eliminated recurring findings in quarterly security audits.

Gremlin Certified Chaos Engineer

Designs failure injection scenarios and validates auto-remediation under controlled conditions before they're ever needed in production.

Triple-Certified Cloud Architect

AWS Solutions Architect + GCP Professional Cloud Architect + Azure Fundamentals — fluent across all three major cloud platforms.

Technical Skills

Built to protect.
Engineered to scale.

Vulnerability Management

Tenable NessusOpenVASQualysNiktoOWASP ZAPCVE TriageRisk Scoring

Linux Systems Security

RHELAlmaLinuxUbuntuCentOSSELinuxSSH HardeningSysctl TuningKernel Security

Automation & IaC

AnsibleTerraformBashPythonAnsible VaultRole-Based PlaybooksMulti-Cloud IaC

Cloud Platforms

AWS EC2 / IAM / FISCloudWatchImage BuilderGCPAzureMulti-Cloud Security

Chaos Engineering

Gremlin EnterpriseAWS FISAzure Chaos StudioResilience ScorecardsFailure InjectionAuto-Remediation

SIEM & Monitoring

SplunkDashboardsAlerts & ReportsCloudWatchCentralized LoggingLog Integrity

Security Testing

MetasploitNmapBurp SuiteHydraWiresharkKali LinuxRed Team Automation

Frameworks & Compliance

MITRE ATT&CKNIST 800-53CIS BenchmarksOWASP Top 10Zero TrustSTRIDEIriusRisk

Web Dev & Deployment

Cloudflare PagesWorkersD1 / KV / R2DNS ConfigSSL/TLSWAFHTML/CSS/JSREST APIsAES-256-GCM
Experience

Where I've
delivered results.

Feb 2022 — PresentAlvaria · Remote
Linux Vulnerability & Security Engineer
  • Led full-lifecycle vulnerability management across hybrid Linux/Windows environments using Tenable, Splunk, and Ansible — reduced MTTD on critical CVEs by 40%+.
  • Architected enterprise patch management with Ansible across 500+ RHEL, CentOS, and AlmaLinux servers, automating compliance checks, logging, and reporting.
  • Engineered Ansible roles enforcing CIS Benchmark Level 2 and NIST 800-53 — eliminated recurring findings in quarterly security audits.
  • Built automated remediation pipelines connecting Tenable scan results directly to Ansible execution, enabling near-zero-touch patching for critical CVEs.
  • Partnered with DevOps and compliance teams to embed shift-left security controls across the SDLC.
2021 — 2022Orasi · Remote
DevSecOps Engineer
  • Built secure CI/CD pipelines integrating SAST, DAST, and dependency scanning across Jenkins and GitLab CI on AWS, GCP, and Azure.
  • Automated multi-cloud infrastructure provisioning with Terraform and Ansible, ensuring consistent IAM policy compliance from day one.
  • Delivered threat modeling sessions mapping risks to MITRE ATT&CK with OWASP Top 10 mitigations.
2021Seven Fragrance · Remote (Contract)
Cloud Operations Engineer
  • Deployed Terraform-based AWS infrastructure including VPCs, IAM roles, EC2 instances, and Dockerized microservices.
  • Automated IAM lifecycle management and cloud configuration drift detection using Bash and Python with CloudWatch.
2020 — 2021Aunalytics · Remote
Systems Engineer
  • Delivered Windows imaging, system builds, and deployment workflows for enterprise clients, managing Active Directory and remote monitoring tooling.
  • Provided Tier 2 technical support resolving hardware and software incidents with thorough documentation.
Feb 2020 — Sep 2020Bronson Healthcare · Contract
Desktop Administrator
  • Deployed Windows 10 workstations across the healthcare environment — OS imaging, Active Directory provisioning, and domain joins for new and replacement endpoints.
  • Executed Windows 10 migration projects while maintaining user profile integrity and minimizing clinical workflow disruption.
Jun 2019 — Feb 2020Schupan · Kalamazoo, MI (Contract)
IT Hardware Engineer
  • Deployed, configured, and maintained IT hardware including workstations, servers, and networking equipment.
  • Performed data sanitization of decommissioned HDDs and SSDs in compliance with NIST 800-88 Rev. 1 guidelines, ensuring secure and compliant media disposal.
Certifications

Certified.
Verified. Maintained.

2021
AWS Certified Solutions Architect — Associate
Amazon Web Services
2022
HashiCorp Certified: Terraform Associate
HashiCorp
2022
Microsoft Certified: Azure Fundamentals (AZ-900)
Microsoft
2023
Google Cloud Professional Cloud Architect
Google Cloud
2024
IriusRisk Threat Modeling Champion
IriusRisk
2025
Gremlin Enterprise Chaos Engineer
Gremlin
2025
ISC2 Certified in Cybersecurity (CC)
ISC2
2025
CompTIA A+ ce Certification
CompTIA
In Progress — 2026
Splunk Core Certified User
Splunk
Open Source Projects

Code that
defends at scale.

01

Ansible Malware Scanner Automation

Automated malware scanning pipeline across Linux server fleets using rkhunter, chkrootkit, and ClamAV, with centralized reporting built for enterprise-scale deployment.

AnsibleClamAVrkhunterLinux
View on GitHub
02

Deep Linux Server Hardening

Comprehensive CIS/NIST-aligned Ansible hardening playbook for RHEL servers — SSH lockdown, kernel tuning, auditd configuration, and SELinux policy enforcement.

AnsibleCIS BenchmarksNIST 800-53RHEL
View on GitHub
03

Terraform AWS FIS Chaos Experiment

Terraform-deployed AWS Fault Injection Service experiment simulating EC2 failures to validate auto-remediation workflows and measure resilience under controlled conditions.

TerraformAWS FISChaos EngineeringEC2
View on GitHub
04

Ansible YUM Patch Management

Automated patch management for RHEL servers — compliance scans, yum updates, structured audit logging, and automated email reporting for full traceability.

AnsibleYUMPatch ManagementRHEL
View on GitHub
Contact

Let's work
together.

Actively seeking remote Vulnerability Engineer and Linux Security Engineer roles. If you're hiring or want to connect, reach out directly.

dariuspdevops@outlook.com 346.497.6196 LinkedIn GitHub
Send a Message