Description

This project involves building a cloud-native cybersecurity compliance and threat intelligence platform designed to monitor, detect, and respond to security risks across modern cloud and containerised environments. The platform will support multi-cloud infrastructures (AWS, Azure, GCP) and container orchestration platforms such as Kubernetes, focusing on real-time visibility, compliance enforcement, and automated threat response. At the core of the system is a security data ingestion and processing layer that collects telemetry from multiple sources, including cloud APIs, system logs, network events, container runtimes, vulnerability scanners, and CI/CD pipelines. This data is normalised and streamed into a central analytics engine using event-driven architectures. Developers will need to implement high-throughput data pipelines using technologies such as message queues or streaming platforms to support near real-time processing. The analytics layer applies rule-based detection, behaviour analysis, and optional ML-assisted threat scoring to identify misconfigurations, vulnerabilities, policy violations, and suspicious activity. The platform must support compliance frameworks such as ISO 27001, SOC 2, GDPR, and CIS benchmarks, allowing policies to be defined, evaluated, and enforced automatically. Results should be surfaced via dashboards, alerts, and reports. A web-based admin and analyst dashboard will provide role-based access control, visualisation of risks, compliance posture, incident timelines, and remediation recommendations. The system should also support automated remediation workflows, integrating with cloud providers, infrastructure-as-code tools, and ticketing systems. From a technology perspective, the project requires strong experience in cloud-native development, microservices, APIs, and distributed systems. Expected skills and technologies include: Backend development using Node.js, Python, or Go Frontend development with React or similar frameworks Kubernetes, Docker, and Helm Cloud platforms (AWS, Azure, GCP) Security concepts such as IAM, zero-trust, vulnerability management, and threat modelling Data stores such as PostgreSQL, Elasticsearch, or time-series databases CI/CD, infrastructure-as-code, and secure DevOps practices The solution must be scalable, secure, and extensible, designed to handle large volumes of security data while maintaining performance and reliability. Emphasis should be placed on clean architecture, observability, auditability, and security-by-design principles throughout development.

Goals

Skills Required