Security Engineer

I build secure cloud
& Kubernetes
platforms.

// Go · Python · Terraform · Kubernetes · AWS & GCP

I'm Shaun Newcomer — a security engineer who designs and ships the platforms, automation, and infrastructure that let products move fast without breaking security.

▶ See what I build GitHub ↗ Get in touch

About

I work at the intersection of software, platform, and security engineering — building cloud-native infrastructure on AWS, GCP, and Kubernetes, and the automation that keeps it reliable and safe at scale. I like hard problems, clean systems, and shipping things that hold up in production.

What I focus on

// platform

Cloud-native platforms

Kubernetes, GitOps, and infrastructure-as-code that teams can build on — from cluster internals to developer experience.

// automation

Automation & tooling

Go and Python services, pipelines, and bots that remove toil and turn manual processes into reliable systems.

// security

Security by design

Building security into the platform — secrets, supply chain, hardening — so it's the default, not an afterthought.

Selected work

◆↗

send2wazuh

Lightweight Go utility for shipping events into a SIEM — built to streamline log aggregation pipelines.

GoSIEMMIT

◆↗

clawdbot-terraform

Terraform modules to deploy an AI bot on GCP's free tier, with access locked down to your home IP or Tailscale.

TerraformGCPTailscale

◆↗

kind-labs

A Go-based template for spinning up local Kubernetes labs — fast, repeatable environments for testing.

GokindKubernetes

◆WIP

multi-cloud-vaultdrop

In progress — a secure file storage API designed to run across AWS, GCP, and Azure from one codebase with portable infrastructure as code.

GoTerraformKubernetesmulti-cloud

◆WIP

ai-labs

In progress — a sandbox for experiments and projects in AI.

AIexperiments

Beyond the terminal

🛠️

100% GitOps homelab

A Talos Kubernetes cluster managed entirely by ArgoCD — Cilium, Gateway API, cert-manager, OpenEBS, and Vault, with a full observability stack (Prometheus, Grafana, Loki, Tempo, VictoriaMetrics, OpenTelemetry). Falco and Tailscale for security, Authentik for SSO, and self-hosted apps like Jellyfin, Immich, and Backstage — all declared in git.

🕵️

Offensive security & CTFs

OSWE web-exploitation prep and Hack The Box challenges. Understanding how things break makes me a sharper builder.

🇨🇳

Chinese language & culture

An M.A. in Chinese and years working across the US–China divide — it shaped how I communicate and bridge different worlds.

🎮

Games

A past life leading localization and go-to-market for games worldwide. I still love how they're made and shipped.

🐕

Dog lover

Unapologetic dog person. The best debugging partner is a good dog at your feet.

⚽

Diehard soccer fan

Match-day devotee — You'll Never Walk Alone with Liverpool, riding with the Columbus Crew, and Més que un club for Barcelona.

Let's talk

Building something interesting, or want to talk platforms and Kubernetes? Reach out.

LinkedIn ↗ GitHub ↗ X ↗

I build secure cloud& Kubernetesplatforms.