You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Christian RamirezCR

Christian Ramirez

Cloud Security Architecture, Compliance | Auditing

€480/day
Vienna, AT
15+ years

Average response time: 1 hour

About Christian

I design, audit, and secure cloud infrastructure for regulated environments. Cloud security architecture, compliance auditing (ISO 27001, GDPR, NIS2, DORA), and hardening for AWS and Microsoft 365 that must survive both audit and live production.

You work directly with me. No agency layer, no account manager, no handoff. The person who reviews the logs, checks the DNS, inspects the IAM policies, and plans the change is the same person you talk to.

Clients hire me for one of two reasons.

Recovery, when something is already failing: Cloudflare rules blocking real users, DNS resolving differently across regions, Microsoft 365 mail flow breaking, SPF/DKIM/DMARC failing, Conditional Access locking users out, or AWS environments that drifted and became too risky to change.

Prevention, when the environment must be built properly before it gets expensive to repair: secure identity, segmented infrastructure, controlled pipelines, logging, monitoring, rollback, and standards that survive audit and production.

15+ years across pharma, aviation, SaaS, MSP, and Fortune 500 companies, with a focus on regulated industries and EU compliance (ISO 27001, GDPR, NIS2, DORA context).

What I work on:

Security auditing and compliance: cloud configuration review, IAM and least-privilege audits, evidence-based risk assessment, ISO 27001 / SOC 2 / GxP readiness.

Cloudflare and web: WAF, bot and DDoS mitigation, rate limiting, DNS, TLS, Workers, Zero Trust and Access, hardening.

Microsoft 365 and identity: Entra ID, Conditional Access, MFA, least-privilege design, Defender for Office 365, Exchange Online, hybrid mail flow, Intune.

AWS: VPC segmentation, IAM design, EC2 and RDS hardening, CloudWatch, GuardDuty, KMS, secure logging, landing zones.

I don't make blind changes in production. I review the evidence first: logs, DNS, headers, IAM policies, live config, risk. Changes are planned, staged, documented, and reversible where possible.
  • English

    Native or bilingual

  • Spanish

    Native or bilingual

  • Italian

    Native or bilingual

Remote only
Primarily works remotely

Experience

  • Freelance / various clients
    Senior Cloud Security & Compliance Consultant
    DIGITAL AND IT
    June 2025 - Today (1 year and 1 month)
    Vienna, Austria
    Full-time independent consultant delivering cloud security architecture, compliance auditing, and AWS / Microsoft 365 hardening for regulated clients. Not a side practice, this is my full occupation.

    - Security audits and compliance reviews: cloud configuration and IAM audits, least-privilege assessment, evidence-based risk review, and ISO 27001 / SOC 2 / GxP readiness for regulated environments.



    - Build and operate AWS infrastructure: VPC segmentation, IAM design, EC2/RDS hardening, GuardDuty, KMS, and secure logging, with Terraform-based change control, state management, and CI/CD integration.

    - Recover and harden production environments: Cloudflare WAF and DNS, Microsoft 365 mail flow, SPF/DKIM/DMARC enforcement, Conditional Access remediation, and AWS configuration drift on high-risk changes.

    - Administer Entra ID and Microsoft 365: Conditional Access, MFA enforcement, Defender for Office 365, Exchange Online and hybrid mail flow, and Intune device compliance across Windows, macOS, iOS, and Android.

    - Deliver Cloudflare and web infrastructure: WAF tuning, DDoS and bot mitigation, Workers and Zero Trust/Access, TLS, WordPress/WooCommerce hardening, and serverless edge migrations.


    - 100% client satisfaction across 50+ completed engagements: production troubleshooting, migrations, and infrastructure delivery with written implementation notes, rollback plans, and operational follow-up.
    Amazon Web Services Cloud computing IT-Security M365 GRC
  • Takeda
    Information Security Architect, Cloud
    PHARMACEUTICALS INDUSTRY
    December 2021 - November 2024 (2 years and 11 months)
    Vienna, Austria
    Led AWS platform architecture across hybrid environments, integrating security controls into standard infrastructure design. Owned and evolved AWS landing zone patterns covering IAM, networking, logging, monitoring, and compliance.
    Drove infrastructure modernization using Terraform and DevSecOps practices, embedding guardrails into CI/CD and operational workflows.
    Contributed to global cloud standards, automation frameworks, and audit-ready designs used across multiple teams and regions, aligned with ISO 27001, SOC 2, and GxP.
    Worked across global security, platform, and application stakeholders to deliver scalable cloud architectures while maintaining delivery velocity.
    Cloud computing Amazon Web Services IT-Security
  • Tricentis
    Senior System Engineer, Virtualization & Core IT
    SOFTWARE PUBLISHING
    July 2021 - December 2021 (5 months)
    Vienna, Austria
    Owned VMware platforms (vSphere, vCenter, Horizon, VxRail) across core, edge, and private cloud environments. Led service maturity initiatives: security hardening, vulnerability remediation, backup architecture, disaster-recovery automation, and operational resilience. Delivered backup modernisation, including encrypted backups, virtual tape-out, and recovery testing. Created maturity standards and operational documentation.
    Cloud computing DevSecOps VMWARE Virtualisation IT-Security

Recommendations

Be the first to recommend Christian

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Certifications

  • AWS Certified Security - Specialty
    Amazon Web Services
    2024
  • AWS Certified Solutions Architect - Professional
    Amazon Web Services
    2026

Skill set

Categories