A focused course, tailored for you
The Merchant-Platform Infrastructure Security Engineer's Hardening Playbook
A working playbook for hardening the shared infrastructure that holds merchant stores, checkout, and PII at e-commerce platform scale.
You own the controls that sit underneath thousands of merchant tenants on shared infrastructure, and every quarter the same exception keeps reappearing in the SOC 2 narrative because the workload-identity boundary still has not landed across every namespace.
Includes a hand-built implementation playbook delivered alongside course access, generated for your specific situation.
Why this course
Infrastructure security at a merchant platform is not a single product. It is a layered tenancy problem on top of a payments-scoped path on top of a fast-moving internal platform. The checkout edge, the merchant admin, the merchant background workers, the internal data plane, and the external API gateway all share node pools, service meshes, and key material in ways the original architecture diagrams no longer reflect. The PCI-scope diagram the auditor wants is six months behind the actual deployment graph. The SOC 2 control owner is hand-writing exception narratives because the workload-identity rollout stalled at sixty percent. The internal red team finds a new lateral path between merchant tenants every quarter because the namespace isolation contract was never written down as a deployable artefact. The platform team will deprecate the current cluster runtime in the next major migration window, and nobody on the security side has a tested plan for moving the boundary controls without dropping coverage on the way. This course is the working playbook for the engineer holding all of that at once.
What you walk away with
- Ship a workload-identity rollout plan that names every merchant namespace, every shared service account, and every exception, with an owner and a date for each.
- Produce a PCI-scope diagram the auditor signs without follow-up, derived from the live deployment graph rather than from a year-old architecture doc.
- Write a tenancy isolation contract for the namespace boundary that the platform team will deploy and the red team will sign off as their test target.
- Close out the recurring SOC 2 exception narrative by replacing the hand-written explanation with a deployable control the control owner can point at.
- Build a boundary-controls migration plan that survives the next cluster runtime change without dropping coverage during the window.
The 12 modules
How this addresses your situation
Specific modules that map to what you said you are dealing with.
What you get with this course
- Twelve written modules in the Art of Service learning environment, each tied to a specific artefact an infrastructure security engineer ships.
- Downloadable templates for the tenancy map, the workload-identity rollout plan, the PCI-scope reconciliation script, the residency control document, the exception register, the runtime migration plan, and the launch review checklist.
- A hand-built implementation playbook tailored to the buyer's actual cluster runtime, merchant base, and audit cycle, delivered alongside course access.
- Thirty-day money-back guarantee.
What you will have in hand by Day 1, Week 1, Month 1
Within 24 hours your account in the learning environment is provisioned and the tailored implementation playbook is delivered alongside it.
Module one through four are designed to fit a single sprint of effort and produce the tenancy map, the threat model, and the first phase of the workload-identity rollout.
Module five through eight extend across the following sprint and produce the residency controls, the checkout-edge hardening profile, the key inventory, and the red team contract.
Module nine through twelve close out the SOC 2 exception register, the runtime migration plan, the detection pack, and the launch review checklist.
Before and after
The exception register grows each cycle because the workload-identity rollout never finishes, the PCI-scope diagram is six months behind the deployment graph, and the red team finds a new lateral path between merchant tenants every quarter.
The exception register shrinks each cycle, the PCI-scope diagram regenerates on every merge, the namespace isolation contract is the red team's signed-off test target, and the next runtime migration has a coverage plan the platform team accepted.
What happens if you do not address this
The next audit cycle lands with the same exception register, the next cluster runtime migration window opens with no tested boundary plan, and the next merchant-to-merchant lateral path the red team finds becomes a question from a regulator instead of a question from a colleague.
Who it is for
An Infrastructure Security Engineer or staff-level equivalent inside a multi-tenant merchant platform or large SaaS, with operational responsibility for the controls that protect shared compute, shared networking, and shared key material across thousands of customer tenants. The person who has root in the cluster, a seat in the SOC 2 audit, and a Slack channel with the internal red team.
How it arrives
Text-based course in the Art of Service learning environment, plus downloadable templates and worked examples for every module, plus the hand-built implementation playbook delivered alongside course access.
Time investment. Roughly twenty-five to thirty hours of focused engineering time across the twelve modules, sized to fit alongside on-call rotations and audit-cycle deadlines.
Why $199 is the right number
Cloud-provider security training covers single-tenant patterns and stops at the cluster boundary. PCI council guidance covers the payments path but not the multi-tenant infrastructure underneath it. Vendor-led platform security workshops cover their product and leave the merchant-tenancy boundary as an exercise. This course is the working playbook for the engineer who has to ship the controls across all of those surfaces at once.
FAQ
30-day money-back guarantee. If after a week of working through the materials this is not what you needed, reply to the receipt email and a full refund is processed. No questions, no forms.
Within 24 hours your account in the learning environment is provisioned and the tailored implementation playbook is delivered alongside it.