I’m a Security Engineer with hands-on experience across security operations, vulnerability management, incident response, and cloud security, working at the intersection of SOC, cloud, and automation. I’ve led Vulnerability Management Programs (VMP) using risk-based prioritization (CVSS, exploitability), coordinated remediation cycles, and helped reduce real-world exposure across hybrid environments.

On the operations side, I handle L2/L3 SOC alerts across endpoint, network, and cloud layers, perform threat analysis and root cause investigations, and validate findings through targeted offensive security testing and threat modeling. I also evaluate and assess SIEM, EDR/XDR, and cloud-native security tools, helping teams make informed, data-driven technology decisions.

My core specialization is cloud security engineering, with a strong focus on AWS-led multi-account and multi-cloud environments. I work on cloud hardening, identity security, logging, encryption, and governance, and build event-driven auto-remediation workflows to enforce security controls at scale. I use Infrastructure as Code (Terraform) and automation to ensure security is consistent, auditable, and scalable.

Outside of my day-to-day role, I’ve built enterprise-grade security projects that mirror real production environments, including:

– A HIPAA-Compliant AWS Landing Zone with centralized logging, encryption, and SCP-based guardrails
– An AWS Lambda Auto-Remediation Framework responding to IAM key compromise, public S3 exposure, EC2 compromise, and suspicious console activity

I align security programs with frameworks such as NIST, CIS, and HIPAA, and work closely with engineering teams and security leadership to balance risk, compliance, and business agility.

I hold certifications including CISSP (Associate), AWS Certified Security – Specialty, AWS Solutions Architect – Professional, Security+, CySA+, and CEH.