Multi-Cloud Security Engineer
Current- Cloud Security Leadership: Partner with architects to design and implement enterprise-wide cloud security frameworks, driving proactive strategies for monitoring, alerting, and compliance enforcement.- AWS & GCP Expertise: Act as a subject matter expert, managing VPCs, IAM policies, and security controls while automating solutions using CLI/API and Terraform.- Infrastructure as Code: Develop IaC solutions to standardize resource tagging, automate deployments, and enforce compliance guardrails across AWS and GCP environments.- Vulnerability Remediation: Led remediation of high-severity vulnerabilities, integrated multi-cloud environments into Wiz, and improved security posture across the organization.- Centralized Monitoring & Reporting: Streamlined CloudTrail logs and Security Hub findings, routing them to SOC teams via EventBridge, SQS, and QRadar.- Custom Security Controls: Designed controls enforcing least-access principles, including KMS key rotations and VPC peering, in alignment with CIS benchmarks.- Audit Readiness: Provided auditors with data walkthroughs, authored GRC documentation, and passed IT and SOC audits by ensuring compliance across accounts.- Cross-Cloud Integration: Enhanced cloud account management by migrating AWS accounts to IPG Control Tower and deploying Service Control Policies (SCPs) to enforce organization-wide standards.- Thought Leadership & Education: Host office hours to guide account owners on cloud security best practices, fostering a security-first mindset across teams.- DevOps Innovation: Automated CI/CD pipelines for scalable and resilient cloud infrastructure using Terraform, enabling seamless multi-cloud operations.