Cloud Security Researcher @SecLogic.ai | AWS-Certified Cloud Engineer passionate about building scalable, secure, and cost-efficient cloud solutions. Specialized in AWS services, cloud security, DevSecOps, and infrastructure with a strong foundation in Information Security.
AWS-certified Cloud Security Researcher at SecLogic.ai and former Cloud Engineer at Velocis Systems with hands-on expertise in designing and deploying scalable, secure cloud infrastructure on AWS.
Experienced in EC2 provisioning, VPC networking, IAM configuration, CloudWatch monitoring, L1/L2 support, and cloud security research. Passionate about DevSecOps, access control, WAF, and building compliance-driven cloud architectures.
I thrive in fast-paced environments and am committed to continuous learning, staying updated with the latest cloud security threats, tools, and best practices.
Built a serverless API monitoring pipeline using API Gateway, CloudWatch Subscription Filters, and SQS to detect unauthorized endpoints in real time. Developed a containerized Lambda function in Go via ECR to decode and normalize streaming log data using Substation for security enrichment. Designed fault-tolerant log ingestion supporting anomaly detection, automated alerting, and API threat intelligence at scale.
Deployed OPA Gatekeeper as a Kubernetes admission controller enforcing Policy-as-Code to block privileged containers, missing resource limits, and untrusted registries. Authored ConstraintTemplates and Constraints in Rego to enforce mandatory labels, deny root execution, and restrict image sources across workloads. Leveraged audit mode to surface existing violations and align cluster posture with CIS Kubernetes benchmarks and SOC2 requirements.
Built an end-to-end CI/CD pipeline for a Node.js app using GitHub Actions with jobs for linting, testing, building, and zero-downtime EC2 deployment via SSH. Secured credentials via encrypted secrets and implemented health checks with automatic rollback on failed builds. Achieved sub-30-second deployments with full auditability and environment parity across staging and production.
Designed a 3-tier AWS architecture with isolated public and private subnets across web, application, and database layers. Configured security groups, NACLs, and VPC peering with strict routing to enforce least-privilege traffic control across all tiers. Deployed NAT Gateway for secure private subnet outbound access, eliminating public IP exposure for backend instances.
Designed and deployed a highly available and fault-tolerant web application on AWS. Configured Application Load Balancer (ALB) to distribute traffic across EC2 instances in Auto Scaling Group spread across multiple Availability Zones. Hosted static assets in Amazon S3, integrated with CloudFront CDN for low-latency global delivery, and managed DNS via Amazon Route 53.
Built and deployed a serverless REST API using AWS Lambda functions integrated with API Gateway for routing and request validation. Designed a DynamoDB table for scalable NoSQL storage and implemented CRUD operations with IAM role-based access restrictions. Configured CloudWatch for centralized logging, metrics, and performance monitoring.
Feel free to reach out for collaborations, opportunities, or just a chat about cloud technologies!
๐ง Email: nipuntyagi983@gmail.com