Work experience

  • TCS
    Cloud Security Engineer | 2024-Present

    • Designed and implemented a Security Assessment Framework on AWS Control Tower to identify and mitigate misconfigurations.
    • Created required Organizational Units (OUs) and enforced custom SCPs within AWS Control Tower, strengthening organization-wide security and compliance.
    • Integrated Centralized Security Monitoring using Security Hub, CloudWatch, Inspector, and GuardDuty in the Security Account.
    • Achieved comprehensive visibility into privileged identities, roles, and permissions in AWS IAM.
    • Designed and implemented the Wiz Cloud Security Platform across the multi-cloud environment (AWS and Azure), achieving visibility into high-risk cloud vulnerabilities and misconfigurations.
    • Created a Centralized Aggregator in AWS Config for unified configuration management and continuous compliance monitoring.
    • Configured Security Groups with custom rules to tighten network access control.
    • Developed and optimized AWS WAF custom rules to prevent application-specific threats, including XSS and SQL injection.
    • Enabled and configured GuardDuty Malware Protection for EC2 to detect and mitigate potential threats.
    • Implemented an automated alerting mechanism using EventBridge and SNS for GuardDuty findings to notify stakeholders of security events in real time.
    • Strengthened cloud security by enforcing encryption policies, logging, and monitoring across AWS services.
    • Performed Vulnerability Assessments to continuously improve the AWS environment posture score.

  • Cloudify Ops
    DevOps Engineer | 2023-2024

    • Designed and implemented a monitoring setup for Mercedes Benz-Miles resources using CloudWatch and AWS Lambda functions to deliver real-time alerts via Mattermost, ensuring proactive incident management and system stability.
    • Implemented AWS and Azure Kubernetes (K8s) metrics to Prometheus and Grafana, enhancing the observability of Kubernetes infrastructure.
    • Led the implementation of a Centralized Monitoring Solution for CloudWatch metrics across multiple accounts.
    • Expertise in identifying and addressing CrashLoopBackOff scenarios, Persistent Volume (PV) usage problems, and ensuring pod sanity checks in Mercedes Benz-eContracting AKS clusters.
    • Automated cost optimization strategies for both Azure and AWS environments, resulting in a reduction in monthly infrastructure expenses.
    • Developed and maintained CloudFormation templates for provisioning and managing AWS infrastructure using Azure Pipelines for automating the deployment of CloudFormation Stacks.
    • Developed and deployed a URL monitoring system using AWS Lambda, improving uptime and reliability of critical web services.

    Indium Software
    Software Engineer | 2021-2022

    • Implemented Automated CI/CD pipelines for code deployment using Jenkins and CodePipeline, resulting in the scaling of SDLC stack for 2 complex applications.
    • Implemented GCP Speech-to-Text API to recognise medical terms in a Tele-Critical Care iOS App.
    • Developed and maintained infrastructure as code (IaC) using Terraform, resulting in a reduction in manual infrastructure management.
    • Experienced in website hosting using Amazon Route 53, deploying static content to Amazon S3, and integrating with Amazon CloudFront to improve website performance and reduce latency.
    • Proficient in configuring DNS records in Route 53 to direct traffic to the appropriate S3 bucket, and creating CloudFront distributions to serve cached content to end-users globally.

   Projects

    • OP - (06/2025 - Present)
    • RAF (Road Accident Fund) - (09/2024 - 05/2025)
    • Mercedes Benz : ATHLON - MILES (12/2023 - 08/2024)
    • eContracting - Financial Service (04/2023 - 11/2023)
    • 2022 - Omnicure Now
        • Trained integrated system for recognizing 1000 medical words in an iOS app
    • 2021 - IgniteMinds

      Cloud-Resume:
        Hosted on AWS S3
        Automatic deployment by AWS CodePipeline