Cloud Security Engineer — Detection Engineering · Adversary Emulation · Compliance Automation · Multi-Cloud SecOps
I designed and built a complete cloud security stack for a fictional fintech (NovaPay) operating across AWS and Azure under three regulatory jurisdictions. Each project below represents a layer of that program, progressing from detection through governance to multi-cloud compliance operations.
| Project | What It Does | Stack |
|---|---|---|
| AWS Detection Lab | Real-time detection pipeline across CloudTrail, GuardDuty, and Splunk — 5 MITRE ATT&CK techniques detected, cross-cloud equivalents documented | Python, AWS, Splunk, Sigma |
| Cloud Attack Simulation Lab | Full kill chain adversary emulation using Pacu and ScoutSuite — 8 ATT&CK techniques, detection gap analysis with Navigator JSON | Pacu, ScoutSuite, MITRE ATT&CK |
| Project | What It Does | Stack |
|---|---|---|
| Multi-Account Security Lab | AWS Organizations with SCPs, delegated GuardDuty + Security Hub admin, full Terraform IaC | Terraform, AWS Organizations |
| Cloud Compliance Scanner | Automated scanner evaluating 12 AWS Config controls against GDPR, UAE PDPL, and Essential Eight — GitHub Actions CI/CD with OIDC, zero static credentials | Python, AWS Config, GitHub Actions |
| Project | What It Does | Stack |
|---|---|---|
| NovaPay Security Operations | Unified AWS + Azure compliance scanner with cross-cloud delta analysis — 24 controls across both providers, single-pane regulatory dashboard | Python, AWS, Azure, Defender for Cloud |
Single-cloud detection labs are common. What's uncommon is connecting detection → offense validation → governance → compliance → multi-cloud operations into one coherent program where each layer builds on the last. The NovaPay narrative ties these projects into the kind of security stack a real fintech would need — not isolated demos, but an integrated system.
- CompTIA Security+