I’m Sree Surya Naga M, a senior cybersecurity engineer with 8+ years across cloud, network, and security operations, focused on practical, automation-first security that works in production.
I design, secure, and automate cloud platforms — across identity, network, detection, and compliance — with a focus on systems that scale, pass audits, and survive real incidents.
A deep skill set across cloud security, network defense, and security operations — built over years in the field.
IAM, EC2, VPC, WAF, GuardDuty, CloudTrail, Security Hub — full-stack AWS protection.
Palo Alto (PCNSE), Cisco (CCNP), Juniper, IDS/IPS, VPN, Zero Trust architecture design.
Infrastructure as Code with Terraform & Ansible, CI/CD pipeline security, Python & Bash automation.
End-to-end penetration testing, OWASP Top 10, RCE, SQL injection identification and remediation.
Securing AI/ML pipelines using MITRE ATLAS frameworks — an emerging and critical specialization.
ISO 27001, HIPAA, HITRUST, CIS Benchmarks — end-to-end governance, risk, and compliance.
A steady progression from hands-on network engineering to leading cloud-native security operations.
Architected Zero Trust IAM policies for AWS healthcare platforms ensuring 100% HIPAA/HITRUST compliance. Engineered centralized threat detection reducing MTTD by 35%. Automated 90% of infrastructure remediation via Terraform & Ansible. Led escalation for complex incidents and mentored junior engineers.
Conducted end-to-end penetration testing on web applications and APIs, fixing 50+ critical vulnerabilities. Built CIS-based hardening baselines reducing attack surface by 25%. Audited Cisco & Juniper configurations and delivered risk-prioritized reports.
Monitored enterprise security alerts across firewalls and IDS/IPS. Performed access reviews via Active Directory enforcing least privilege.
Implemented perimeter security controls using enterprise firewalls. Executed baseline hardening and remediated audit findings.
Managed 100+ endpoints with secure config & patching. Maintained 99.9% uptime across LAN/WAN/VPN
Real-world builds that put theory into practice at scale.
Automated VPC & Security Group provisioning using Terraform and Python with least-privilege IAM baked in from day one.
Used GNS3 and Ansible to fully automate network lab deployments — slashing manual setup time by 70%.
Deep-packet analysis of firewall rules and routing policies to eliminate all exposed services across the estate.
Industry-recognized badges that back up the expertise.
AWS Certified
Network Security Engineer
Certified Ethical Hacker
Networking Certifications
Systems Engineer
OWASP Top 10 & MITRE ATLAS
Recent writing on cloud security, Zero Trust, detection engineering, and AWS.
Introduction SSH has been the default way to access Linux servers for decades. In cloud environments like AWS, however, SSH introduces unnecessary risk: static keys, open network ports, weak identity attribution, and poor auditability at scale. In th...
SSH-based access to cloud workloads remains common, but it introduces unnecessary attack surface: open inbound ports, long-lived credentials, key sprawl, and limited auditability. Modern AWS environments do not require SSH for interactive access to E...
📌 Why This Project Matters Security controls appear perfect on paper — until real-world traffic, misconfigurations, and human errors expose the gaps. In Project 3, I focused on implementing core cloud security controls and then actively testing them...
Open to new roles, consulting, and collaboration. Let’s build something secure together.
