Security Engineer Cloud

Sneha Malshetti

Cloud Security Engineer

Seattle, WA • *****.*********@*****.*** • 857-***-**** • linkedin.com/in/sneha-malshetti • github.com/sneha-malshetti PROFESSIONAL SUMMARY

Cloud Security Engineer with 9+ years of experience designing, implementing, and securing scalable cloud infrastructures across AWS, GCP, and Azure. Proven track record in building in-house CIEM tools, automating compliance for 600+ accounts, and leading end-to end cloud architecture and infrastructure initiatives. Adept at threat modeling, IAM hardening, CSPM/CIEM integration, and infrastructure-as-code security. Passionate about securing modern cloud-native environments. SKILLS

Cloud Security Engineering

Threat Modelling

Security Assessment

SIEM

CIEM

Container technologies

Vulnerability Management

Identity and Access Management

Python Programming

Third Party tool Integration(Wiz, Prisma)

CSPM

Infrastructure Security

Cloud Architecture

Infrastructure as Code (Terraform, CFT)

Data Compliance (PCI, ISO, CCPA, NIST)

DevSecOps Practices

Secure Code Review

PROFESSIONAL EXPERIENCE

Security Engineer III Credit Karma Inc. Seattle, WA December 2021–Present

• Architected and developed a customized cloud security posture monitoring tool(CSPM), providing actionable insights from 600+ GCP projects, to the CISO and all security and application teams, reducing data collection audit and analysis time by 80%.

• Led automation of cloud infrastructure processes, achieving 25% reduction in identity risk, while improving operational efficiency and streamlining access control management in the IAM team.

• Resolved critical identity and access management issues through streamlined remediation workflows, enhancing system security and audit readiness, saving the company around $12K per month.

• Implemented migration of systems (jump hosts and code) using Infrastructure as Code (IaC) and state, ensuring compliance security standards.

• Created a observability pipeline for monitoring health and compliance of 25+ tools under Cloud Security team.

• Performed Security Review and Threat Modelling for applications for 12 application teams within the Company.

• Recipient of the Exceptional Impact Program Award Grants in June 2024 for my work with the CIEM Security Engineer II Zulily Inc. Seattle, WA December 2020–December 2021

• Spearheaded the development and implementation of a comprehensive cloud security strategy including CIS Benchmark and NIST framework across AWS, GCP, and Azure environments, ensuring a resilient and compliant cloud security posture.

• Designed and implemented AWS Cloud Security Roadmap, aligning with organizational risk posture and compliance requirements, identifying and remediating 3000+ resources across AWS, GCP and Azure with automated retrospective controls, reducing high risk metrics by 60 %.

• Collaborated with cross-functional teams to develop and implement effective policy frameworks, remediating cloud security vulnerabilities and enhancing compliance by introducing Secure code review practices and Threat modelling mitigating threats in 32 applications.

• Formulated training sessions to educate applications teams about the latest security protocols and compliance issues, fostering a culture of security awareness across the organization.

• Evaluated and implemented multiple third-party security tools(Wiz, Prisma, Orka), ensuring seamless integration and alignment with organizational needs, resulting in significantly improved cloud threat identification capabilities.

• Directed the comprehensive security hardening of Azure accounts across organization, leveraging assessments, vulnerability scans, and threat mitigation to ensure compliance, enhance security, and protect sensitive data. Cloud Security Engineer Disney Inc. Bristol, CT November 2019–December 2020

• Assessed and revamped the existing Security Posture, defining a comprehensive migration roadmap from a security perspective to safeguard sensitive data.

• Identified gaps in PII compliance, instituting a systematic approach for Cloud Security Operations that improved compliance metrics significantly.

• Constructed a new DevOps pipeline on AWS using Terraform, establishing automated processes that minimized downtime and security risks.

• Created a comprehensive set of Terraform resources and projects to establish a data-centric architecture in AWS, ensuring compliance with CCPA. This initiative transitioned the organization from using a single AWS account to a multi-account strategy, optimizing resource management and security across different teams. Cloud Data Security Engineer United Airlines Inc. Houston, TX November 2018–November 2019

• Implemented continuous compliance using serverless automated controls across 200+ AWS accounts, achieving PCI DSS and PII standards.

• Enhanced the security landscape by evaluating and integrating advanced security tools, utilizing threat modeling and vulnerability management tactics and tools efficiently.

• Rearchitected the centralization and transmission of logs for threat analytics across all accounts reducing billing by $27K per month.

• Developed and deployed a robust CI/CD pipeline, streamlining infrastructure-as-code deployments, and significantly enhancing deployment efficiency by 80%.

• Performed in-depth analysis of Low-Level Designs (LLD) for security gaps more than 30 applications at various stages of development.

• Overhauled the design and implementation of a streamlined DevSecOps pipeline(Git, TeamCity, and CloudFormation), to achieve significant gains in operational efficiency (+50%), security, and performance, with comprehensive documentation for future scalability.

Data Management Engineer Intern Agero Medford, MA August 2017–January 2018

• Reproduced complex visualizations using Tableau and JavaScript API, yielding an annual savings of $30K annually by productizing report generation.

• Configured SSIS packages for seamless data integration and automated report delivery, optimizing the overall reporting process by 60%.

Data Engineer Mindtree Ltd. India May 2014–July 2016

• Increased client revenue by 8% through the designing and creation of forecast reports that enhanced predictive accuracy.

• Streamlined query performance for reporting through optimization of SAP BI pipelines, enhancing efficiency by 20%.

• Received multiple acknowledgments for exceptional report delivery and coverage, underscoring commitment and technical expertise.

CERTIFICATES

GCP Certified Professional Security Engineer Google Dec 2024 GCP Certified Associate Cloud Engineer Google Apr 2024 Advanced Cybersecurity Certificate Stanford Oct 2022 AWS Certified Security Specialty AWS May 2020

Azure Fundamentals Certificate Microsoft Nov 2019 AWS Certified Solutions Architect – Associate AWS Jan 2019 Data Engineer on Google Cloud Platform Coursera Dec 2018 EDUCATION

Northeastern University Boston Aug 2018

Master of Science in Information Systems

Important Coursewrok :Cloud Technologies, CyberSecurity, Advanced Data Science, Data Warehousing and BI

Contact this candidate