Hi, I'm Nisha 👋

Cloud Security Engineer | GRC Engineering | Security Automation

I'm a cybersecurity professional specializing in bridging compliance frameworks with cloud security automation. I build security controls as code, automate vulnerability remediation, and implement policy-driven security architectures in AWS and Azure environments.

Currently: Senior Cyber Security Engineer supporting cloud-hosted systems | CISSP | AWS Solutions Architect Associate

🔗 LinkedIn | 📝 Technical Blog | 📚 Personal Page

---

🎯 What I'm Working On

• 🔐 Building container security scanning pipelines with GitHub Actions & Trivy
• ☁️ Implementing AWS Config auto-remediation for security group misconfigurations
• 🎓 Studying for AWS Security Specialty certification
• 🌱 Exploring policy-as-code with OPA and compliance automation frameworks

---

💼 Core Competencies

Cloud Security & Automation

• AWS Security Architecture (VPC, IAM, Config, CloudTrail, GuardDuty)
• Infrastructure as Code (Terraform, CloudFormation)
• Container Security (Docker, Kubernetes, ECR scanning)
• CI/CD Security Integration (GitHub Actions, security gates)

GRC & Compliance Engineering

• RMF/ATO Process (NIST 800-53, FISMA, FedRAMP)
• Vulnerability Management (Tenable Nessus, ACAS, automated remediation)
• eMASS Authorization Workflows
• Policy-to-Code Translation (compliance automation)

Security Operations

• SIEM Analytics (Splunk, Azure Sentinel)
• Network Security (Zero Trust, micro-segmentation, firewalls)
• Threat Detection & Incident Response
• Penetration Testing & Red Team Operations

---

🚀 Featured Projects

Cloud Security Automation

🔍 Container Security Scanning Pipeline Automated Trivy scanning in GitHub Actions Vulnerability reporting & CVE tracking Policy enforcement for production deployments View Project →	⚙️ AWS Config Auto-Remediation Lambda-based security group remediation CloudWatch Events for real-time response NIST 800-53 SC-7 control automation View Project →
🏗️ 3-Tier AWS VPC with Terraform Production-grade network architecture Security group automation & least privilege Multi-AZ resilient design View Project →	🌐 Zero Trust Network Architecture Azure Firewall policy automation Micro-segmentation implementation Site-to-Site VPN configurations View Project →

Infrastructure as Code (IaC)

Project	Technology Stack	Description
Terraform AWS Configs	Terraform, AWS, GitOps	Automated dev environment provisioning with security controls
Terraform Azure Configs	Terraform, Azure, ARM	Azure infrastructure deployment with compliance baselines
AWS Security Projects	AWS, Python, Lambda	Security automation and serverless architectures
Azure Security Projects	Azure, PowerShell, Sentinel	Cloud security monitoring and SIEM integration

Vulnerability & Compliance Management

• OpenVAS Vulnerability Assessment - Complete vulnerability analysis workflow with remediation tracking
• Nmap Network Scanning - Automated network discovery and security posture assessment
• Network Traffic Analysis - Packet capture analysis for threat hunting

Threat Detection & Security Operations

• Azure Sentinel Live Attack Map - Real-time threat visualization and geo-mapping
• Incident Handling with Splunk - End-to-end incident response workflows
• Splunk Universal Forwarder Setup - Log aggregation and centralized monitoring

Offensive Security & Red Team

• Active Directory Penetration Testing - Full AD attack chain lab environment
• Hack the Box Walkthroughs - CTF solutions and exploitation techniques
• TryHackMe Labs - Security challenges and skill development
• Penetration Testing Notes - Comprehensive offensive security reference

Network Security (NIST 800-53 SC-7)

• Azure Firewall Manager - Secured virtual hub with centralized policy management
• Palo Alto Firewall Projects - Enterprise firewall configurations and security policies

---

🛠️ Technology Stack

Cloud Platforms

Infrastructure & Automation

Security Tools

Programming & Scripting

DevSecOps

---

📜 Certifications

• CISSP - Certified Information Systems Security Professional
• AWS Solutions Architect Associate
• GDSA - GIAC Defendable Security Architecture
• CompTIA Security+ (Instructor)
• 🎯 Currently studying: AWS Certified Security - Specialty

---

🎓 Community Involvement

• 👩‍🏫 CompTIA Security+ Study Group - Teaching exam prep courses
• 🤝 WiCyS Professional Mentorship Program - Active mentor
• 💡 GRC Engineering Club - Member & contributor
• 🔐 DevSec Blueprint Community - Technical participant

---

📊 GitHub Stats

---

📫 Let's Connect

I'm always interested in discussing cloud security automation, GRC engineering practices, and building security controls as code. Feel free to reach out!

---

"Building bridges between compliance frameworks and cloud security automation, one Terraform module at a time."