Security Engineer specializing in cloud security and enterprise network architecture, with a focus on designing secure, resilient, and governance-driven environments across AWS and Azure.

I build and secure cloud infrastructures using identity-first security principles, emphasizing least privilege, Zero Trust, and strong segmentation to reduce risk and protect critical systems.

My experience includes IAM, hybrid networking, cloud monitoring, and threat detection, with a practical approach centered on real-world architecture and security operations.

I actively develop hands-on cloud security projects to deepen expertise in secure design, automation, and detection engineering.

• Identity and Access Management (IAM, RBAC, least privilege, role-based access control, policy design, identity lifecycle management)
• Zero Trust architecture, network segmentation, and identity-first security design across cloud environments
• Cloud logging, monitoring, and threat detection using centralized visibility and detection-driven approaches
• Secure configuration management aligned with cloud security best practices and shared responsibility model
• Risk-based security approach focused on reducing attack surface and prioritizing high-impact vulnerabilities
• Encryption and data protection strategies for securing data at rest and in transit
• Governance, compliance, and policy enforcement using cloud-native security controls and frameworks
• Security posture management and continuous assessment of cloud environments

• Design of secure AWS and Azure architectures aligned with Well-Architected Framework principles (security, reliability, performance, cost optimization, operational excellence)
• High availability and resilient infrastructure design using multi-AZ and multi-region deployment strategies
• Network architecture design including hub-and-spoke models, VPC/VNet segmentation, and controlled traffic flow
• Hybrid connectivity design (site-to-site VPN, remote access, secure connectivity between on-prem and cloud environments)
• Scalable workload deployment using modular and repeatable infrastructure patterns
• Integration of security controls into architecture design (identity-first approach, segmentation, least privilege)
• Cost-aware architecture planning with performance and efficiency considerations
• Infrastructure as Code (IaC) concepts for consistent, automated, and scalable deployments (Terraform in progress)

• Network security architecture design including segmentation, secure zones, and controlled traffic flow across enterprise environments
• Implementation and management of firewalls and network security controls (Cisco ASA, Cisco Firepower/FTD, Palo Alto, Fortinet)
• Network access control and authentication using 802.1X and identity-based policies (Cisco ISE)
• Site-to-site and remote access VPN design for secure hybrid connectivity
• Vulnerability management using tools such as Nessus, OpenVAS, and Qualys for continuous risk assessment
• Security monitoring and log analysis using SIEM platforms (Splunk, Wazuh) for threat detection and incident response
• Security operations and incident management workflows using platforms such as ServiceNow and Jira
• Hands-on experience with offensive and defensive security tools (Kali Linux) for testing and validation of security controls
• Design and security of multi-tier application environments including web, application, and database layers
• Secure infrastructure management including domain controllers, storage systems, and enterprise services
• Integration of network and security controls into enterprise and cloud environments for unified security posture

Designed and implemented multiple cloud security and infrastructure projects across AWS and Azure, focusing on secure architecture, scalability, and governance-driven design.

Key highlights:

• Applied Well-Architected Framework principles across security, reliability, performance efficiency, cost optimization, and operational excellence
• Designed highly available and resilient architectures using multi-AZ deployments and scalable infrastructure patterns
• Implemented identity-first security models using IAM, RBAC, and least-privilege access controls
• Built segmented network architectures using hub-and-spoke design and controlled traffic flows
• Enabled centralized logging, monitoring, and visibility for threat detection and security operations
• Developed infrastructure aligned with Zero Trust principles, emphasizing segmentation, identity, and continuous verification
• Integrated security controls into architecture design, reducing attack surface and improving risk posture
• Built and tested multi-tier environments including web, application, database, and storage layers
• Applied governance and policy-driven security controls using cloud-native services
• Gained additional hands-on experience through building end-to-end cloud environments simulating enterprise scenarios

• CASP+
• SSCP (ISC2)
• CEH
• PenTest+
• Linux+
• CCNP Enterprise
• CCNP Security Core
• ITIL Foundation
• AWS Certified Cloud Practitioner
• AWS Solutions Architect Associate (SAA-C03)

• Designing and securing multi-cloud architectures across AWS and Azure, emphasizing scalability, resilience, and governance-driven design
• Implementing identity-first security models using IAM, RBAC, and least-privilege access controls across hybrid environments
• Applying Zero Trust principles through network segmentation, controlled access, and continuous verification
• Aligning security practices with governance, risk, and compliance requirements using cloud-native controls and policy frameworks
• Building and integrating security monitoring solutions to improve visibility, detection, and response across cloud and hybrid infrastructures
• Developing security automation workflows to streamline detection, response, and remediation of cloud security risks
• Strengthening enterprise infrastructure security across web, application, database, and storage layers
• Expanding hands-on expertise in Infrastructure as Code (Terraform) for secure, consistent, and scalable deployments

• LinkedIn: https://www.linkedin.com/in/sharmahari25/

📁 aws-enterprise-infrastructure-platform
Designed a secure, scalable AWS enterprise platform using segmented VPC architecture, centralized controls, and governance-driven design aligned with Zero Trust principles.

📁 terraform-multicloud-security-monitoring
Built a multi-cloud monitoring solution using Terraform to enable centralized visibility, logging, and security posture management across AWS and Azure environments.

📁 aws-security-automation-platform
Implemented security automation workflows to detect, respond, and remediate cloud risks, improving operational efficiency and reducing response time.

📁 multicloud-security-automation
Developed cross-cloud security automation strategies integrating monitoring, policy enforcement, and automated response across hybrid environments.

📁 aws-data-security-architecture
Designed a secure data architecture with encryption, access controls, and data protection strategies aligned with governance and compliance requirements.

📁 azure-cloud-security-architecture
Built a secure Azure architecture using hub-spoke networking, RBAC, managed identities, and native monitoring for secure and scalable workload deployment.

Focused on Security Engineer roles across hybrid environments, securing both on-premises and cloud infrastructures (AWS and Azure) with an emphasis on Zero Trust, identity-first security, and governance-driven practices.

Committed to building secure, resilient systems that improve visibility, reduce risk, and strengthen overall security posture through practical implementation and continuous monitoring.

⭐️ Thanks for visiting my profile.