// available for freelance

Cloud Security Engineer

I help businesses secure their AWS infrastructure — auditing misconfigurations, hardening Linux servers, and building resilient cloud environments that attackers can't crack.

view projects contact me
vishnu@sec:~$ run-audit --target aws-prod [*] Scanning IAM policies... [!] Overprivileged role detected [*] Checking S3 bucket ACLs... [✗] Public bucket: prod-backups-2024 [*] Auditing security groups... [✓] Firewall rules: compliant [*] CloudTrail logging enabled [✓] Report saved → report.pdf vishnu@sec:~$
AWS Ubuntu Nginx Terraform CloudTrail IAM TryHackMe CloudGoat Firewall SSL/TLS EC2 S3 AWS Ubuntu Nginx Terraform CloudTrail IAM TryHackMe CloudGoat Firewall SSL/TLS EC2 S3

// 01 — about

Who I Am

I'm Vishnu, a self-taught cloud security engineer on a mission to make cloud infrastructure genuinely secure — not just checkbox-compliant.


I work hands-on with AWS environments, Linux servers, and network hardening. My approach is attacker-minded: I find what's broken before someone else does, then fix it properly.


Currently building my freelance practice through real-world labs, CTFs, and client projects. If you need someone to audit, harden, or consult on your cloud setup — let's talk.

// 02 — skills

What I Do

☁️
AWS Security
Auditing IAM policies, S3 bucket permissions, security groups, and CloudTrail configurations for misconfigurations and over-privilege.
IAM S3 EC2 CloudTrail VPC
🖥️
Linux Server Hardening
Configuring Nginx, UFW firewall rules, SSL/TLS certificates, fail2ban, and system-level security controls on Ubuntu servers.
Ubuntu Nginx Firewall SSL fail2ban
🔍
Penetration Testing
Using CloudGoat and TryHackMe to practice real-world attack paths — privilege escalation, lateral movement, and cloud exploitation techniques.
CloudGoat TryHackMe Misconfig Audit
🏗️
Infrastructure as Code
Deploying secure, repeatable cloud infrastructure with Terraform — ensuring security controls are built in from day one, not bolted on later.
Terraform AWS CLI Automation
📊
Monitoring & Logging
Setting up CloudWatch, CloudTrail, and alerting pipelines so suspicious activity is detected and investigated fast.
CloudWatch CloudTrail Alerting
📝
Security Reporting
Writing clear, actionable audit reports for technical and non-technical stakeholders — risk-rated findings with step-by-step remediation.
Audit Reports Risk Rating Remediation

// 03 — projects

Featured Work

project_01
AWS IAM Privilege Escalation Lab
Built a CloudGoat scenario to simulate real-world IAM privilege escalation. Documented the full attack path from unprivileged user to admin, then wrote remediation steps including SCPs and least-privilege policies.
CloudGoat AWS IAM Python Terraform
view →
project_02
EC2 + Nginx Hardening Playbook
Hardened a production EC2 Ubuntu server from scratch: SSL/TLS with Let's Encrypt, Nginx security headers, UFW rules, fail2ban, and automated security patching. Reduced attack surface by 80%.
EC2 Ubuntu Nginx Let's Encrypt UFW
view →
project_03
S3 Misconfiguration Audit Tool
A Python script that scans AWS accounts for publicly exposed S3 buckets, overly permissive ACLs, and missing encryption. Outputs a structured JSON report with severity ratings.
Python Boto3 AWS S3 JSON
view →

// 04 — certifications

Credentials

Amazon Web Services
AWS Cloud Practitioner
✓ in progress / earned
TryHackMe
SOC Level 1
✓ completed
Rhino Security Labs
CloudGoat Scenarios
✓ active labs
Linux Foundation
Server Administration
✓ self-study

// Update these with your actual certs — add or remove cards as needed

// 05 — contact

Work Together

Looking for a cloud security audit, a hardened server setup, or an ongoing security consultant? I'm available for freelance engagements. Let's talk.

vishnu@email.com email linkedin.com/in/vishnu linkedin