projects
Projects
Portfolio work demonstrating architecture, governance, and hands-on cloud security delivery.
Compliance as Code
OPA/Rego policy enforcement mapped to PCI DSS v4.0, SOC 2, and NIST 800-53, with a gated CI pipeline and 50/50 passing policy tests.
SecureVault
A GCP security detection and response pipeline. It consumes Security Command Center findings, classifies them by severity, auto-remediates critical misconfigurations, alerts on high-severity issues, and logs everything for audit.