About Me

  • Full Name:Raajhesh Kannaa Chidambaram
  • Email:raajheshkannaa@gmail.com
  • Address:Toronto, Canada

Hello There!

Infrastructure Security Architect with a decade long experience in designing/building and hands-on security knowledge with focus on Infrastructure Security, Data Protection, Logging and Monitoring, Identity and Access Management, Incident Response by utilizing Detective and Preventive Guardrails and applying security at all layers through defense in depth.

Critical Thinker with the ideology - "Regardless of my knowledge and education so far, I would love to unlearn and learn something new every day in the field of Information Security and Technology." Enjoys spending time in platforms like HackTheBox, TryHackMe.

My Resume

  • Work Experience

  • Doordash - Cloud Security Engineer

    July 2023 - Present

    • Developed a product leveraging Streampipe, using natural language for querying AWS infrastructure through a user interface. This tool facilitates the search and discovery of AWS resources and addresses security inquiries, such as identifying publicly exposed resources across accounts.

    • Created automation scripts to manage and synchronize Private Terraform module updates across the GitHub Organization, ensuring consistent and up-to-date references.

    • Developed a SlackBot powered by AWS Lambda to automate the review and approval of GitHub Pull Requests in the Cloud Security support channel, significantly reducing operational overhead.

    • Played a pivotal role in the full lifecycle of the project to identify and integrate a CSPM tool, from proof of concept, through selection and onboarding, to post-implementation support and progression.

  • Senior Staff Security Engineer

    June 2022 - April 2023

    • Built an automation delivery using CDK Pipelines/GitOps Operational model for Customization & Tuning of AWS Config Conformance Pack Rule findings imported into SecurityHub and alert & escalations through PagerDuty, Slack, Jira.

    • Iteratively working with the DevOps/SRE team to build Incident Response Notebooks using Jupyter Notebooks to query CloudTrail Lake for investigation and respond to GuardDuty threat activity in corresponding AWS Accounts.

    • Built a CDK Pipeline/GitOps Model to streamline maintenance and delivery of Permission Sets to AWS Identity Center(AWS SSO) integrated with OneLogin IdP.

    • Built an Enforcement Engineering Pipeline to deploy multiple CDK Apps such as Service Control Policies, corrective actions such as reverting Security Group rule changes, Permission Boundaries

    • Built a Detection Engineering Pipeline to deploy multiple CDK Apps such as IAM Credentials exposure, Access Denied Monitoring due to SCPs and more..

    • Designed and Built Automation to send Azure's Microsoft Defender for Cloud Security Alerts and Recommendations to Slack, PagerDuty and Jira respectively using Azure Functions in a GitOps model.

  • Senior Security Engineer

    May 2021 - June 2022

    • Automated AWS Attack Surface Management for 300+ AWS Accounts using CDK CI/CD Pipelines.

    • Built a solution to detect vulnerable AWS Route53 domains which could be taken over due to missing origins.

    • Setting up AWS Control Tower, enrolling 300+ accounts, customizing landing zones for Security Hub, GuardDuty, SSO integration with Okta, Service Control Policies for reducing attack surface using Native services.

    • Deception Engineering using techniques to detect targeted attacks and early signs of a breach and prevent lateral movement using fake disallowed entries in robots.txt, developer comments in page source, session cookies, javascript, user accounts, database tables, API endpoints, AWS access/secret keys.

  • Senior Security Analyst

    Sept 2019 - Apr 2021

    • Built Security Operations Center using AWS GuardDuty, SecurityHub, CloudTrail, Config, Qualys Vulnerability findings with Sumologic integrated with PagerDuty, Slack and Jira for Security Monitoring & Incident Detection.

    • Built Preventive Guardrails using a ChatOps approach with Slack Interaction to revert AWS Security Group changes to specific ports from an IP, which will alert in Slack to approve or disapprove.

    • Built, maintained and operated Palo Alto VM Series 300 firewall in AWS Cloud catering 300+ users, across platforms such production and corporate needs at scale with AWS Transit Gateway and Global Accelerator.

  • Security Engineer

    Oct 2018 - Sept 2019

    • Security Operations, Responsible for continuous monitoring for anomalous activity with Incident Response and Digital Forensics.

    • Built a comprehensive Vulnerability Management solution involving Scanning and Reporting automation using Qualys API, AWS Lambda, DynamoDB and Sumologic.

    • AWS Security using services such as GuardDuty, SecurityHub, Inspector orchestration using Lambda with Python for automation and enforcements with cross-account IAM roles for managing 60+ Accounts using AWS Organizations along with CloudTrail and Config.

  • Technical Lead - IT Risk Management R&D

    Oct 2016 - Oct 2018

    • Built and executed Application Security Program on a budget with the philosophy of high returns on Investments.

    • Static Code Analysis - Coverity, Cppcheck, VisualCodeGrepper.

    • Dynamic Analysis - IBM AppScan, Burp Suite, Zed Attack Proxy.

    • Elastic Stack and Splunk as the platform for automated pipeline delivery of Static and Dynamic testing reports.

    • OWASP Dependency Check for 3rd party/Open Source Vulnerability Analysis

    • Secure Development Lifecycle Documentation - Best practices, Policies and Procedures, OWASP Cheat Sheets for each of the Top Ten 2013

    • Security Awareness programs using deliberately vulnerable web applications.

  • Senior System Administrator

    Mar 2011 - Oct 2016

    • Cyber Security Team - Responsible for Vulnerability Assessment, Management and Security Operations for the entire infrastructure. Vulnerability Test Assessments using Qualys Scan and remediation plans for Hosting team. Database backups Encryption using LUKS encrypted volumes. Regular perimeter scans for open ports/services. Internal Phishing campaign using the Lucy Framework.

    • Web Application Firewall using Modsecurity for Apache. Enabling Web Security using HTTPS/TLS using the free CA ‘Let's Encrypt’ for all domains for considerable cost savings to the organization..

    • Open Source Intelligence using Censys.io for collection and analysis to review publicly available data about the company that could be used for o􀁍ensive purposes before threat actors do.

    • File Integrity Monitoring using OSSEC HIDS & GitLab to maintain backup copies of mission critical application data.

Certifications

Offensive Security Certified Professional

AWS Certified Security Specialty

AWS Advanced Networking Specialty

Let's talk!

Checkout my Resume






Download