Raajhesh Kannaa Chidambaram

Senior Security Engineer // Toronto

15 years from bare metal to securing cloud infrastructure at scale. I build the security tooling and automation that makes secure defaults the easy path for engineering teams.

// projects

$ ls projects/ -la

teampcp-goat/new

Intentionally vulnerable AWS environment for practicing cloud pentesting techniques.

gha-scanner/live

GitHub Actions security scanner. 25 checks, 8 categories, graded reports. scan.defensive.works

auto-close-accounts/

Continuous external attack surface discovery and vulnerability scanning across AWS accounts.

fleet-access/

Hub and Spoke IAM Roles for AWS multi-account security at scale.

cdk-booty-strappin/

Automatically CDK bootstrap all AWS accounts in an Organization.

cloudtrail-detections/

Detection rules for investigating security events via AWS CloudTrail Lake.

// writing

$ cat writing/

assumed-role/# cloud security thriller

IAM credential theft, lateral movement, incident response. Techniques mapped to MITRE ATT&CK with real CloudTrail detection queries.

signed-and-sealed/# sequel

Supply chain attacks, CI/CD compromise, code signing, container security. Real-world parallels to SolarWinds, Codecov, and tj-actions.

// certifications

$ cat certs.txt

OSCPOAWSPAWS Security SpecialtyAWS Adv. NetworkingAWS SA AssociateRHCE

// experience

$ history --career

Senior Security Engineer2023-present

Senior Staff Security Engineer — Delphix2022-2023

Senior Security Engineer — Guidewire2021-2022

Senior Security Analyst — BoxyCharm2019-2021

Security Engineer — Zuora2018-2019

Technical Lead — BNY Mellon2016-2018

Sr. System Administrator — Ebix2014-2016

System Administrator — Ebix2011-2014

─────────────────────────────────────────────

Toronto, CanadaLast login: Apr 2026

$ _