I'm a Cloud Security Compliance & GRC Engineer passionate about Compliance-as-Code, AWS security automation, and building audit-ready, scalable infrastructure. I align cloud governance and risk management with both engineering workflows and business goals, embedding GRC into cloud workflows so compliance doesn't slow innovation, but instead supports agility, trust, and resilience.
Deploy Config, EventBridge, and Lambda to enforce compliance with CIS/NIST controls. Uses full CloudFormation for IaC and demonstrates real-world auto-remediation strategy.
- 🛠 Compliance-as-Code (AWS Config, SCPs, Security Hub)
- ⚙️ Infrastructure-as-Code (CloudFormation, Terraform basics)
- 🔐 Cloud Security Governance (IAM, Guardrails, Logging)
- 📊 Framework Mapping (NIST 800-53, CIS v8, ISO 27001)
- ⚡ Security Automation & Event-Driven Remediation
- 🧾 Audit-Ready Logs and Evidence Generation
- ☁️ Cloud Platforms: AWS-first, multi-cloud and expanding into Kubernetes
- ✅ GRC Control Blueprints in AWS
- 🔄 Cloud Audit Automation & Report Exporting
- 🧱 Multi-account Guardrail Enforcements via SCP + Config
- 📦 Secure Cloud Deployments with GitHub Actions + IaC
- 📄 [Website] Coming Soon
- 🛠 GitHub: github.com/Runc9
Let’s secure the cloud — one compliant stack at a time.