OPEN TO WORK · CLOUD & SECURITY
Rishi
Raj
_
Building secure cloud platforms at the intersection of DevOps and security — from Terraform-driven automation to threat detection and incident response across AWS, Azure and GCP.
- 5+
- Years in Cloud
- 3
- Cloud Platforms
- 6
- Certifications
DAILY OPERATIONS
● ALL SYSTEMS SECURED➜ ~ rishi tighten --bolts --clouds aws,azure,gcp ✓ done
FEATURED WORK
Projects.
GitOps CI/CD Platform
End-to-end delivery pipeline for containerized apps — GitHub Actions for CI, Argo CD for GitOps-based CD, with Prometheus/Grafana monitoring and SonarQube code scanning baked in.
DMZ Infrastructure Automation
Terraform-driven provisioning and maintenance of DMZ infrastructure on AWS, using Terraform Workspaces and Terraform Cloud for centralized state and team collaboration.
Cloud Security Automation Suite
Python tooling that scans AWS-deployed services for security vulnerabilities and validates Terraform deployments as policy-as-code, catching best-practice violations before resources go live.
Multi-Cloud Migration & IaC
Led an on-premises to AWS/Azure/GCP migration, provisioning VMs, networking and container clusters (ECS, AKS, GKE) with Terraform and GitLab CI/CD.
Cloud Infra Automation
Terraform-driven infrastructure provisioning with Terraform Cloud for centralized collaboration — plus AWS DMS and MGN powering streamlined database and application migration.
Insurance Platform Migration
On-premises to AWS migration of database and application for one of India's largest insurers — highly available, fault-tolerant architecture with autoscaling baked in.
Well-Architected Review Automation →
Serverless tool that gathers AWS resource data and generates Well-Architected assessment documentation automatically — built for a logistics unicorn.
MINDSET · LOCATION · TRAJECTORY
Operating system.
SECURE
Security is not a gate at the end of the pipeline — it's baked into every commit, every module, every deployment.
AUTOMATE
If it's done twice by hand, it becomes Terraform. Everything as code — infra, policy, pipelines.
SCALE
Highly available, fault-tolerant, cost-aware — architectures designed to survive real traffic and real audits.
CERTIFICATION TRAJECTORY
VERIFIED6 ACTIVE CERTS
AWS PROFESSIONAL · AZURE ×5
BASE OF OPERATIONS
BENGALURU
INDIA
12.9716° N, 77.5946° E
GMT+5:30 · IST
● response: <24h
DEVSECOPS LOOP
WHERE I'VE BEEN
Experience.
Deloitte USI
- Moved into a DevOps-driven part of the security practice — building CI/CD pipelines with GitHub Actions for CI and Argo CD for GitOps-based CD.
- Built Docker images and deployed/orchestrated containerized workloads on Kubernetes.
- Set up monitoring with Prometheus and Grafana, and integrated SonarQube for automated code scanning in the pipelines.
- Shipped multiple production applications end-to-end on this CI/CD, container, and monitoring stack.
- Cloud security engineering across AWS, Azure and GCP — threat detection, incident response and DevSecOps enablement.
- Automated and maintained DMZ infrastructure deployments on AWS with Terraform, using Terraform Workspaces and Terraform Cloud for state management and team collaboration.
- Supported multiple application deployments within the DMZ, coordinating rollouts across teams.
- Worked with the networking team to troubleshoot connectivity and infrastructure issues across DMZ environments.
- Built Python automation to scan AWS-deployed services for security vulnerabilities.
- Wrote a Python-based policy checker for Terraform deployments, validating that provisioned resources followed security best practices before going live.
Cognizant Servian
- Led migration from on-premise to AWS, Azure and GCP, creating a versatile multi-cloud environment.
- Implemented Infrastructure as Code with Terraform for automated provisioning of VMs, networking and container clusters across Amazon ECS, Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE).
- Established GitLab version control and CI/CD pipelines for collaborative development and automated deployment.
- Containerized workloads with Docker, orchestrated across Amazon ECS, Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE); drove security, compliance and cost-optimization audits.
CloudThat Technologies
- Continued leading AWS cost assessments, security assessments, and migration engagements at a senior level.
- Automated infrastructure provisioning with Terraform for client environments.
- Architected cloud infrastructure for some of the practice’s largest enterprise clients, owning migration and deployment end-to-end.
- Infrastructure automation & migration for a cloud communications client — Terraform Cloud for centralized collaboration, AWS DMS and MGN for database and application migration.
- On-premises → AWS migration for one of India's largest insurers — highly available, fault-tolerant architecture on EC2, RDS MySQL, ALB, Auto Scaling, IAM, S3, ACM and Route 53.
- Built a Well-Architected Review automation tool for a logistics unicorn using API Gateway, Lambda, S3, CloudWatch and IAM.
- Ran AWS Cost Assessments and Cloud Security Assessments for client environments, surfacing savings and hardening opportunities.
- Executed application and database migrations, moving on-premises and third-party-vendor infrastructure onto AWS.
- Worked directly with clients to understand their problem statements and design AWS-based solutions.
F13 Technologies
- Built a foundation in cloud computing fundamentals — what the cloud model actually solves versus traditional on-premises infrastructure.
- Explored the breadth of AWS's service catalog hands-on, from compute (EC2), storage (S3), and databases (RDS) to networking (VPC) and IAM.
- Got real-time exposure to day-to-day cloud operations, laying the groundwork for everything that followed in my cloud career.
TOOLBOX · CREDENTIALS
Arsenal.
Cloud Platforms
Infrastructure as Code
Containers & CI/CD
Security & Monitoring
Scripting
Systems & Web
AWS Certified Solutions Architect — Professional
AWSAzure Solutions Architect Expert (AZ-305)
AZUREAzure Administrator Associate (AZ-104)
AZUREAzure Network Engineer Associate
AZUREAzure Cosmos DB Developer Specialty
AZUREAzure Fundamentals
AZUREPOCS · PIPELINES · POST-MORTEMS
Writing.
JUL 9, 2026
How This Website Runs for $0 a Month
The architecture behind this site: Astro, GitHub and Cloudflare Pages — no servers, no database, no bills.
JUL 1, 2026
Automating AWS Well-Architected Reviews with Lambda, API Gateway and S3
A step-by-step proof of concept: building a serverless tool that collects AWS resource data and generates Well-Architected Review documentation automatically.
SAY HELLO · WORK · IDEAS
Reach Out.
HIT ME UP