Radhika Tripathi

Cloud Security Architecture & Governance

• Support the execution and continuous enhancement of the enterprise cloud security and information risk strategy to safeguard public cloud assets across AWS and Azure environments.
• Conduct risk-based security assessments of cloud services, platform architectures, and security controls, ensuring alignment with enterprise security frameworks and regulatory requirements.
• Partner with platform engineering and business technology teams to implement security control requirements across multi-cloud architectures.
• Perform security architecture reviews of infrastructure-as-code deployments (Terraform and cloud-native templates) to ensure secure-by-design cloud platform development.
• Evaluate cloud environments for identity and access management, network segmentation, encryption, logging, monitoring, and data protection controls.
• Mapped 600+ AWS SCIF controls to the Cloud Controls Matrix (CCM), improving enterprise compliance visibility and governance alignment.
• Lead Azure Policy control mapping initiatives to establish consistent security governance across multi-cloud environments.
• Manage AWS security exceptions, documenting risk acceptance, compensating controls, and remediation timelines.

AI & Generative AI Security

• Enabled secure enterprise adoption of Generative AI by establishing AI security governance frameworks and evaluation standards for AI security platforms.
• Authored security architecture guidelines and threat modeling frameworks for Generative AI and Agentic AI systems, addressing risks such as prompt injection, model misuse, data leakage, and insecure tool integrations.
• Developed security design standards and architectural documentation for enterprise AI platforms, including AWS Bedrock, AWS Bedrock AgentCore, Azure AI Bot services, and secure implementation of Retrieval-Augmented Generation (RAG) architectures.
• Designed a comprehensive AI security vendor evaluation framework to assess enterprise AI security platforms across key domains including AI data security, runtime protection, AI application security, and red teaming capabilities.
• Architected and implemented an in-house enterprise AI chatbot integrated with AWS Bedrock Knowledge Base, enabling secure retrieval of internal security documentation and remediation guidance for policy violations.
• Conducted a proof-of-value (PoV) assessment of Google Agentspace to evaluate its agentic AI capabilities and enterprise security considerations.
• Led proof-of-value evaluations of enterprise AI security platforms using internally developed frameworks to identify solutions for holistic AI monitoring, governance, and risk management.
• Delivered technical workshops and knowledge-sharing sessions on AWS Bedrock security, GenAI attack vectors, and mitigation strategies for engineering and security teams.

Security Tooling & Platform Integration

• Integrated AppViewX with AWS services (ACM, Private CA, EC2, ELB) to automate certificate lifecycle management and strengthen enterprise cryptographic controls.
• Collaborate with IAM, network security, security operations, and threat intelligence teams to ensure end-to-end security integration across cloud platforms.

• Conducted risk-based cloud security assessments across AWS and Azure environments.
• Reviewed cloud architectures and control implementations to ensure compliance with regulatory and internal security standards.
• Provided remediation guidance and secure configuration recommendations to DevOps and platform teams, enhancing overall security posture.
• Performed container and Kubernetes security assessments using Trivy, Dockle, Helm, and RBAC.
• Developed security documentation and reports for stakeholders, improving clarity and facilitating informed decision-making.

• Led Azure Security Center operations and security posture management activities.
• Delivered secure cloud architecture reviews and compliance assessments to ensure regulatory compliance and security best practices.
• Supported enterprise cloud security programs by implementing IAM, encryption, logging, and monitoring controls to enhance security posture.
• Developed client-facing documentation and conducted knowledge transfer sessions to facilitate client understanding and effective use of security measures.

• Developed and implemented CSPM solutions, monitoring, and alerting that significantly increased cloud risk visibility.
• Enhanced security posture management for large-scale public cloud environments (AWS, Azure, GCP) to strengthen overall security resilience.
• Collaborated with DevOps and operations teams to remediate misconfigurations and integrate security tooling with ServiceNow, streamlining operational workflows.