Summary
Overview
Work History
Education
Skills
Websites
CORE COMPETENCIES
Timeline
Generic

Sandeep Atthuluri

Bengaluru

Summary

Cloud Security Engineer with over 7 years of experience building and securing scalable cloud environments across AWS, GCP, and Azure. Proven track record of designing automated governance workflows, implementing organization-wide policies, and driving threat detection and remediation at scale. Currently contributing to high-impact security automation and posture management initiatives at Palo Alto Networks. Adept at cross-functional collaboration, with strong technical leadership in infrastructure security, compliance readiness, and operational efficiency.

Overview

8
8
years of professional experience

Work History

Staff Security Engineer

Palo Alto Networks
12.2022 - Current
  • Secured 1000+ GCP and Azure projects by implementing robust cloud posture management with Prisma Cloud and SCC.
  • Designed and deployed organization-wide GCP Org Policies to ensure baseline compliance and prevent misconfigurations.
  • Developed automated IAM approval workflows using GCP PAM, BigQuery, and Slack, enabling manager-based approvals with complete audit trails.
  • Built and maintained auto-remediation playbooks using Cortex XSOAR, responding to IAM drift, open firewall rules, and misconfigurations.
  • Integrated Slack-based actions, BigQuery logging, and escalation chains into XSOAR workflows for seamless and trackable remediation's.
  • Built threat detection models in BigQuery, ingesting into Cortex XSIAM for centralized visibility and anomaly detection.
  • Conducted periodic security reviews with development and infrastructure teams, aligning application posture with organizational standards.
  • Reduced misconfigurations-related incidents by 30% through automated policy enforcement and Slack-based feedback loops.
  • Developed automated detection rules for IAM and network misconfigurations across AWS, Azure, and GCP — covering excessive IAM privileges, open NSGs/Security Groups, and overly permissive NACLs — using Prisma Cloud, XSOAR, Cortex cloud
  • Integrated Prisma Cloud IaC Scanning into Terraform repositories to enforce secure-by-design deployments and prevent noncompliant resources during CI/CD stages.
  • Partnered with SOC and Incident Response teams to triage and contain cloud incidents using automated playbooks and native cloud services

Cloud Automation Engineer

Infor
01.2018 - Current
  • Automated infrastructure provisioning using Terraform for reusable deployment across AWS and Azure environments.
  • Led cross-account CI/CD deployments using AWS CodePipeline, IAM policies, and GitHub for streamlined secure releases.
  • Designed and monitored secure infrastructure for web SaaS solutions using EC2, RDS, API Gateway, ELB, Route 53, and CloudFront.
  • Integrated CloudCustodian to enforce real-time security compliance rules across AWS accounts.
  • Deployed and secured Docker workloads using EKS and AKS with well-defined networking, role-based access control, and audit logging.

Security Engineer

HCL
05.2022 - 12.2022
  • Implement and execute security policies across cloud environments using c7n tools.
  • Creating shell scripts and python scripts for automating the scanning processes across the organizations.
  • Developing CI/CD pipelines for deployment of scripts in phased manner using gitlab and code pipelines.
  • Working with terraform modules to automate the infrastructure deployments.
  • Conducted security audits to identify vulnerabilities.

Education

Master of Technology - Artificial Intelligence And Robotic

Andhra University
Visakapatnam
12.2017

Bachelor of Technology - CSE

GMR Institute of Technchnology
Rajam
04.2015

Skills

  • Prisma Cloud
  • AWS, GCP, Azure
  • Git
  • Python
  • Docker
  • Kubernetes
  • Terraform
  • BigQuery
  • Microsoft Azure
  • XSIAM
  • XSOAR
  • Jenkins
  • Cloud architecture design

CORE COMPETENCIES

  • Cloud Platforms: AWS, GCP, Azure
  • Security Governance: Org Policy Management, IAM Governance, ABAC, SAML, OAuth, JWT
  • Security Tools: Prisma Cloud, Cortex XSOAR, Cortex XSIAM, Security Command Center (SCC), GCP Security
  • Infrastructure as Code: Terraform, CloudFormation, ARM Templates
  • Automation & Scripting: Python, BigQuery, Slack APIs, Pub/Sub
  • CI/CD & Configuration: GitHub Actions, Jenkins, Docker, Kubernetes
  • Threat Detection & Response: GCP Security, SCC Findings, XSIAM Analytics
  • Monitoring & Remediation: Auto-remediation Playbooks, XDR Agents, Slack-Integrated Alerting
  • Cross-Functional Collaboration: Security Reviews with Engineering, Stakeholder Alignment, Training & Awareness

Timeline

Staff Security Engineer

Palo Alto Networks
12.2022 - Current

Security Engineer

HCL
05.2022 - 12.2022

Cloud Automation Engineer

Infor
01.2018 - Current

Master of Technology - Artificial Intelligence And Robotic

Andhra University

Bachelor of Technology - CSE

GMR Institute of Technchnology
Sandeep Atthuluri