SHEETAL VERMA

Cloud Security Engineer

Jio Platforms Limited

12.2023 - Current

Built multi-cloud asset inventory pipelines (Azure, AWS, GCP), forwarding to SOC's central tool for unified ownership visibility; applied jq, JSON, and KQL to normalize and query asset data.
Implemented Cross-Tenant Secret-Free Trust using Federated Identity Credentials, enabling secure authentication across tenants and reducing reliance on static secrets.
Automated Identity Firewall scanning with systemd services and batch scripts, accelerating CnC exposure detection and compliance reporting.
Automated OS log ingestion from all VMs using Azure Policy and Azure Monitor Private Link Scope (AMPLS), ensuring secure, private, and consistent onboarding without internet exposure.
Reduced Azure cloud logging costs by 75% through OS-level log filtering, optimized retention, and decommissioning idle VMs, achieving 20% overall cloud cost savings.
Integrated GCP Security Command Center (SCC) findings with Microsoft Sentinel, leveraging Pub/Sub pipelines and Workload Identity Federation for secure multi-cloud ingestion.
Developed Sentinel Analytic Rules and Logic Apps Playbooks for anomalous sign-ins, missing logs, and high-risk activities, enhancing SOC detection & response workflows.
Designed Azure Data Explorer (ADX) pipelines for high-volume log queries, improving query performance and cutting Sentinel query costs significantly.
Designed and deployed a custom secure SFTP solution with enforced one-way upload and one-way download, enabling safe transfer of large files in a network-segregated environment; migrated backend from CentOS → RHEL, integrated NGINX reverse proxy + SSL + WAF policies, and authored SOPs for standardized deployments.
Automated Azure VM start/stop scripts to save costs, integrating schedules with governance policies for consistent lifecycle management.
Conducted GCP IAM audits across organization, folder, and project levels, identifying excessive privileges and creating SOPs for remediation to enforce least privilege access.
Collaborated with SOC, Cloud, and DevOps teams to standardize secure resource onboarding, improve monitoring automation, and align deployments with Zero Trust, CIS Benchmarks, and InfoSec standards.