cloud security engineer
MUNAGALA KARTHIK
// securing the cloud. one policy at a time.
AWS · OCI · Azure security engineer at NovaGuard. Building IAM policies, threat models, and cloud-native defenses with a background in AI/ML — thinking like an attacker, engineering like a defender.
karthik@novaguard:~$ cat specialization.txt
> IAM Policy Design | Threat Modelling | Incident Response | Python Automation
karthik@novaguard:~$ whoami cloud-security-engineer
view work get in touch
Munagala Karthik
// KARTHIK.EXE
00 //

About Me

~/about.txt — karthik@novaguard
$ cat about.txt
# -- WHO I AM ------------------------------------------------
name          =  "Munagala Karthik"
location      =  "Nellore, Andhra Pradesh, India"
role          =  "Cloud Security Engineer @ NovaGuard"
background    =  "B.Tech CSE (AI & ML) → pivoted to Cloud Security"
# -- WHAT I DO -----------------------------------------------
mission       =  "Think like an attacker. Engineer like a defender."
focus         =  ["IAM policy design", "threat modelling", "cloud automation"]
environments  =  ["AWS", "OCI", "multi-cloud"]
# -- MY STORY ------------------------------------------------
>>>
  I started in AI/ML — built CKD prediction models, studied neural
  networks, and learned Python the hard way (copy → explain → rewrite
  → break → fix). Then I discovered cloud security and realised
  my analytical mindset was built for it.
 
  At NovaGuard I design IAM policies, block AI service sprawl on OCI,
  respond to incidents, and build automation that makes security
  invisible but unbreakable.
<<<
# -- CURRENT OBJECTIVE ---------------------------------------
certification =  "AWS Security Specialty (SCS-C02)"  # in progress
goal          =  "Senior Cloud Security Engineer"
open_to       =  ["security consulting", "collaborations", "good problems"]
$ 
01 //

Technical Arsenal

AWS Services
IAMECSLambda GuardDutyCloudTrailSecurity Hub ConfigKMSWAF CloudFrontS3DynamoDB CognitoRoute 53VPC
🔷
Security Domains
IAM & Access ControlThreat Modelling CSPMIncident Response STRIDEPASTA MITRE ATT&CKCIS Benchmarks Quota Engineering
Programming & Tools
Pythonboto3 TerraformBash GitDocker SQLHTML/CSS VS CodeClaude Code
Oracle Cloud (OCI)
IAM PoliciesQuota Policies Tenancy Management Compartment Design AI Service Governance
02 //

Field Experience

NovaGuard Tech
Cloud Security Engineer
Sep 2024 — Present · Full-time
Nellore, Andhra Pradesh
novaguard.in
  • Designed and deployed OCI IAM policies (ase-oci-scp-policy-global) to enforce least-privilege and block AI service access tenancy-wide.
  • Implemented OCI quota policies restricting unauthorized AI service usage, mitigating shadow IT risk across the cloud environment.
  • Diagnosed and resolved a critical AWS ECS failure (pam-app-tunnel-preprod) — invalid encryption key in task definition revision :49 — restoring production availability.
  • Built a Python / boto3 IAM Security Audit Script to identify over-privileged users, inactive access keys, and missing MFA enforcement across AWS accounts.
  • Authored a technical blog on Attacker-Scenario Engineering (ASE) covering STRIDE, PASTA, MITRE ATT&CK, and an end-to-end AWS serverless threat modelling case study.
  • Architected and deployed Gather & Glow — a full serverless app on AWS using Lambda, DynamoDB, S3, Cognito (Google SSO + OTP), Stripe, API Gateway, and CloudFront.
  • Collaborated on cloud infrastructure hardening, security reviews, and incident response procedures.
03 //

Deployments

NOVAGUARD
PROJECT_001 // OCI
Tenancy-Wide AI Access Control
Enforced a quota + IAM policy stack to block all AI service usage tenancy-wide, protecting against unintended data exposure and shadow IT risk.
OCI IAM Quota Policies Zero Trust
PERSONAL
PROJECT_002 // PYTHON
IAM Security Audit Automation
boto3-based audit script enumerating IAM users, detecting inactive keys, flagging missing MFA, and exporting remediation findings to drive least-privilege enforcement.
Python boto3 IAM Compliance
NOVAGUARD
PROJECT_003 // AWS SERVERLESS
Gather & Glow — Event Booking App ↗
End-to-end serverless event booking application built as an internal security benchmark environment, featuring Google SSO, OTP verification, and Stripe payments.
Lambda Cognito DynamoDB CloudFront API GW
PUBLISHED
PROJECT_004 // BLOG
Attacker-Scenario Engineering (ASE)
Deep-dive technical blog covering real-world cloud attack simulations using STRIDE, PASTA, and MITRE ATT&CK. Received internal leadership recognition.
STRIDE PASTA MITRE ATT&CK AWS Serverless
ACADEMIC
PROJECT_005 // ML
CKD Prediction — 96% Accuracy
Random Forest classification model predicting Chronic Kidney Disease on Kaggle dataset using Scikit-learn and Flask, with an associated published literature survey.
Python Scikit-learn Random Forest Flask
04 //

Clearances & Training

IN PROGRESS
AWS Security Specialty
Amazon Web Services · SCS-C02
COMPLETED
AI and ML with Python
Bright Geeks Technologies
COMPLETED
AWS Cloud Fundamentals
Udemy · Stephane Maarek
COMPLETED
Web Development (HTML, CSS, JS)
edX · IBM
05 //

Origin Story

B.Tech — CSE (AI & ML)
Siddartha Institute of Science & Technology, Puttur
2021 – 2025 · Andhra Pradesh, India
AI & Machine Learning Computer Science Python SQL → Pivoted to Cloud Security
// initialize contact
Let's Connect
Open to collaborations, security consulting, and good conversations.
karthik@munagalakarthik.com in linkedin/karthik-munagala github/Karthi-blip
ONLINE
SCS-C02 IN PROGRESS
AWS · OCI · AZURE
munagalakarthik.com