Samriddhi

Information Security Engineer

MS Cybersecurity, Northeastern · ex-KPMG · ex-Ericsson · Built an AI-cloud security framework · Open to what's next

View My Work Get In Touch

About Me

Cybersecurity Professional with Proven Impact

I'm a cybersecurity professional with 3+ years of experience across IAM, SIEM operations, and cloud security. Currently at Guardian's Embrace, I serve as a trusted technical advisor to nonprofit clients, evaluating security platforms and building automation workflows using Splunk and Python. Previously at KPMG, I specialized in enterprise IAM and threat detection.

My expertise spans SOC operations, GRC frameworks, and AI security. I built KAICSF - an enterprise AI-cloud security framework with 30+ KPIs aligned with NIST AI RMF, ISO 27001, and OWASP LLM Top 10, validated through a HIPAA-compliant healthcare use case.

Certifications: AWS Certified Cloud Practitioner · CompTIA Security+ · Google Cybersecurity

Technical Expertise

Security Tools

Splunk (SIEM) SailPoint Saviynt ServiceNow Metasploit Wireshark Snort Nmap

Cloud & DevSecOps

AWS (IAM, EC2, S3) Docker Kubernetes CI/CD Pipelines Python Bash PowerShell

Frameworks & GRC

MITRE ATT&CK Zero Trust NIST 800-53 ISO 27001 OWASP Top 10 SOX Compliance HIPAA

Programming & Development

Python Java C/C++ SQL HTML/CSS JavaScript Linux Windows

Professional Experience

Information Security Engineer
Guardian's Embrace
Aug 2025 – Present
Serve as a trusted technical advisor to ministry and nonprofit clients, evaluating enterprise security platforms (SIEM, IDS/IPS, EDR) against each organization's operational requirements.
Deliver security architecture recommendations and technical briefings to client leadership, translating complex security requirements into actionable compliance roadmaps.
Build dashboards and Python-based automation workflows to accelerate incident response and compliance reporting.
Graduate Teaching Assistant
Northeastern University
Jan 2025 – May 2025
Mentored 40+ graduate students in Information Systems Forensics, facilitating hands-on labs in digital evidence acquisition and analysis.
Instructed students on forensic tools including Autopsy and FTK Imager, covering memory forensics, network analysis, and chain-of-custody reporting.
Designed breach simulations using the MITRE ATT&CK framework to reinforce incident response methodology.
Cybersecurity Analyst
KPMG
Jan 2022 – Aug 2023
Deployed IAM infrastructure for 10,000+ users by implementing SailPoint IIQ and Saviynt with automated RBAC, SoD policies, and JML workflows, reducing provisioning time from 3 days to same-day.
Engineered Python automation scripts integrating Splunk SIEM with ServiceNow and Jira, improving Mean Time to Detect (MTTD) by 25% through automated correlation rules and ticket generation.
Eliminated critical audit findings by implementing automated access reviews, SoD policy enforcement, and SOX certification campaigns across multiple enterprise clients.
Onboarded 15+ applications into SailPoint IIQ via JDBC, Delimited File, and Logiplex connectors, designing custom workflows to enforce identity lifecycle management.
Software Development Engineer
Ericsson
Apr 2021 – Dec 2021
Reduced deployment vulnerabilities by implementing secure coding standards, TDD, and OWASP remediation in production GUI systems for telecom infrastructure.
Achieved 95% user satisfaction through code reviews and compliance-focused usability testing.

Featured Projects

Kaisura AI-Cloud Security Framework
Enterprise AI Risk Management

Developed an enterprise-grade framework addressing AI-cloud risks using 30+ KPIs and aligned with NIST AI RMF, ISO 27001, and OWASP LLM Top 10. Integrated Zero Trust and DevSecOps principles validated through a HIPAA-compliant healthcare use case.

NIST AI RMF ISO 27001 Zero Trust DevSecOps AI Security HIPAA
GitHub
Advanced Penetration Testing Suite
Ethical Hacking & Security Assessment

Comprehensive penetration testing exercises featuring brute-force attacks with Hydra, SMB and SSH exploitation using Metasploit, and metadata analysis with ExifTool. Includes a reconnaissance case study on a real-world organization using 9 OSINT tools.

Metasploit Hydra ExifTool OSINT Kali Linux
GitHub
Network Defense System
IDS/IPS Implementation

Configured IPFire firewall and Snort IDS to detect and block TCP SYN flood attacks using hping3. Enhanced real-time threat response capabilities and demonstrated network security defense mechanisms against DoS attacks.

Snort IDS IPFire Network Security DoS Mitigation Firewall Rules
GitHub
AWS Infrastructure Risk Analysis
Critical Infrastructure · Network Topology Modeling

Modeled 14 AWS US data centers as a network graph using MBRA methodology. Calculated spectral radius of 3.22, identified US-East-1 and US-West-2 as critical nodes via betweenness centrality, and determined cascading failure threshold at 19.8% node vulnerability.

MBRA Python Network Analysis Fault Tree Analysis Critical Infrastructure
Read Article

Let's Connect

Open to Opportunities

I work at the intersection of cybersecurity and AI, specifically in AI governance, risk, and compliance. I'm actively exploring roles in AI security, IAM, and cloud security where I can apply my experience building security frameworks, driving compliance initiatives, and securing cloud-hosted systems.

Feel free to reach out through any of the channels.

Email
samriddhi0509@gmail.com
LinkedIn
linkedin.com/in/samriddhi5
GitHub
github.com/Samriddhi5
Medium
medium.com/@samriddhi5