About Me

Sunil Kumar

Security Engineer @ Porch Group

Jaipur, Rajasthan, India

Summary

I’m a passionate Security Engineer with 4+ years of experience in DevSecOps, Incident Response, Cloud Security (AWS, GCP, Azure), and Security Automation. I specialize in building scalable security programs, integrating security into CI/CD, and designing advanced detection mechanisms for multi-cloud infrastructure. Currently at Porch Group, I’ve implemented ASPM, SIEM/SOAR, threat detection pipelines, and PCI-DSS aligned security programs across AWS/GCP/Azure environments.

Contact

Email: sunil@tharvid.in

LinkedIn: www.linkedin.com/in/tharvid

Top Skills

• Cloud Security
• DevSecOps
• Security Automation

Key Skills

• Cloud: AWS, GCP, Azure
• Security Domains: Threat Detection, Incident Response, SIEM/SOAR, PCI-DSS, Compliance, Data Security
• DevSecOps: SAST, DAST, SCA, Secrets Scanning, IaC (Checkov, KICS), Container Scanning, ASPM, API fuzzing
• Programming: Python, Bash, Google Apps Script
• Tools: Jenkins, Docker, Kubernetes, GitHub/GitLab, OWASP ZAP, Trivy, Semgrep, Gitleaks, DefectDojo, Terraform
• Others: CrowdStrike, Chronicle, Coralogix, Okta, Azure AD, Cloudflare, WAF, GuardDuty, Macie, Inspector

Certifications

• AWS Certified Security - Specialty
• Google Professional Cloud Security Engineer
• CompTIA Security+
• Microsoft 365: Security Administrator Associate
• AWS Certified Cloud Practitioner

Publications

• Artificial Intelligence in Indian Irrigation
• Fuzzing REST APIs for Bugs: An Empirical Analysis

Experience

Porch Group
Security Engineer (June 2024 – Present)

• Built CI/CD-integrated DevSecOps pipelines with ASPM, SAST, DAST, IaC, container scans.
• Implemented SIEM from scratch with 50+ sources and custom correlation rules.
• Built automation for vulnerability triage integrated with Jira and DefectDojo.
• Developed Lambda/GCP Function-based workflows for threat intel and incident response.

Acko General Insurance
Security Engineer (Aug 2021 – Jun 2024)

• Secured cloud workloads using AWS GuardDuty, Config, Inspector, CloudTrail, and Macie.
• Implemented internal phishing simulation, custom risk assessment engine, DNS blocker.
• Led DevSecOps tooling integration (SAST, SCA, container security, secrets scanning).
• Ran internal red teaming, incident response, and vulnerability management efforts.

Celebal Technologies
Cloud Infra & Security Associate (Feb 2021 – Jul 2021)

• Worked on Microsoft 365 Security, Azure AD, DLP, Conditional Access, Threat Management.
• Managed client IAM requirements and policy enforcement in cloud apps.

CDAC ATC Jaipur
Cybersecurity Trainee (May 2020 – Jul 2020)

Education

Government Engineering College, Ajmer
B.Tech, Computer Science (2018 – 2022)

Gurukripa Career Institute
PCMB (2016 – 2017)