Executive Briefing

Nimi Kuriakose

Security Project Manager - Bridging Engineering, Support, and Security

Nimi Kuriakose is a Security Project Manager bridging engineering execution, enterprise security, compliance, and cloud infrastructure strategy.

Remote / Hybrid | 10+ Years Exp. | EVALUATING OPPORTUNITIES

LinkedIn profile

Executive Summary

Tech-forward Project Manager specializing in Cloud Infrastructure & Security.

Translating high-level business requirements into actionable engineering sprints.

Focus areas: Risk mitigation, workflow automation, and scaling Agile methodologies across enterprise teams.

Definition of Done

  • End-to-end management of complex cloud security initiatives.
  • Advanced proficiency in Agile, Jira, and Salesforce ecosystems.
  • Seamless coordination of compliance audits and risk remediation.
  • Aligning C-suite strategy with engineering execution.

Experience

Security Project Manager at Employ

v2025.01 - Present | Security Patch, Metric, Infrastructure

  • Planned and executed the rollout of Rapid7 and Cobalt integrations into core products for real-time monitoring and penetration testing.
  • Supported AWS, GCP, Azure assets, and user endpoints while leading SOC 2 Type II, ISO 27001, GRC, and GDPR/CCPA audit work.
  • Coordinated DevOps and Engineering remediation of critical security vulnerabilities.
  • Developed and managed a robust vendor risk assessment framework.

Trust and Safety Specialist at Amazon Web Services

v2020.08 - 2025.01 | Feature Shipped, Process Update

  • Developed and maintained escalation processes and SOPs to exceed SLAs.
  • Managed escalated Tier 3 incidents using internal ticketing systems.
  • Reviewed abuse reports, conducted root cause analysis, and suggested architectural changes.
  • Served as interim manager for 14 weeks and project manager for 5+ projects.

Virtual Customer Service Associate at Amazon

v2019.01 - 2020.08 | Metric, Support

  • Investigated and resolved customer issues while meeting target KPIs.
  • Maintained a 99% positive customer experience score.

Senior Technical Support Associate at Tech Mahindra Limited

v2018.01 - 2018.12 | Infrastructure, Optimization

  • Provided technical support and network engineering for a US-based Fortune 50 client.
  • Identified and improved 3 escalation processes using advanced analytical and troubleshooting strategies.

Trainee Information Security Associate at SecuArk Private Limited

v2017.01 - 2018.01 | Security Patch, Feature Shipped

  • Conducted Vulnerability Assessment and Penetration Testing across application and network environments.
  • Designed, developed, and supported implementation of 5+ project-specific security solutions.

Support Consultant at Open Destinations Infotech. Pvt. Ltd

v2016.01 - 2017.01 | Support, Metric

  • Handled client escalations related to new releases and created incident impact documents.
  • Managed a portfolio of key accounts across onboarding, product training, and quarterly business reviews.

Projects

SEC-101: Cloud Security Posture Management

Epic | 8 points

Deployed automated compliance checks across AWS, GCP, and Azure using Terraform and customized security rules. Remediation workflows reduced vulnerabilities by 80% within 3 months.

SEC-102: Enterprise Identity Migration

Task | 5 points

Managing the migration of 10,000+ internal user accounts from legacy Active Directory to Okta. Integrating SSO for 50+ critical internal applications.

SEC-103: Kubernetes Cluster Hardening

Story | 3 points

Implemented network policies, RBAC tuning, and container vulnerability scanning in CI/CD pipeline. Achieved CIS benchmark compliance score of 98%.

In Progress

  • SEC-106: Automate ISO 27001 Evidence Collection (60% complete)

Backlog

  • SEC-104: Implement Zero Trust Architecture v2
  • SEC-105: Vendor Risk Assessment Overhaul

Impact Metrics

  • Budget Managed: $1M+ - Delivered under budget
  • Sprint Velocity: +24% YoY - Optimization across 5 enterprise teams
  • Compliance & Risk: 100% - SOC2/ISO27001 audit pass rate
  • Uptime/Deployment: 99.99% - Zero-downtime migrations/deployments

Methodology

  • Phase 1: Discovery & Risk Assessment: Scoping, stakeholder alignment, threat modeling.
  • Phase 2: Sprint Planning: Resource allocation, Jira backlog grooming, capacity planning.
  • Phase 3: Execution & Unblocking: Daily standups, cross-functional syncing, risk mitigation.
  • Phase 4: Retrospective & Documentation: Post-mortems, Confluence updates, continuous improvement.

Skills

  • AWS Infrastructure - EXPERT (Cloud)
  • ISO 27001 & SOC 2 - CERTIFIED (Compliance)
  • NIST CSF 2.0 - EXPERT (Compliance)
  • Rapid7 / Sentinel One - INTEGRATED (Security)
  • Cobalt Penetration Testing - EXPERT (Security)
  • Jira & Agile Methodologies - SCRUM MASTER (Project Mgmt)
  • Vendor Risk Assessment - EXPERT (Risk Mgmt)
  • Incident Response (Tier 3) - EXPERT (Operations)

Testimonials

Nimi's ability to translate complex SOC2 compliance requirements into digestible engineering sprints saved our Q3 roadmap.

VP_of_Engineering - Approved

Finally, a PM who actually understands cloud architecture. Unblocked our GCP migration in record time.

Lead_Security_Architect - LGTM

Contact