# Nimi Kuriakose

> Nimi Kuriakose is a Security Project Manager bridging engineering execution, enterprise security, compliance, and cloud infrastructure strategy.

Nimi Kuriakose is a Security Project Manager focused on cloud security, compliance, risk remediation, and engineering execution.

## Profile

- Role: Security Project Manager
- Location: Remote / Hybrid
- Experience: 10+ Years Exp.
- Status: EVALUATING OPPORTUNITIES
- LinkedIn: https://www.linkedin.com/in/nimik

## Executive Summary

Tech-forward Project Manager specializing in Cloud Infrastructure & Security.
Translating high-level business requirements into actionable engineering sprints.
Focus areas: Risk mitigation, workflow automation, and scaling Agile methodologies across enterprise teams.

## Definition of Done

- End-to-end management of complex cloud security initiatives.
- Advanced proficiency in Agile, Jira, and Salesforce ecosystems.
- Seamless coordination of compliance audits and risk remediation.
- Aligning C-suite strategy with engineering execution.

## Experience

### Security Project Manager, Employ

- Period: v2025.01 - Present
- Focus: Security Patch, Metric, Infrastructure
- Planned and executed the rollout of Rapid7 and Cobalt integrations into core products for real-time monitoring and penetration testing.
- Supported AWS, GCP, Azure assets, and user endpoints while leading SOC 2 Type II, ISO 27001, GRC, and GDPR/CCPA audit work.
- Coordinated DevOps and Engineering remediation of critical security vulnerabilities.
- Developed and managed a robust vendor risk assessment framework.

### Trust and Safety Specialist, Amazon Web Services

- Period: v2020.08 - 2025.01
- Focus: Feature Shipped, Process Update
- Developed and maintained escalation processes and SOPs to exceed SLAs.
- Managed escalated Tier 3 incidents using internal ticketing systems.
- Reviewed abuse reports, conducted root cause analysis, and suggested architectural changes.
- Served as interim manager for 14 weeks and project manager for 5+ projects.

### Virtual Customer Service Associate, Amazon

- Period: v2019.01 - 2020.08
- Focus: Metric, Support
- Investigated and resolved customer issues while meeting target KPIs.
- Maintained a 99% positive customer experience score.

### Senior Technical Support Associate, Tech Mahindra Limited

- Period: v2018.01 - 2018.12
- Focus: Infrastructure, Optimization
- Provided technical support and network engineering for a US-based Fortune 50 client.
- Identified and improved 3 escalation processes using advanced analytical and troubleshooting strategies.

### Trainee Information Security Associate, SecuArk Private Limited

- Period: v2017.01 - 2018.01
- Focus: Security Patch, Feature Shipped
- Conducted Vulnerability Assessment and Penetration Testing across application and network environments.
- Designed, developed, and supported implementation of 5+ project-specific security solutions.

### Support Consultant, Open Destinations Infotech. Pvt. Ltd

- Period: v2016.01 - 2017.01
- Focus: Support, Metric
- Handled client escalations related to new releases and created incident impact documents.
- Managed a portfolio of key accounts across onboarding, product training, and quarterly business reviews.

## Projects

### SEC-101: Cloud Security Posture Management

- Type: Epic
- Points: 8
- Deployed automated compliance checks across AWS, GCP, and Azure using Terraform and customized security rules. Remediation workflows reduced vulnerabilities by 80% within 3 months.

### SEC-102: Enterprise Identity Migration

- Type: Task
- Points: 5
- Managing the migration of 10,000+ internal user accounts from legacy Active Directory to Okta. Integrating SSO for 50+ critical internal applications.

### SEC-103: Kubernetes Cluster Hardening

- Type: Story
- Points: 3
- Implemented network policies, RBAC tuning, and container vulnerability scanning in CI/CD pipeline. Achieved CIS benchmark compliance score of 98%.

### In Progress

- SEC-106: Automate ISO 27001 Evidence Collection (60% complete)

### Backlog

- SEC-104: Implement Zero Trust Architecture v2
- SEC-105: Vendor Risk Assessment Overhaul

## Impact Metrics

- Budget Managed: $1M+ - Delivered under budget
- Sprint Velocity: +24% YoY - Optimization across 5 enterprise teams
- Compliance & Risk: 100% - SOC2/ISO27001 audit pass rate
- Uptime/Deployment: 99.99% - Zero-downtime migrations/deployments

## Methodology

- Phase 1: Discovery & Risk Assessment: Scoping, stakeholder alignment, threat modeling.
- Phase 2: Sprint Planning: Resource allocation, Jira backlog grooming, capacity planning.
- Phase 3: Execution & Unblocking: Daily standups, cross-functional syncing, risk mitigation.
- Phase 4: Retrospective & Documentation: Post-mortems, Confluence updates, continuous improvement.

## Skills

- AWS Infrastructure: EXPERT (Cloud)
- ISO 27001 & SOC 2: CERTIFIED (Compliance)
- NIST CSF 2.0: EXPERT (Compliance)
- Rapid7 / Sentinel One: INTEGRATED (Security)
- Cobalt Penetration Testing: EXPERT (Security)
- Jira & Agile Methodologies: SCRUM MASTER (Project Mgmt)
- Vendor Risk Assessment: EXPERT (Risk Mgmt)
- Incident Response (Tier 3): EXPERT (Operations)

## Testimonials

- VP_of_Engineering: Nimi's ability to translate complex SOC2 compliance requirements into digestible engineering sprints saved our Q3 roadmap. (Approved)
- Lead_Security_Architect: Finally, a PM who actually understands cloud architecture. Unblocked our GCP migration in record time. (LGTM)

## Contact

Use the contact form on https://nimikuriakose.com/#contact to create a portfolio inquiry ticket.