Security Specialist @ AWS ยท Cloud Security ยท Dublin ๐ฎ๐ช
Helping secure the cloud, one key at a time.
I'm a Security Specialist at AWS based in Dublin, Ireland, originally from Rosario, Argentina. My work focuses on cloud security, threat detection, IAM, incident response, security automation, and DDoS resiliency. Lately I've been exploring the intersection of AI and security, from building GenAI-powered solutions to leveraging Claude for security workflows. I'm passionate about building secure-by-default architectures and sharing what I learn through whitepapers, blog posts, and conference talks.
- IAM security hardening and access key risk assessment
- Threat detection and remediation strategies for cloud environments
- Incident response playbooks and forensic analysis in AWS
- Security automation to scale protection across accounts and services
- DDoS resiliency architectures using AWS Shield, WAF, and CloudFront
- Built production LLM-powered tools using Anthropic Claude via Amazon Bedrock โ automation that analyzes complex data sets and generates actionable insights.
- Using Amazon Kiro for spec-driven development โ built the aws-iam-access-keys-risk-assessment and aws-root-account-review tools with Kiro's structured approach to AI-assisted coding
- Developing with Claude Code and VSCode + Claude for day-to-day AI-assisted development workflows
- Designing GenAI security architectures โ model selection, context engineering, output evaluation, and security guardrails for AI workloads
- Driving AI/ML security best practices at AWS โ Amazon Bedrock secure deployment, Amazon Q security, and GenAI workload protection
- ๐ Preparing for Claude Certified Architect - Foundations (May 2026)
- aws-root-account-review โ Organization-wide root user security posture evaluation with 40+ checks across 10 categories, aligned with CIS Benchmark v5.0.0 ยท Python
- aws-cis-controls-assessment โ Security framework for evaluating AWS accounts against CIS Controls v8.1 (IG1/IG2/IG3) with 199 assessment rules ยท Python
- aws-iam-access-keys-risk-assessment โ Security assessment tool for AWS IAM access keys risk evaluation ยท Python ยท
- aws-threat-detection-summit โ Resources from AWS Summit threat detection talk ยท
- abac-policies-for-ec2-instances-and-ssm-session-manager โ ABAC policy configuration for EC2 and SSM Session Manager ยท Python
- cloud-trail-lake-query-samples โ Sample queries for AWS CloudTrail Lake (fork)
- DoVPN โ Automated OpenVPN deployment using Docker ยท Shell ยท
- AWS Breaking Barriers Challenge 2026 โ ๐ฅ Hackathon Winner, Dublin ยท Jan 2026 Won the AI-focused hackathon at the AWS Breaking Barriers Challenge. Teamed up with Rehab Group to build an AI-enabled care platform providing real-time, personalized support to vulnerable individuals across Ireland. Rehab Group was awarded a โฌ100,000 AWS Imagine Grant to bring the solution to production. Judged by Jeff Barr (VP, Chief Evangelist) and other AWS leaders.
- Anthropic Claude in Amazon Bedrock (Sep 2025)
- AWS Certified Machine Learning Engineer - Associate (May 2026)
- AWS Certified Security - Specialty (Aug 2024, expires Aug 2030)
- AWS Certified Solutions Architect - Associate (Nov 2018, expired)
- ISC2 CISSP - Certified Information Systems Security Professional (Feb 2009)
- MTCNA MikroTik Certified Network Associate (Nov 2011)
- ๐ Secure Content Delivery with Amazon CloudFront โ AWS Whitepaper, Apr 2024
- ๐ Four use cases for GuardDuty Malware Protection On-demand malware scan โ AWS Security Blog, Dec 2023
- ๐ Investigate security events by using AWS CloudTrail Lake advanced queries โ AWS Security Blog, Apr 2023
- ๐ AWS Best Practices for DDoS Resiliency โ AWS Whitepaper, Apr 2022
- ๐ Configure AWS SSO ABAC for EC2 instances and Systems Manager Session Manager โ AWS Security Blog, Jan 2022
- ๐ Using ACM Private Certificate Authority in a multi-account environment by using IAM roles โ AWS Security Blog, Jul 2020
- ๐ Configure Session Manager access for federated users using SAML session tags โ AWS Management & Governance Blog, Jul 2020
- Lessons learned from DDoS: Insights from AWS SRT escalations โ AWS re:Invent 2024, Dec 2024
Chalk Talk ยท Security, Compliance & Identity track ยท 86.2% capacity ยท Speaker rating 4.48/5
- ๐ Slides (PDF)
- Lessons learned from DDoS: Insights from AWS SRT escalations โ AWS re:Inforce 2024, Jun 2024
Chalk Talk ยท Network & Infrastructure Security track ยท Full capacity ยท Speaker rating 4.7/5
- ๐ Slides (PDF)
- Threat detection & remediation in the Cloud โ AWS Summit London 2022, Apr 2022
๐ Dublin, Ireland ๐ฎ๐ช
๐ผ Currently: Security Specialist @ AWS