Nisha P. McDonnell

About Me

I'm a multi-cloud Engineer skilled in both AWS and Azure, supporting cloud infrastructure in regulated environments. My background spans network engineering, cloud security, GRC, and infrastructure automation -- with a current focus on building secure, compliant infrastructure using OpenTofu/Terraform, Python/boto3, and GitHub Actions CI/CD pipelines.

I bring a strong compliance foundation to everything I build. My background in RMF authorization, NIST 800-53, and FedRAMP shapes how I approach infrastructure as code -- security controls aren't an afterthought, they're baked into the pipeline from day one. I hold a CISSP alongside AWS and Azure certifications, and I'm currently pursuing AWS Security Specialty Certification.

I'm also passionate about giving back -- I mentor aspiring security professionals through the WiCyS Professional Mentorship Program, helping others navigate their path into cloud and cybersecurity.

Skills & Expertise

Cloud Platforms

AWS (SAA Certified) Azure (Administrator) Regulated Cloud Environments

Infrastructure as Code

OpenTofu Terraform CloudFormation Ansible

Security & Compliance

NIST 800-53 FedRAMP RMF DISA STIGs CIS Controls POA&M Management

DevSecOps & CI/CD

GitHub Actions Python / boto3 Bash PowerShell Checkov

AWS Services

GuardDuty Security Hub AWS Config CloudTrail IAM SSM

Tools

Splunk Nessus / ACAS eMASS CrowdStrike

Featured Projects

AWS Security Hardening Checklist

Interactive security checklist covering 16 domains and 140+ controls aligned to NIST 800-53 and CIS AWS Foundations Benchmark. Built as a free community tool.

ReactAstroNIST 800-53CIS Benchmark

16 domains including IAM, Governance, EKS, Backup, and Vulnerability Management
Collapsible sidebar groups with per-section progress tracking
Search, filter, and localStorage persistence

Compliance-as-Code Pipeline

Terraform + Checkov pipeline with GitHub Actions that enforces NIST 800-53 controls as code. Built for a GRC Engineering Club live session with a Python findings parser and security gate logic.

TerraformCheckovGitHub ActionsPythonNIST 800-53

Misconfigured Terraform module with automated detection and blocking
Python parser maps Checkov findings to NIST 800-53 control families
Artifact upload and security gate blocks merge on critical findings

AWS Security Posture Checker

Python/boto3 tool that audits EC2 inventory and S3 bucket configurations for common security misconfigurations and generates a structured findings report.

Pythonboto3EC2S3

EC2 inventory with IMDSv1 exposure and public IP detection
S3 audit for public access, encryption, and logging gaps
Structured JSON output for downstream reporting

Container Security Scanning Pipeline

GitHub Actions pipeline that integrates Trivy container image scanning into the CI/CD workflow, blocking deployments on Critical or High CVEs with structured findings output.

GitHub ActionsTrivyDockerECR

Automated vulnerability scanning on every pull request
Severity-gated deployment blocking on Critical/High findings
SARIF output for GitHub Security tab integration

AWS Config Auto-Remediation

Serverless auto-remediation system using AWS Config rules, EventBridge, and Lambda to detect and automatically fix common compliance violations in near real time.

AWS ConfigLambdaEventBridgePython

Detects and remediates world-open SSH/RDP Security Groups automatically
EventBridge triggers Lambda on Config rule non-compliance events
CloudTrail audit trail for all automated remediation actions

Certifications

🛡️

CISSP

Certified Information Systems Security Professional

🏰

GIAC GDSA

GIAC Defensible Security Architecture

☁️

AWS SAA

AWS Solutions Architect Associate

☁️

Azure Administrator

Microsoft Certified: Azure Administrator Associate

🌐

Azure Network Engineer

Microsoft Certified: Azure Network Engineer Associate

🌐

CCNA

Cisco Certified Network Associate

🔐

Security+

CompTIA Security+

🔍

CySA+

CompTIA Cybersecurity Analyst

⚔️

CEH

Certified Ethical Hacker

🎯

eJPT

eLearnSecurity Junior Penetration Tester