varunchandak (Varun Chandak) · GitHub
Skip to content
View varunchandak's full-sized avatar
🏠
Working from home
🏠
Working from home

Block or report varunchandak

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
varunchandak/README.md

Hi, I'm Varun Chandak

Cloud Security and DevSecOps leader focused on secure-by-default cloud platforms, identity governance, and automation across AWS, GCP, and Azure.

LinkedIn GitHub Blog Email

What I Work On

  • Lead Security Engineer at TripleLift, working across cloud security, platform security, identity governance, SIEM/EDR operations, and developer security workflows.
  • 10+ years across cloud, DevSecOps, Linux infrastructure, automation, and team leadership.
  • Design automated governance, access reviews, posture reporting, and compliance evidence workflows for multi-account and multi-cloud environments.
  • Build with Terraform, CloudFormation, GitHub Actions, Jenkins, Python, Bash, OIDC-based automation, and cloud-native security services.

Core Strengths

Area Focus
Cloud security AWS Security Hub, AWS Config, GuardDuty, IAM, IAM Identity Center, GCP Security Command Center, Defender for Cloud
Platform engineering Multi-account architecture, landing zones, Linux, CI/CD, observability, reliability, migration programs
Identity and SaaS Okta, Azure AD, Google Workspace, Microsoft 365, SAML, access reviews, lifecycle automation
Automation Terraform, CloudFormation, GitHub Actions, Jenkins, GitLab, Python, Bash, Slack and Google Sheets workflows
Security operations Rapid7, ELK, Azure Sentinel, endpoint inventory, vulnerability management, ticketing and response pipelines
Leadership Architecture reviews, stakeholder management, compliance enablement, team leadership, mentorship

Selected Work

  • Built an automated AWS security posture scoring and reporting system using AWS Config and Security Hub, delivering recurring compliance visibility through Slack and Google Sheets.
  • Established access review and permissions inventory workflows across AWS, GCP, Google Workspace, and GitHub to produce audit-ready evidence and reduce manual review work.
  • Implemented identity lifecycle controls reconciling Okta with downstream access platforms, including approval gates and guardrails for high-impact access changes.
  • Led DevSecOps delivery across AWS, GCP, and Azure environments, including secure landing zones, IaC patterns, governance controls, migrations, and automated patching programs.
  • Designed cloud logging and SIEM integrations for Google Workspace activity telemetry across 14+ applications.

Certifications

AWS Security Specialty, AWS DevOps Engineer Professional, AWS Solutions Architect Professional, AWS Advanced Networking Specialty, AWS SysOps Administrator Associate, AWS Developer Associate, AWS Solutions Architect Associate, Google Cloud Professional Cloud Security Engineer, Google Cloud Associate Cloud Engineer, Professional Google Workspace Administrator, Microsoft SC-900, HashiCorp Terraform Associate.

Writing

Links


Varun Chandak GitHub profile summary

Pinned Loading

  1. aws-scripts aws-scripts Public

    Collection of AWS scripts

    8 8

  2. gh-actions-version-audit gh-actions-version-audit Public

    This action scans your repository's workflows for uses: references, checks the GitHub API for each action's latest release, and reports version drift or insecure tag pinning (e.g., pinning to v1 in…

    Python 1