namaste, I'm

Raj Singh

Enterprise Security Engineer — Hudson River Trading

Building secure systems at the intersection of finance and technology.

About Me

I'm a security engineer with a passion for building and defending complex systems at scale. Currently at Hudson River Trading, I focus on enterprise security — protecting the infrastructure that powers one of the world's most sophisticated trading firms.

My journey spans cloud security across AWS and GCP, threat modelling, architecture review, and building security tooling from the ground up. I've embedded security into products at AWS, architected secure cloud platforms at Goldman Sachs, and built detection and remediation frameworks at Millennium Management.

I hold a Master's in Information Security from Carnegie Mellon University and a BS in Computer Science from New Mexico Tech. When I'm not hardening systems, you'll find me mentoring engineers, writing about security, and exploring the ever-evolving threat landscape.

Location New York, NY

Education Carnegie Mellon (MS) · NM Tech (BS)

Focus Enterprise & Cloud Security

Languages English · Hindi

Experience

Hudson River Trading

Enterprise Security Engineer

Present

Mysterious and important security work within enterprise technology.

Amazon Web Services

Security Engineer

2023 – 2024

Trusted security voice delivering end-to-end security reviews for 7 AWS services across industry segments.
Led design review, threat modelling, architecture review, code review, and pentest finding mitigation at scale.
Created golden-path documents solving ambiguous security problems; mentored engineers across teams.

Goldman Sachs

Security Architect (Associate)

2022 – 2023

Security advisor for the firm's fully managed continuous delivery service for AWS infrastructure.
Wrote 100+ CDK test cases validating platform security guardrails; performed threat modelling at scale.
Performed architecture reviews for production workloads across the firm (AWS native and hybrid).

Millennium Management

Cloud Security Engineer

2020 – 2022

Enabled AWS services across 100s of accounts — security evaluation, SCP management, CI/CD policy deployment.
Code owner of the org's AWS detection/notification/remediation framework (Python).
Implemented 50+ GCP security controls via Terraform; managed Hashicorp Vault platform.
Deployed CSPM tooling, coordinated penetration tests, and cross-trained security teams.

Skills & Expertise

Cloud Security

AWS IAMS3VPCKMS Organizations / SCPLambdaGuardDuty Security HubGCP Org Policies VPC Service ControlsCloud Logging

Security Practice

Threat ModellingMITRE ATT&CKSTRIDE NIST RMF / CSFOCTAVE FORTEFAIR Architecture ReviewPenetration Testing Incident Response

Engineering

PythonTerraform / HCLAWS CDK TypeScriptCJavaSQL GitLinuxHashicorp Vault

Tools

MetasploitWiresharknmap NessustcpdumpELK Stack Redis

Projects

US Army NETCOM Capstone

Automated pipeline for ingesting, analyzing, and visualizing threat intelligence data from Symantec. Built with Python, Redis, and graph-based analysis.

CMU · 2020

SSH Honeypot

Deployed a publicly visible SSH honeypot on Raspberry Pi. Analyzed packet data and system logs to profile attack vectors and attacker demographics.

Research · 2020

Cyber 9/12 Strategy Challenge

Represented Carnegie Mellon in a national cyber policy strategy challenge. Wrote policy briefs and delivered presentations in crisis simulations.

Competition · 2019

Academic Papers

Co-authored analysis of First American's data leak (OCTAVE Forte / NIST 800-53). Authored comparative study of NIST RMF and FAIR frameworks.

Research · 2019