Nic Gumina
Cloud Security Consultant
at Amazon Web Services (AWS)
Securing cloud infrastructure, identifying vulnerabilities, and empowering organizations to build resilient, compliant, and secure systems on AWS.
Expertise
Core Skills
A specialized skill set built at the intersection of cloud infrastructure, offensive security, and emerging technology threats.
Container & Orchestration Security
Securing container and Kubernetes ecosystems end-to-end — from hardening orchestration layers and microservices architecture to embedding security throughout the cloud-native development lifecycle.
Source Code Reviews
In-depth static analysis and manual code reviews to identify security flaws, logic errors, and insecure coding patterns at the source level.
Security Testing
End-to-end security testing across web, API, and cloud environments using industry-standard methodologies including OWASP and NIST frameworks.
Cyber Security Auditing
Thorough security audits aligned with compliance frameworks such as SOC 2, ISO 27001, CIS Benchmarks, and AWS Well-Architected security pillars.
AI/ML Penetration Testing
Specialized adversarial testing of AI and machine learning systems, including prompt injection, model inversion, data poisoning, and LLM security assessments.
Vulnerability Assessments
Systematic identification, classification, and prioritization of security vulnerabilities across cloud infrastructure, networks, and applications.
Deep dives into each area of expertise
Nic Gumina
Cloud Security Consultant · AWS
AWS
Certified
Security
Expert
About Nic
Securing the Cloud
Nic Gumina has been in the InfoSec realm of the professional world for over 10 years. He's a Cloud Security Consultant at Amazon Web Services (AWS), based in the Detroit Metropolitan Area. Passionate about all things security, Nic has a particular focus on containers and helping organizations build secure, scalable cloud infrastructure. With a deep understanding of the AWS ecosystem, he works alongside enterprise teams to identify vulnerabilities, implement best practices, and strengthen their overall security posture.
Nic is also an active contributor to the broader cloud security community. He has co-authored technical content on the AWS Partner Network Blog, tackling real-world challenges such as secret sprawl, where unmanaged secrets proliferate across development environments, source code repositories, and infrastructure components, creating security vulnerabilities and compliance risks. Whether advising clients or sharing knowledge through published work, Nic is dedicated to making cloud environments safer for organizations of all sizes.
Knowledge Sharing
Webinars & Talks
Nic's cloud security expertise through webinars, panels, and published content with the broader security community.
AWS Security Deep Dive
An in-depth walkthrough of AWS security best practices, threat modeling, and real-world attack scenarios on cloud infrastructure.
Watch on YouTube→Zero Trust for Agentic AI
Exploring Zero Trust architecture principles applied to agentic AI systems with IBM, HashiCorp, and AWS experts.
View Webinar→Strengthen AWS Infrastructure Security with Sentinel in Terraform
Learn how to enforce security policies and strengthen AWS infrastructure security using HashiCorp Sentinel within Terraform workflows.
View Webinar→Prevent Secret Sprawl with HCP Vault Radar
A deep dive into preventing secret sprawl across cloud environments using HashiCorp Vault Radar on AWS, published on the AWS Partner Network blog.
View Webinar→Let's Connect
Reach Out to Me
Whether you're looking to strengthen your cloud security posture, schedule a security assessment, or simply want to connect — I'd love to hear from you.
Connect on LinkedIn
The best way to reach me is through LinkedIn. Send a connection request or a direct message and I'll get back to you promptly.
View LinkedIn Profilelinkedin.com/in/nic-gumina