Mario Lunato

Mario Lunato

DevSecOps · Cloud Security · GRC

OneUpSec is the personal site of Mario Lunato — a DevSecOps, cloud security, and GRC engineer with 10+ years of experience across national security, public sector, and private industry. I design, build, and operate secure cloud platforms, automated delivery pipelines, and compliance frameworks at scale from CI/CD security gates to continuous ATO programs and FedRAMP authorization.

This site is where I write about cloud security, DevSecOps, GRC Engineering, AI, and whatever else I find interesting.

Work Experience

Aquia

Cloud Security Engineer / DevSecOps Technical Lead

Aquia Inc. February 2022 — Present

Leading a team of 5 engineers delivering a continuous Authority to Operate (cATO) program for a federal civilian agency. Architected the end-to-end cloud automation framework integrating AWS security services with GRC tooling, reducing time-to-ATO by ~40% and automating 30%+ of compliance evidence generation. Engineered reusable CI/CD security gates, hardened multi-tenant Kubernetes clusters on Platform One, and served as ISSO for FedRAMP systems.

DevSecOps AWS Kubernetes CI/CD FedRAMP cATO Terraform
Quzara

Cloud Security Analyst

Quzara LLC September 2021 — February 2022

Conducted security assessments of cloud applications, designed AWS security architectures for regulated environments, and prepared customer systems for FedRAMP audits. Authored Security Assessment Reports and standardized evaluation templates across engagements.

Cloud Security FedRAMP AWS Security Assessments
ByteChek

Cloud Security Engineer / Analyst

ByteChek Assurance March 2021 — September 2021

Built centralized monitoring and alerting systems using AWS CloudWatch and SNS, integrated SonarQube into CI/CD pipelines, and deployed infrastructure as code with CloudFormation. Defined threat defense controls and built enterprise compliance frameworks that streamlined audit preparation across multiple client engagements.

CloudFormation SonarQube CI/CD Compliance
USAF

Cyber Systems Supervisor / SCOM SME

United States Air Force — Air Force Academy, CO September 2019 — September 2021

Team lead and subject matter expert for SCOM operations, monitoring 20 mission-critical servers at 99.9% uptime. Administered Windows Server environments and 50+ VMware VMs supporting 4,000+ cadets and 20,000+ personnel while enforcing DoD patching and STIG hardening requirements.

SCOM Windows Server VMware DoD STIG
USAF

Cyber Systems Operator

United States Air Force — Offutt AFB, NE January 2016 — September 2019

Administered a data center supporting 127 servers and 5,000+ workstations, including disaster recovery and continuity of operations planning. Conducted weekly security audits across 8,000+ systems and managed endpoint protection and automated vulnerability patching across the network.

Data Center Security Audits Endpoint Protection DR/COOP

Education

CCAF

A.A.S. in Information Systems Technology

Community College of the Air Force 2021

Applied degree in information systems technology earned through Air Force technical training and operational experience.

Information Systems Networking Systems Admin

Certifications

AWS SA Pro AWS Certified Solutions Architect Professional Amazon Web Services
AWS Security AWS Certified Security Specialty Amazon Web Services
AWS SA Associate AWS Certified Solutions Architect Associate Amazon Web Services
AWS CCP AWS Certified Cloud Practitioner Amazon Web Services
AWS AI AWS AI Practitioner Amazon Web Services
CKA Certified Kubernetes Administrator CNCF
KCNA Kubernetes and Cloud Native Associate CNCF
Security+ CompTIA Security+ CompTIA

Get in touch

You can find me on GitHub and LinkedIn. Feel free to reach out!