Mario Lunato
DevSecOps · Cloud Security · GRC
OneUpSec is the personal site of Mario Lunato — Field CISO at Knox Systems Inc. and a cloud security, DevSecOps, and GRC engineer with 10+ years of experience across national security, public sector, and private industry. I design, build, and operate secure cloud platforms, automated delivery pipelines, and compliance frameworks at scale from CI/CD security gates to continuous ATO programs and FedRAMP authorization.
This site is where I write about cloud security, DevSecOps, GRC Engineering, AI, and whatever else I find interesting.
Work Experience
Field CISO
Knox Systems Inc. March 2026 — PresentLeading customer-facing security engagements as Field CISO, performing gap analyses on customer architectures prior to deployment into the Knox FedRAMP-authorized boundary. Serving as the subject matter expert on FedRAMP authorization processes, NIST 800-53 controls, and boundary security requirements. Working directly with customers to identify compliance gaps, guide remediation efforts, and accelerate their path to the FedRAMP Marketplace with Knox's goal of FedRAMP authorization in 90 days or less.
Cloud Security Engineer / DevSecOps Technical Lead
Aquia Inc. February 2022 — March 2026Leading a team of 5 engineers delivering a continuous Authority to Operate (cATO) program for a federal civilian agency. Architected the end-to-end cloud automation framework integrating AWS security services with GRC tooling, reducing time-to-ATO by ~40% and automating 30%+ of compliance evidence generation. Engineered reusable CI/CD security gates, hardened multi-tenant Kubernetes clusters on Platform One, and served as ISSO for FedRAMP systems.
Cloud Security Analyst
Quzara LLC September 2021 — February 2022Conducted security assessments of cloud applications, designed AWS security architectures for regulated environments, and prepared customer systems for FedRAMP audits. Authored Security Assessment Reports and standardized evaluation templates across engagements.
Cloud Security Engineer / Analyst
ByteChek Assurance March 2021 — September 2021Built centralized monitoring and alerting systems using AWS CloudWatch and SNS, integrated SonarQube into CI/CD pipelines, and deployed infrastructure as code with CloudFormation. Defined threat defense controls and built enterprise compliance frameworks that streamlined audit preparation across multiple client engagements.
Cyber Systems Supervisor / SCOM SME
United States Air Force — Air Force Academy, CO September 2019 — September 2021Team lead and subject matter expert for SCOM operations, monitoring 20 mission-critical servers at 99.9% uptime. Administered Windows Server environments and 50+ VMware VMs supporting 4,000+ cadets and 20,000+ personnel while enforcing DoD patching and STIG hardening requirements.
Cyber Systems Operator
United States Air Force — Offutt AFB, NE January 2016 — September 2019Administered a data center supporting 127 servers and 5,000+ workstations, including disaster recovery and continuity of operations planning. Conducted weekly security audits across 8,000+ systems and managed endpoint protection and automated vulnerability patching across the network.
Education
A.A.S. in Information Systems Technology
Community College of the Air Force 2021Applied degree in information systems technology earned through Air Force technical training and operational experience.
Certifications
AWS Certified Solutions Architect Professional Amazon Web Services 
AWS Certified Security Specialty Amazon Web Services 
AWS Certified Solutions Architect Associate Amazon Web Services 
AWS Certified Cloud Practitioner Amazon Web Services 
AWS AI Practitioner Amazon Web Services 
Certified Kubernetes Administrator CNCF 
Kubernetes and Cloud Native Associate CNCF 
CompTIA Security+ CompTIA