Nick is available for hire
Hire NickNick Caswell
Verified Expert in Engineering
Security Engineer and Developer
Dartmouth, MA, United States
Toptal member since September 12, 2025
Bio
Nick is a senior security engineer with over seven years of experience building and securing AWS and Microsoft Azure environments. Specializing in cloud security architecture, compliance automation, and risk assessments for SOC 2, HIPAA, and HITRUST, he has delivered robust solutions that meet strict regulatory standards. Known for transforming complex security data into actionable outcomes, Nick improves resilience, reduces noise, and ensures technical initiatives align with business goals.
Portfolio
Progyny
AWS Cloud Development Kit (CDK), Compliance Frameworks, Scripting, Security...
Rapid7
Shell, Security, SIEM, Application Security, CloudSec, AWS IoT, Azure...
Abbott Laboratories
Python 3, STRIDE, Threat Modeling, SIEM, Vulnerability Management, C#...
Experience
- AWS IoT - 10 years
- Linux - 10 years
- Compliance Frameworks - 10 years
- Python 3 - 9 years
- IT - 8 years
- Cloud Security - 7 years
- Application Security - 5 years
- Infrastructure as Code (IaC) - 5 years
Preferred Environment
IT, Infrastructure as Code (IaC), Cloud Security, Application Security, Compliance
The most amazing...
...project I've led was designing a CIS-hardened Amazon Machine Image (AMI) pipeline, enabling developers to rebuild servers and reduced annual costs by $100,000.
Work Experience
Sr. Security Engineer
2024 - PRESENT
Progyny
- Led cloud security architecture across AWS and Azure, implementing native tools like Defender for Cloud, Sentinel, Security Hub, and Config to strengthen detection and response.
- Consolidated 3,000+ cloud security recommendations into fewer than 600 actionable items, automating triage with AWS CLI, Azure CLI, and jq, and integrating results into Jira workflows.
- Designed and deployed a CIS-hardened Ubuntu AMI pipeline, enabling developers to rebuild compliant servers on demand, supporting HITRUST certification and cutting around $100,000 annually in licensing costs.
- Authored detection and response rules in Sentinel for AWS CloudTrail events (Secrets Manager, KMS, ECS, ECR, API Gateway, SQS/SNS, etc.), with Teams integrations for real-time alerts.
- Led the rollout of WAF protections across all production services, starting in observability mode, tuning rules, and shifting to enforcement to balance security and reliability.
- Partnered with the AppSec team to evaluate tools and perform penetration testing using open source frameworks (Kali Linux, Skipfish, Metasploit).
- Contributed to cost optimization and risk reduction by driving secure resource management (ECR lifecycle cleanup, unused IAM roles/SGs, TLS enforcement, MFA Delete in S3).
Technologies: AWS Cloud Development Kit (CDK), Compliance Frameworks, Scripting, Security, AWS IoT, Risk Assessment, Web Application Firewall (WAF), Container Security, Amazon Web Services (AWS), SOC 2, DevSecOps, Security Audits, Web Security, IT Security, Datadog, Google Cloud Platform (GCP), Python, Pulumi, GCP DevOps, Vanta, Ethical Hacking, Penetration Testing, Vulnerability Assessment, Database Security, Red Teaming, FlutterFlow, Low Code, Network Security, Network Security Monitoring, n8n
Security Consultant
2022 - 2024
Rapid7
- Delivered security consulting for 100+ enterprise customers across finance, healthcare, and tech, focusing on vulnerability management, cloud security, and compliance readiness.
- Conducted security assessments and guided clients through remediation of thousands of vulnerabilities, improving posture and reducing risk exposure.
- Designed and implemented security monitoring solutions leveraging SIEM and log analytics tools to detect threats and strengthen incident response.
- Collaborated with client engineering teams to integrate AppSec practices into development lifecycles, including secure coding standards and penetration testing.
- Presented findings and recommendations to executive stakeholders, translating complex technical data into clear, actionable business risk insights.
- Mentored junior engineers on security tooling and client engagement best practices, contributing to Rapid7’s reputation for high-quality delivery.
Technologies: Shell, Security, SIEM, Application Security, CloudSec, AWS IoT, Azure, Office 365, Python 3, GitHub, Vulnerability Management, APIs, Compliance Frameworks, Scripting, Risk Assessment, Web Application Firewall (WAF), Amazon Web Services (AWS), SOC 2, Security Audits, Web Security, IT Security, Google Cloud Platform (GCP), Python, GCP DevOps, Ethical Hacking, Penetration Testing, Vulnerability Assessment, Red Teaming, Low Code, Network Security, Network Security Monitoring
Sr. Cloud Engineer – Secure Cloud Connectivity
2023 - 2023
Abbott Laboratories
- Supported security operations and compliance initiatives in a regulated healthcare environment, aligning with HIPAA and FDA requirements.
- Hardened infrastructure by developing CIS-compliant server images and applying secure configuration baselines across Linux systems.
- Conducted risk assessments and remediation planning for cloud and on-prem systems, translating vulnerabilities into prioritized actions for engineering teams.
- Collaborated with cross-functional teams on incident response exercises, improving readiness and communication between IT, engineering, and compliance groups.
- Documented policies, procedures, and control implementations to support audits and certifications, ensuring evidence was accurate and audit-ready.
- Partnered with application owners to implement secure coding practices and reduce recurring vulnerabilities in critical systems.
- Collaborated with biomedical engineering teams on a Python-based project processing OCT images from catheterization devices, improving analysis, and supporting R&D workflows.
Technologies: Python 3, STRIDE, Threat Modeling, SIEM, Vulnerability Management, C#, Code Review, Azure, Cosmos, Compliance Frameworks, Scripting, Security, Risk Assessment, Web Application Firewall (WAF), SOC 2, DevSecOps, Security Audits, Python, Ethical Hacking, Penetration Testing, Vulnerability Assessment, Database Security, Red Teaming, Network Security, Network Security Monitoring
Lead Systems and Cybersecurity Engineer
2018 - 2022
Naval Undersea Warfare Center
- Implemented a secure OS baseline for US Navy platforms, managing contractors to ensure successful deployment across systems.
- Developed a full-stack data science application hosted on the AWS Gov tenant, enabling data scientists to search, filter, and export data seamlessly to Tableau.
- Authored and refined cybersecurity requirements for all Navy Afloat systems and established declassification guidelines.
Technologies: Cybersecurity, Systems Engineering, Python 3, Linux, Compliance Frameworks, Scripting, Security, AWS IoT, Risk Assessment, Web Application Firewall (WAF), Container Security, Amazon Web Services (AWS), DevSecOps, Security Audits, IT Security, Python, Ethical Hacking, Penetration Testing, Vulnerability Assessment, Database Security, Red Teaming, Network Security, Network Security Monitoring
Experience
AARMS: Asset Tracking and Management System
https://github.com/NicholasCaswell/AARMSI worked on a project for a Department of Defense contractor using the Linux, Apache, MySQL, and PHP (LAMP) stack to help mitigate the loss of borrowed assets from the U.S. Military. The solution included a local Windows executable connected to a radio-frequency identification (RFID) reader. It used a Java application to update a remote MySQL database with object locations based on RFID scan results.
Macrovo.com
As a freelancer at Macrovo (before its rebrand to Macrovo.ai), I worked in a fast-paced startup environment, contributing to the early development of the company’s cloud platform. My responsibilities included building and supporting back-end systems in Python, securing Linux-based infrastructure, and assisting with API integrations to ensure scalability and stability. I also implemented security best practices and basic hardening to safeguard early-stage applications during development. This role gave me valuable exposure to agile product development, cross-functional collaboration, and the unique challenges of balancing rapid innovation with secure engineering.
Member Portal by Progyny
At Progyny, I contributed to securing the company’s Member Portal, a customer-facing web application that delivers healthcare benefits information to thousands of users. I led the rollout of Web Application Firewall (WAF) protections, initially deploying rules in observability mode to measure impact, then tuning and enforcing them in production. I partnered with engineering teams to monitor service health, refine exemptions, and ensure both security and usability. This project showcased my ability to align technical defenses with business priorities in a high-stakes production environment.
Education
2019 - 2024
Master's Degree in Computer Engineering
University of Massachusetts Dartmouth (UMass Dartmouth) - Dartmouth, MA, USA
2015 - 2019
Bachelor's Degree in Computer Engineering
University of Massachusetts Dartmouth (UMass Dartmouth) - Dartmouth, MA, USA
Skills
Tools
Shell, GitHub, AWS Cloud Development Kit (CDK), Amazon CloudFront, n8n
Languages
Python 3, Python, PHP, JavaScript, C#, Java
Paradigms
DevSecOps, Penetration Testing
Platforms
Linux, Azure, AWS IoT, Amazon Web Services (AWS), Google Cloud Platform (GCP), LAMP, Vanta, FlutterFlow
Industry Expertise
Cybersecurity
Storage
Amazon S3 (AWS S3), Datadog, Database Security
Other
IT, Infrastructure as Code (IaC), Cloud Security, Application Security, Compliance, Software, Hardware, Systems Engineering, SIEM, Web Application Firewall (WAF), Risk Assessment, Compliance Frameworks, Scripting, Security, APIs, Code Review, Back-end Admin Systems, AWS WAF, ECS, Amazon RDS, SOC 2, Security Audits, Web Security, IT Security, Vulnerability Assessment, Network Security, Network Security Monitoring, Firmware, Browser Security, Container Security, Office 365, STRIDE, Threat Modeling, Machine Learning, Pulumi, GCP DevOps, Ethical Hacking, Red Teaming, Low Code, CloudSec, Vulnerability Management, Cosmos, Gunicorn
Collaboration That Works
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
1
Share your needs
Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2
Choose your talent
Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3
Start your risk-free talent trial
Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.
Top talent is in high demand.
Start hiring