I’m Luis E. Pastor, a Senior Security Solutions Architect at AWS with 25 years in security and compliance. I spend my time at the intersection where AI adoption meets security architecture — making sure the rush to deploy doesn’t leave the fundamentals behind.
What I Do
My work sits at the crossroads of AI security, cloud security architecture, and compliance. I lead two AWS Technical Field Communities — Compliance and InfraSec — and I think about security as a systems problem: how controls interact, layer, and fail across real production environments.
I’m currently building two hands-on workshops: one using AI-native tooling (Kiro IDE, MCP servers, custom agents) to teach network discovery and troubleshooting across multi-VPC Transit Gateway architectures with Network Firewall inspection; and an Infrastructure Security Gameday that puts teams through live attack scenarios to find out where their defenses actually hold.
I work closely with technical practitioners and business leaders across the Americas, helping them build security strategies that are practical, fundamentals-first, and built to survive contact with production.
The Career Arc
Accenture → Protiviti → Deloitte → ScaleSec → AWS. Each stop sharpened a different edge: consulting taught me to translate security into business language, the Big Four taught me scale, and AWS gave me the platform to work on problems at a global level.
Speaking & Workshops
I speak at AWS re:Invent, AWS Summits, and international conferences — including the UN CEPAL AI Roundtable in Mexico City where I contributed to Mexico’s national AI strategy framework alongside government leaders and academics. Speaking is a first-class part of the work. Full list on the Speaking page.
What I’m Writing About
The blog (Cleartext) covers the kind of problems I’m actually working through. Recent and upcoming pieces: detecting dangling DNS records before attackers do, automating mTLS certificate lifecycle at scale for non-human clients, modernizing EC2 incident response with EventBridge and Session Manager, using Neptune as a graph database to track AMI lineage and vulnerability exposure, and automating IAM permission remediation with Access Analyzer, CloudTrail, and Bedrock-generated CDK. Not trend pieces — working solutions.
Beyond Work
Bilingual (English and Spanish), based in Miami and Houston, and invested in making security knowledge accessible in Latin America — where the conversation around AI security is only just beginning.
Views are my own and do not represent AWS.