We provide IT Staff Augmentation Services!

Senior Cloud Security Manager Resume

3.00/5 (Submit Your Rating)

SUMMARY

  • Over 25 years of professional experience specializing in Enterprise Architecture, Secure Cloud Architecture, MDM, DevOps, Middleware Architecture and Product Development

TECHNICAL SKILLS

  • Enterprise Solutions Architecture
  • Cloud Computing (SaaS, PaaS and IaaS Architecture)
  • Cloud Security (OWASP Top 10, AV, Static and Dynamic Analysis, Cloud Monitoring, Secure Endpoints)
  • Big Data and Analytics
  • MDM
  • Dev Ops and Automation
  • Identity and Access Management (IDAM)
  • API Development
  • Internet of Things (IoT)
  • KPIs and SLAs
  • IT Asset Management
  • Mobile Architecture
  • Mobile Data Management
  • Agile Methodology
  • Test and Testing Guidelines (TDD, BDD)

PROFESSIONAL EXPERIENCE

Senior Cloud Security Manager

Confidential

Keywords: AWS, Apache Reverse Proxy, Cloud Security, OWASP, CVSS scores, NIST Security Framework, FIPS, FedRAMP, FISMA, FFM (Federally Federated Marketplace), CMS (Center for Medicare and Medicaid Services), Secure Rest API, PII Security, Anti - Virus, API Gateway, PKI, DevOps, Ansible, GITHub, Splunk, JWT, Java EE, JAX-RS, Java Spring Framework, MarkLogic, DAL (Date Access Layer), Python, Jenkins, CloudWatch, CloudTrail, New Relics, WAF

Responsibilities:

  • Manage a team to provide compliance, operations and architecture support to Federally Facilitated Marketplace.
  • Provide Security Framework to SOA FFM architecture that has over 1200 REST API Endpoints running mainly on JBOSS Java EE Version 7 on AWS cloud and Verizon (VMWare - Compute VSphere, Network NSX, Storage vSAN) and DXC datacenters. Front end is provided by Akamai CDN that provides DNS and WAF functionalities like and WAF functionalities like Adaptive Rate Control, DDOS attacks and Whitelisting.
  • Ansible Playbook (yaml) were created for installation of Layer7 Gateway software on 18 nodes. Ansible Modules were used to install software, copy files etc., Roles were created for organizing multiple related tasks. Ssh keys were generated and added to each node from a controlling machine. Ansible.cfg and hosts files were changed for the installation to occur.
  • Part of the team to build of binaries for security code and configuration files with Jenkins and GitHub.
  • REST API are implemented using JAVA EE, RESTFUL (JAX-RS) and Spring frameworks. MarkLogic Database, Alfresco Database and AWS Native (Dynamodb + S3) are the database/storages used.
  • Involved in Next Gen Secure REST API Design that involves establishing Security Groups (Java annotations), Rate Control (Akamai CDN) and Access Keys (Layer 7 API Gateway) to access FFM Market Place and Document Storage and Retrieval Systems.
  • Layer 7 Gateway is used to provide WAF functionalities like Access Keys to applications, Application-layer and injection attacks like SQL injection, malicious file execution, and cross site scripting that can penetrate and cripple services.
  • OWASP Top 10 - Lead the effort to do code and vulnerability scans using Nessus Vulnerability scans, Fortify Static Code Analyzer, Burp Test Suite (XSS, SQL Injections, parameter manipulation and vulnerabilities susceptible brute-force attack) and Fiddler (HTTP Debug and MiM), SonarQube (continuous inspection of code quality)
  • Implemented early Splunk Alert Strategy to identify PII leaks in test and production environments
  • Involved in Architecting and implementing SPE (Security Protection Engine - Near Real-time) and ICAP (Real-time) solution for Document Storage and Retrieval system to AWS S3 Cloud Storage. The two Symantec solutions should be able to support close to 1 million documents per day.
  • Supporting compliance teams on quarterly audits and FEDRAMP activities on the AWS cloud implementations like FIPS encryption of Data-At- Rest, Snowball, Lambda, ESB and DynamoDB.
  • Author of the security controls based on NIST 800-53 for next generation CMS Technology Stacks,

Senior Principal Enterprise Cloud Architect

Confidential

Keywords: Ansible, Cloud Modernization, Governance, Cloud Architecture, Enterprise Architecture, Reference Architecture, UML, Talend, Hortonworks, Kubernetes and Docker, Framework, Security (Cybersecurity, IDAM (Identity and Access Management)), SSO, SOC2, Firewalls, Virtualization, Data Center, Powershell, DaaS, VLAN, CIDR, Cisco ASA, Directory, Exchange, O365, SAML, Zabbix, Skype, Remedy, ServiceNow, Openflow, NFV, SDN, BGP

Responsibilities:

  • Led the activity of Architecture Review Board (ARB) to establish reference diagrams, compliance, governance and technical architectural support for cloud solutions that aligned with merger activity of Confidential and HPE.
  • Lead Confidential ’s AWS native cloud architecture implementation by moving financial, legal, sales and IT applications that were in a data center to AWS cloud.
  • Led in defining and implementing an AWS Cloud Native framework as part of Cloud Modernization and Application Rationalization process at Confidential . Used dev ops (Cloud Formation scripts, Ansible, CI/CD) and AWS Native services (CloudWatch, CloudTrail, EC2 System backups) for logging, monitoring and patching services.
  • Led the team to implement SSO through CA Globalpass and deployed AV tool Crowstrike Falconhost on the native AWS Cloud.
  • Led a team to architect a Master Data Management solution comprising of CMDB data, HR, Sales, Legal and Product Catalogue data. UML (Class Diagram, Object Diagram, Component Diagram and Use Cases) were used to specifying, constructing and documenting of artifacts of MD solution. Informatica Cloud ETL was used to Extract, Transform and Load data from different data sources, Hortonworks Hadoop Data Platform was used for Data Management and QlikView was used for Analytics and Data Visualization.
  • Worked on ServiceNow platform to move HPE and Confidential Assets into ServiceNow. ServiceNow will provide relationship mapping between assets, discovery, Event mapping, Financial reporting (Tech Debt) and mapping and visualization to improve the life-cycle management of Assets.

We'd love your feedback!