We provide IT Staff Augmentation Services!

Cloud Security Engineer Resume

Plano, TX

SUMMARY

  • Over 17 years of overall IT experience with over 7 years of Azure/Google Cloud Security and 10 years of experience in Datacenter Infrastructure Administration

PROFESSIONAL EXPERIENCE

Confidential, Plano, TX

Cloud Security Engineer

Responsibilities:

  • Experienced in Azure features which include Azure Security Center, Virtual Machines, Virtual Networks, Network Security Groups (NSG), Application Gateways, Load Balancers, Storage Accounts, Access Control (IAM), Azure Active Directory, RBAC, Recovery Service Vault, App Registrations
  • Validating the Azure subscriptions for Security controls before going into production.
  • Implemented Cloud security controls in SecOps to Encryption, Tagging, Container security, NSG management, Service Endpoints, DDoS and WAF
  • Analyze security data and report on threats and incidents across various platforms and environments.
  • Upgrade Security Center tier for all Subscriptions and Enable/Disable Security policies in Azure Security Center
  • Build, maintain and manage central security policies for Azure cloud infrastructure
  • Azure Security Center monitoring to address threats and resolve security vulnerabilities
  • Analyze security data and report on threats and incidents across various platforms and environments
  • Configured and Monitored Azure Sentinel (SIEM - Security Information and event management tool)
  • Performed security assessment on VNETs and VNET Peering’s of Azure Hub-Spoke environment
  • Enable Identity & Access Management using AD, Azure AD and Privilege Identity Management
  • Created Azure App registrations and assigned appropriate roles in different resource levels
  • Provide timely response on Critical/High severity security incidents for Azure and GCP cloud systems including rotational or on-call support
  • Performed automation tasks using Azure ARM Templates, Terraform, Shall/PowerShell/Python scripts to implement security solutions
  • Experience in defining cloud security controls for an Azure environment at an Enterprise level for SecOps
  • Created Azure subscriptions, Management Groups, AD Groups and assigned RBAC roles
  • Created KeyVault’s and assigned Access policies and RBAC roles to manage Keyvault’s
  • Loading Secrets, Keys and certificates into Azure KeyVault and HashiCorp Vault.
  • Implemented Policy’s to control availability and Security on different resources
  • Implemented DR for Azure VM’s using Azure Site Recovery (ASR)
  • Created Virtual Networks (VNET), Subnets, and VNET Peering
  • Configured Recovery Service Vault for Backups and enable backup on VM’s
  • Configured User defined routes to route traffic between the Azure Networks
  • Configured Azure VPN gateway and established Site-to-Site connectivity with On Premise Networks and Azure
  • Configured Network Security Groups for Subnet and NIC level for Azure Virtual Machines
  • Automation Cloud Security Tasks and monitoring tasks with PowerShell, Python and Shall scripting
  • Migrated Database Backups from on-premises Datacenters to Azure Cloud (BLOB Storage) and Implemented life cycle Management.
  • Identify recommendations in Azure Security Center and GCP Security Command Center (SCC) and remediate as needed
  • Implemented all aspects of Google Cloud (GCP) Security including IAM Roles, User and Group Management, 2SV/MFA, Securing VPC's, Firewall Rules, Encryption, Vulnerability scanning.
  • Implemented and monitored Google Cloud (GCP) Secret Management using KMS
  • Implemented Google Cloud IAM roles on Organization, Project and resource level
  • Implemented and monitored GCP Cloud monitoring and Logging (Stackdriver)
  • Configured Pub/Sub to send logs from Google Cloud (GCP) to IMB QRADAR and Splunk using Terraform
  • Experience with Understanding of Compliance needs across Industry verticals - PCI, SOC2, ISO, NIST

Confidential, Charlotte, NC

Computer Systems Analyst

Responsibilities:

  • Worked on Overall Datacenter design, including hosting services
  • Worked on Business continuity and disaster recovery Strategy
  • Infrastructure monitoring and management
  • Datacenter Security Implementation
  • Worked on performance troubleshooting and hardware Break fix issues on all storage hardware including EMC VAX/VMAX3/VNX/RecoverPoint/XtremIO, HP 3PAR, Brocade and CSICO Fiber channel switches.
  • Provided 24x7 on-call infrastructure support for all storage infrastructure platforms on a rotational basis

Hardware: EMC Symmetrix/ V-MAX/V-MAX3, VNX, Brocade DCX/6520, CISCO 9513/9710, RecoverPoint Appliance, HP3PAR, SSMC, XtremIO, Violin Memory, ESRS, Hitachi USP, IBM SVC

Confidential

Systems Support Analyst

Responsibilities:

  • Configured Azure Key vault and access policies
  • Building and Installing servers through Azure Resource Manager Templates or Azure Portal
  • Virtual Machine Backup and Recover from a Recovery Services Vault using Azure PowerShell/Portal
  • Worked on creating and managing Azure Storage accounts
  • Created Virtual Networks and Network Security Groups
  • Configured Azure Encryption for Azure Storage and Virtual Machines, Azure Key Vault services to protect and secure the data for cloud applications
  • Supported migrations from Datacenter to Azure Cloud
  • Maintained SLA’s for Vendor management Contract between CompuCom and its Client.
  • Involved in Project implementation for data protection/replication between datacenters and Cloud
  • Responsible for the support of storage environment consisting of EMC VMAX, VNX, Clariion, Isilon, RPA, VPLEX, Replication Manager, Brocade Switches and Public Cloud
  • Allocated storage on EMC products V-MAX10k/20k/40k/DMX/Clariion/VNX to Hosts (AIX VIO (LPM)/Windows /VMware/HP Blade servers/Linux.) and Geo Cluster.
  • Prepared DR test script of new and existing applications for DR testing and Coordinated DR tests.

Confidential

IT Analyst

Responsibilities:

  • Worked on performance troubleshooting and hardware break fix issues on all storage and servers
  • Worked on certifying new hardware installations and implementations in pre-production and production environments
  • Installed and configured hardware, software and networks for Servers, Storage and Security systems
  • Tested new hardware in Lab environment before deploying into production environment
  • Infrastructure monitoring and management

Confidential

IT Analyst

Responsibilities:

  • Worked on performance troubleshooting and hardware break fix issues on all storage and servers
  • Worked on certifying new hardware installations and implementations in pre-production and production environments
  • Installed and configured hardware, software and networks for Servers, Storage and Security systems
  • Tested new hardware in Lab environment before deploying into production environment
  • Infrastructure monitoring and management

Hire Now