SUMMARY:

• Enhance business alignment and growth through deploying secure cloud consumption and embracing best practice methodology for security.
• AWS: Identity and Access Management, EC2, S3 storage services, databases, RDS, DNS using route 53, VPC, ELB, Autoscaling, CloudFront, CloudWatch IaaS, PaaS, SaaS.
• Linux: Managing users, configuring services, Apache - php-MySQL setup, server configuration, virtual host setup, network troubleshooting, using SSH to connect to remote hosts and general troubleshooting.
• Basic SQL: database installation, creating and updating tables, writing basic and nested queries and more.
• Network Security, Monitoring (SIEM), IP Addressing and Subnet, IPSEC and VPN
• Palo Alto, Fortinet, Router/Switch Configuration, Forti Manager Expertise

PROFESSIONAL EXPERIENCE:

Confidential — Orlando, FL

Cloud Security Engineer

Responsibilities:

• Assist application development teams during application design and development for highly complex and critical data projects
• Conducted security audits to identify vulnerabilities.
• Encrypted data and erected firewalls to protect confidential information.
• Monitored use of data files and regulated access to protect secure information.
• Performed risk analyses to identify appropriate security countermeasures.
• Configured multi-account architecture, identity and access management, governance, data security, network design, and logging within provisioned AWS Landing Zones.
• Focused on building VPs from scratch and using AWS CloudFormation, creating private and public subnets, security groups, network access lists, configuring internet gateways, OpenVPN, creating AMl, understanding of user access management/role-based access/multi factor authentication, API access and, configuration of auto scaling group (ASG) and elastic load balancer (ELB) for scaling services.
• Using AWS Budgets to set custom budgets for tracking costs and usage of resources in an AWS account. Setting up alerts by email when actual or forecasted cost and usage exceed budgeted threshold.
• Creating and utilizing tools to monitor our applications and services in the cloud including system health indicators, trend identification, and anomaly detection.
• Worked with engineers and development teams to ensure that architecture solutions are compliant with security frameworks, such as NIST, FedRAMP, ISO
• 27001/27002, PCI, etc.
• Researched, designed, and oversees implementation of information technology, systems, and policies for information security in support of business needs.
• Setup & Manage windows Servers on Amazon using, EC2, EBS, ELB, SSL, Security Groups, RDS and IAM.
• Managing VPC, Subnets; make connection between different zones; Blocking suspicious IP/subnet via ACL.
• Managing CDN on Amazon Cloud Front (Origin Path: Server / S3) to improve site performance.
• Create & Managing buckets on S3 and store DB and logs backup, upload images for CDN server.
• Setup databases on Amazon RDS or EC2 instances as per requirement.
• Managing AMI/Snapshots/Volumes/Upgrade/downgrade AWS resources (CPU, Memory, EBS).
• Creation of POCs and architecture for upcoming engagements.
• Work with the management team to identify and roadmap the elimination of technical debt.
• Work with strategic customers as an advisory architect and developer on engineering solutions of significant scale/volume/complexity on Azure.
• Develop tools to deploy, manage, monitor, and troubleshoot cloud-based systems on or off premises.

Confidential — Atlanta, GA

Cloud Security Architect

Responsibilities:

• Provide Security Architecture for Confidential ’s AWS production services and lead best practice creation and implementation around Credentials/Secrets rotation with AWS Key Management Service, and Secret Manager with IAM role - based access including API/Oauth token definition.
• Provide Security audit/review of 3rd party SaaS providers. Performs security assessments of AWS individual services and accounts using AWS tools and 3rd party along with Container security and credentials automation for Dev and Production.
• Design IAM role-based account with least privilege access for 3rd party SaaS reporting services such as New Relic for security compliance.
• Provide Security Architecture for Confidential ’s AWS production services and lead best practice creation and implementation around Credentials/Secrets rotation with AWS Key Management Service, and Secret Manager with IAM role - based access including API/Oauth token definition.
• Provide Security audit/review of 3rd party SaaS providers. Performs security assessments of AWS individual services and accounts using AWS tools and 3rd party along with Container security and credentials automation for Dev and Production.
• Design IAM role-based account with least privilege access for 3rd party SaaS reporting services such as New Relic for security compliance.

Confidential — Atlanta, GA

IT Security Vulnerability Analyst

Responsibilities:

• Protects sensitive information and maintains the confidentiality and integrity of data through
• Knowledge of security management, network & protocols, data, and application security solutions
• Manages the day-to-day operations of the security systems by monitoring system performance, configuration, maintenance, and repair. Ensures that records of system downtime and equipment inventory are properly maintained
• Investigates and analyses security matters, identifies methods, solutions, responses to situations, and provides leadership and management to deliver a high level of service
• Performs troubleshooting as required, and can lead problem-solving efforts often involving vendors and other support personnel and/or organizations
• Extensive technical writing skills and communication skills
• Experience with one or more enterprise vulnerability scanning products
• Capable of validating technical vulnerabilities in networks, operating systems, and applications