SUMMARY

• An experienced Cyber and Cloud Security Engineer with good hands on supporting, Automating, and optimizing mission critical deployments in AWS, with a proven track record in Solutions Design for Cloud tech and Quality Engineering.
• Also possess in depth experiences in transitioning multiple projects and ensuring seamless end to end delivery of Cloud and Security services.
• In - depth knowledge of AWS Cloud services and platform

TECHNICAL SKILLS

Operating Systems: Amazon Linux AMI, Linux (Red Hat 7.x & 8.x) CentOS 7.xUbuntu 20.x & 22x and Kali-Linux v2022.4

Web Servers/ Application Servers: Apache2.0/2.2/2.4, Apache Tomcat8.0.x

Languages: Shell scripting, Python

Bug/Issue Tracking: JIRA, ServiceNow

Monitoring Tools: Splunk Enterprise Server, Amazon CloudWatch, andPrometheus & Grafana, Nessus, Qualys

IaC Tools: Terraform Enterprise

Virtualization: VMware Workstation, ESXi, and vSphere 6 client.

Proof of Concept: Design Phase to Development Phase to Technical

AWS Cloud Services: AWS EC2, VPC, AMIs, S3, IAM Role & Policies, KMS, Security Groups, AWS Secret Manager, AWS WAF, AWS Config Rules, Security Hub, AWS Trusted Advisor, RDS-MySQL, Route53, CloudWatch, CloudTrail, and GuardDuty

PROFESSIONAL EXPERIENCE

Confidential, Winston Salem, NC

Cloud Security Engineer

Responsibilities:

• Conduct Network Security Monitoring on services including SIEM, IDS/IPS, Firewall, Web Application Firewalls, and Data Loss Prevention (DLP)
• Administered IT-monitoring toolsets like AWS CloudWatch, Prometheus & Grafana to collect and track metrics, collect, and monitor log files, and set alarms.
• Conduct 15+ incident response investigations monthly for Classified Incidents, and ensure all classified systems complied with cybersecurity regulations.
• Implemented AWS WAF with ALB to block SQL Injection, Geo Location and Query string.
• Utilized Session Manager to access EC2 instance and manage AWS CloudWatch for monitoring purposes.
• Experience deploying and managing Nessus scanner to run vulnerabilities in EC2 environment, configuring and automating Amazon Inspector to scan AWS native assets.
• Experience with configuration baseline standards such as CIS Benchmarks or DISA and enabling a compliance Framework policy using AWS Security Hub service.
• Experience in management of AWS Security Hub vulnerabilities remediation, automated AWS Inspector to scan AWS EC2 instance and Assets for vulnerabilities and utilize Systems Manager for patching.
• Experience deploying integrated security logging, monitoring, and altering solutions using AWS services.
• Configured AWS Web Application Firewall (WAF) to block all unauthorized incoming web traffic from customer accounts in AWS platform.
• Ensure compliance with cyber security policies and procedures regarding documentation, labeling, asset tracking, and quality assurance.
• Monitoring internal server resources utilizing Prometheus & Grafana application.
• Integrate Splunk with AWS Security Hub to pull and analyze CloudTrail logs.
• Work closely with DevOps team using Shell Scripting and Python for automation of cloud services.
• Proof of Concept; Working with DevOps team to identify achievable technical results.

Confidential

Cloud Security Engineer

Responsibilities:

• Defined, developed, and operationalized 7 security metrics while employing classified systems to help protect data on running devices.
• Implemented security best practices in AWS including multi-factor authentication, access key rotation, role-based permissions, encryption using KMS, enforced strong policy, configured security groups and NACLs, S3 bucket policies and ACLs, mitigating DDoS attacks etc.
• Generated Signing Request (CSR), create private key files and requested SSL from Entrust. Imported SSL encryptions keys into AWS Manager (ACM) and configured application load balancer for it.
• Implement secure key and management: Store encryption keys and s securely and rotate them at appropriate time intervals while applying strict access control; for example, by using a management service, such as AWS Manager (ACM).
• Enforce encryption in transit: Enforce your defined encryption requirements based on appropriate standards and recommendations to help you meet your organizational, legal, and compliance requirements.
• Automate detection of unintended data access: Use tools such as GuardDuty to automatically detect attempts to move data outside of defined boundaries based on data classification level, for example, to detect a Trojan that is copying data to an unknown or untrusted network using the DNS protocol.
• Monitored Cloud Compliance Automation Tool (CCAT), a shell script that checks for compliance on all security tools installed on various operating systems within AWS EC2.
• Utilized AWS Inspector and Nessus vulnerability scanner as a security tool to identify security vulnerabilities found from CIS benchmarks and Security best practices.
• Good use and understanding of DAST tools using Nessus Vulnerability Scanner
• Remediated Log4j vulnerability captured by our Nessus scan in Development and Production accounts.
• Utilized AWS SSM run command to launch Amazon EC2 instances using Amazon Images (AMI) for (RHEL/Ubuntu/Windows) and

Confidential

Sr. Cyber Security Analyst

Responsibilities:

• Monitoring alerts from the SIEM tools and responding with analysis of the triggered alerts.
• Performed S3 bucket creation, access policies, and archive outdated data to Glacier through the Lifecycle policy configuration.
• Knowledge of PCI-DSS Compliance requirements related to credit cards. Working knowledge of security tools such as firewalls, IDS/IPS, anti-spam, content management, server, and network device hardening.
• Performed evaluation testing on enterprise intrusion detection systems and prevention systems (IDS/IPS) such as McAfee.
• Ability to analyze malicious files through code analysis/reverse engineering.
• Understanding of SOAR products and EDR technologies
• Comprehensive knowledge of OWASP, NIST and FISMA compliance

Confidential

Cyber Security Analyst

Responsibilities:

• Monitored, identified malware and intrusion issues.
• Used Wireshark to examine alerts from various browsers and other security monitoring tools.
• Monitored, investigated, and reported incidents of suspicious activity.
• Assisted with implementation of counter measures, as well as mitigating controls.
• Fixed detected vulnerabilities, to maintain high security standards.
• Assisted level 3 team in designing new security systems for company’s use.
• Monitored identity and access management, in addition to monitoring for abuse of permissions.
• Generated reports for both technical and non-technical staff.
• Analyzed security breaches to determine the root cause of problems.
• Microsoft Office 360
• Vulnerability scan, Endpoint detection and log analysis