SUMMARY

• Around 8 Years of experience working as Sr Cloud Security Engineer, AWS Infrastructure Engineer and DevOps Engineer.
• Experience in Deploying, maintaining, and managing AWS cloud services. Ensure the high availability, performance, scalability, and security of production systems.
• Engineer, test, document and deploy security administration in O365/Azure cloud environment.
• Leveraged Azure Sentinel to integrate Azure Security Center, Azure AD, Firewalls, Symantec.
• Endpoint Security, Nessus scanner for vulnerability scans, authenticated and unauthenticated scans for newly built servers, O365 ATP, Windows Defender, Microsoft ATP and third - party security tools like Symantec EP.
• Onboarding Azure Sentinel to receive logs from data sources, detected previously undetected threats, investigated threats with artificial intelligence and responded to incidents rapidly using playbooks and KQL queries.
• Experienced in Cloud automation using AWS Cloud Formation templates to create custom sized VPC, subnets, NAT, EC2 instances, ELB and Security groups.
• Deployed, configured, and maintained Splunk environment to help the internal security team effectively manage security threats and risks.
• Automating environment build and provisioning using virtualization, containerization and orchestration tools with Docker, VMWare, AWS, and Kubernetes.
• Configured and Supported SAML 2.0 with various partners to create SSO/Federation between Identity Provider Landing page and Service Providers Applications.
• Development of BI data lake POCs using AWS Services including Athena, S3, Ec2 and Quicksight.
• Strong knowledge on cloud and application monitoring with azure log analytics and workspace.
• In-Depth Knowledge with IAM principals (Users, Groups, Roles, Policies) provided Delegation of Access between accounts using STS Assume Role Tokens.
• Have in-depth knowledge of Linux OS and Administration.
• Extensive working knowledge of AWS including Design, Deployment, Administration, S3, EC2, Load Balancers, Auto-scaling, High availability solutions.
• Integrated ServiceNow with Splunk to generate the Incidents from Splunk.

TECHNICAL SKILLS

Operating System: Linux (AWS, Ubuntu, Cent05), Microsoft Windows.

Cloud Computing Technology: Amazon Web Services (AWS) & Azure

Networking Technology: Amazon Virtual Private Cloud.

Security Frameworks: NIST, ISO, CIS, HITrust, SOC1 & SOC2.

Container Technology & Management: Kubernetes, Docker, Amazon EKS, Amazon ECS.

Tools: Jenkins, GitHub, Terraform, CloudFormation etc

File Transfer Tools: FileZilla

Additional Knowledge: MS-Office Suite.

Project Approach: Propose, Create, maintain, and manage the project strategy.

PROFESSIONAL EXPERIENCE

Sr Cloud Security Consultant

Confidential, Thousand oaks

Responsibilities:

• Streamline the Process of Access Management, Threat Detection, Remediation Pipeline, Automation Detection.
• Experience in performing and/or participating in technical assessments in direct support of a major compliance effort (e.g., SOC1, SOC 2, HITRUST, HIPAA, PCI, or ISO).
• Understanding of the NIST Cybersecurity Framework (CSF).
• Extensive Experience working with Jira for creating Projects, Workflows and User access Management.
• Experience working with different security and monitoring tools like Lacework, Jupiter One, Threat Stack, StrongDM to automate and remediate security vulnerabilities to Cloud Infrastructure.
• Working on Critical and High severity level incidents from Lacework and Configuring policy against to AWS CIS benchmarks and NIST.
• Centralized management of Anti-Virus software. Maintenance and support of McAfee, Symantec, Trend Micro and Microsoft security products.
• Working with different scripting languages like Python, Groovy script and Terraform for automation.
• Exercised implementing Tagging resources in AWS Accounts and used these tags for auditing, cost exploration and security remediate actions.
• Developed dashboard prototypes using Cloud Dashboard Tools Looker and AWS Quicksight managing all aspects of the technical development.
• Conducted penetration testing for Lacework Security's cloud-based security platform.
• Developed Automation Pipeline in AWS to Remediate Security incidents using different AWS services like AWS lambda, cloud watch, cloud trail and scripting like python and groovy script.
• Applied Industry Standards like CIS Benchmarks, NIST, HIPAA and OWASP Top 10 to Implement security in AWS Cloud.
• Used AWS Macie to Analyze PHI/PII data in S3 buckets and write custom queries to enable visibility into the resources that have access to the privileged buckets.
• Used Amazon Detective for security investigation and analysis, used this service to identify unauthorized access, abnormal behavior like too Many requests from the same API, console/API access from unexpected location, API call during mid nights.
• Used IAM Access Analyzer for access management and to identify the resources with elevated privileges.

Cloud Security Engineer

Confidential, Dallas

Responsibilities:

• Automated Pipeline of Role Creation that are used as Service Roles for Cross-Account access.
• Created Step Functions as part of Role Automation to Read JIRA Input and Fetch Pre-Generated Policies from S3 bucket.
• Helped design and deploy Microsoft Security stack i.e., Microsoft Information Protection, Azure Sentinel, Microsoft Defender for Identity, Microsoft 365 Defender, Defender for Endpoint.
• Had experience in building and integrated tools with CI/CD pipelines using Jenkins. Code repositories like Github and Kuberentes clusters and docker containers.
• Automated Lambda Functions using Python that can Fetch AWS Services, Actions from AWS Web pages and Create Policy templates to use as part of the Pipeline.
• Created MySQL Database tables that are used as JIRA Backend to fetch the AWS Services, App ID and AWS Account Numbers.
• Created JIRA Page that is used as a Frontend page for requesting Role Creation.
• This Page Helps users to raise tickets and initiate the role Creation Pipeline once Ticket is submitted.
• Automated CI/CD pipeline using Code Commit, Code Build, Code Deploy and CodePipeline.
• This pipeline will initiate Creation of Role when users submit a JIRA Ticket.
• Created Role’s using the Pre-Generated IAM Policy Templates based on the JIRA Input.
• Automated fetching of IAM policies and JIRA Input from users using Lambda functions and Step Functions.
• Implemented security controls and policies to protect Lacework's cloud infrastructure and data.
• Configured Cloud Watch to monitor the Role creation and alerts whenever a new role is created.
• Implemented Service Control Policies to Enforce Least Privilege on Identities and Control Tower is used to automate Creation of Landing Zone and Child Accounts.
• Used Divvy Cloud (Insight Cloud Sec) and Splunk to achieve Compliance and Industry Standards. We are following NIST, HIPAA and HiTrust Compliance.
• Created Cloud Formation Stack’s Based on JIRA Input and Pre-Generated Policies that are used for Role creation and these Stacks will be used for Future Role ProvisionComparison.
• Used AWS Config to implement Custom and Pre-defined Rules to Achieve Data Privacy and Remediate on Critical issues that are observed.
• Identifies regulatory changes that will affect Information Security Policy, standards and procedures and recommends appropriate changes.
• Used Guard Duty and AWS Inspector to Scan the infrastructure and Recommend on Findings on Infrastructure Network.
• Used Access Analyzer for access management and to identify the resources with elevated privileges.

DevOps Engineer

Confidential

Responsibilities:

• Designed the Federation Architecture with Hub and Spoke model using the SAML authentication for Single Sign On (SSO).
• Deployed Domain Controller Servers in Dev, Test and prod through automation using Ansible playbooks.
• Created and managed IAM roles through automation using Terraform to integrate into infrastructure.
• Managing, provisioning, Application Deployment & Multi-Tier Orchestration using Ansible automation.
• Created Active Directory (AD) groups as part of the Federation for the Single Sign On (SSO) using SAML Authentication between the Identity provider and Service Provider (AWS).
• Audit and reviewed the user Policies in all Enterprise AWS Accounts to provide the Least- Privilege via Roles and Policies.
• Worked with the Incident Response Team to develop an incident plan for Authentication response Failure. Provisioned Identities using IAM solution OKTA for Enterprise.
• Developed Security Patterns and controls For AWS to Enforce (Automate) Security on the AWS Services that Enterprise Uses.
• This Security Patterns are compliance of NIST, CIS Benchmarks (Center for Internet Security) and Northwestern Mutual Custom Standards and AWS Best practices.
• Used AWS Inspector and Guard Duty to perform Port scanning and perform recommended patches accordingly. Also provides DLP (Data Loss Prevention) Solutions to Enterprise.
• Develops and implements security standards, procedures, and guidelines for multiple platforms and diverse systems environments (e.g., corporate, distributed and client server systems).
• Identifies regulatory changes that will affect information security policy, standards and procedures and recommends appropriate changes.
• Worked on AWS and related services like EBS, RDS, ELB, Route53, S3, EC2, AMI, IAM through AWS console.
• Expertise in developing templates for AWS infrastructure as a code using Terraform to build staging and production environments.
• Experience with different DevSecOps tools like Jenkins (To Build CI/CD), Docker Containers (To build docker containers), Kubernetes (Where Applications are deployed), Terraform/CloudFormation/Ansible (Configuration management tools to configure AWS Services), and Code repositories like Github.
• Proficient in writing AWS Cloud Formation templates to create custom sized VPC, subnets, NAT, EC2 instances, ELB’s and Security groups.
• Manage configuration of Web App and Deploy to AWS cloud server through Chef. Used Chef to manage web applications, configure files, database, users, and packages.
• Developed Chef Recipes using Ruby framework to configure, deploy and maintain software components of the existing infrastructure.
• Created Ansible playbooks to automatically install packages from a repository, to change the configuration of remotely configured machines and to deploy new builds.
• Configure the Ansible playbooks with Ansible Tower so that other users can run them with just a push of a button.
• Used Ansible playbooks to set up a Continuous Delivery pipeline. This primarily consists of a Jenkinsto run packages and various supporting software components such as Maven.
• Implemented Docker based Continuous Integration and Deployment framework. Deploying and maintaining Micro services using Docker.
• Experience deploying and maintaining multi-container applications through Docker.
• Used MAVEN as a build tool on java projects for development of build artifacts on the source code.