Cloud Security Engineer
Resume:
Hilary Mbamoh Pemamboh
Title: Cloud Security Engineer
Email: ad5u53@r.postjobfree.com
Phone: +1-945-***-****
Professional Summary
Dedicated and accomplished Cloud Security Engineer with over 6 years of experience in designing and implementing robust cloud security strategies. Adept at ensuring the security of cloud-based data and applications, conducting comprehensive security assessments, and collaborating effectively with cross-functional teams to integrate security measures into existing systems. Seeking to contribute expertise in cloud security and analytical problem-solving skills.
Education & Certifications
Bachelor’s degree in computer science & information technology, University of Dschang, 2008-2011
Certified Cloud Security Specialty (CSS)
AWS Fundamentals certificate
CompTIA Security+
Skills
Developing incident response plans and procedures to address security breaches or incidents in cloud environments. This involves monitoring, detection, and mitigation strategies.
In-depth understanding of cloud platforms such as Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP). This includes knowledge of various cloud services, architectures, and best practices.
Proficient in automating security processes using Python to enhance the security posture of cloud environments, including AWS and Azure.
Proficiency in scripting languages (Python, PowerShell) and experience automating security tasks using infrastructure-as-code (IaC) tools like Terraform or AWS CloudFormation.
Knowledge of industry standards and compliance frameworks (GDPR, HIPAA, PCI DSS) and experience implementing security controls to ensure compliance.
Understanding the architecture of various cloud service models (IaaS, PaaS, SaaS) and ensuring that the underlying infrastructure is secure. This includes knowledge of virtualization, networking, and storage security.
Developing and enforcing cloud security policies, standards, and procedures. This involves creating security documentation, guidelines, and training programs for stakeholders.
Ability to configure and utilize security monitoring tools and services (AWS CloudTrail, Azure Monitor, GCP Stack driver) to detect and respond to security incidents effectively.
Strong analytical and problem-solving skills, addressing complex cloud security issues.
Excellent communication skills, capable of conveying technical concepts to non-technical stakeholders.
Strong grasp of fundamental security concepts including encryption, authentication, access control, network security, and security protocols (SSL/TLS).
Ability to work independently while effectively collaborating with cross-functional teams.
Proficient in using industry leading SAST tools such as Checkmarx and Fortify to analyze source code for security vulnerabilities.
Advanced proficiency in employing DAST techniques utilizing tools like OWASP ZAP, Burp Suite, and Acunetix to assess web applications for vulnerabilities.
Drive efficiency through implementation of Infrastructure as code (IaC) with tools like Terraform.
Implementing monitoring tools and security information and event management (SIEM) systems to detect suspicious activities, analyze logs, and generate alerts.
Implementing firewalls, intrusion detection/prevention systems (IDS/IPS), and secure network configurations to protect cloud resources from unauthorized access and malicious activities.
Manage multiple projects, prioritize tasks, and meet deadlines in a fast-paced environment.
Integrated security practices into DevOps processes and workflows. This includes automating security testing, implementing security controls in CI/CD pipelines, and fostering collaboration between development and security teams.
Ensure quality work with meticulous attention to detail.
Orchestrate containerized applications seamlessly with Kubernetes, enhancing scalability and optimizing resources.
PROFESSIONAL EXPERIENCE
CLOUD SECURITY ENGINEER, JAN 2020 - PRESENT
Kelly-Moore Paint Irving, Texas
Designing and implementing customized cloud security strategies and policies tailored to the organization's specific needs.
Ensuring the security of cloud-based data and applications against unauthorized access, theft, and other threats.
Conducting regular security assessments and audits to identify vulnerabilities, providing detailed reports and action plans for remediation.
Collaborating with IT professionals, including network engineers, developers, security, and operational teams to integrate cloud security measures into existing systems and processes.
Staying up to date on the latest cloud security technologies, trends, and best practices.
Reviewing and understanding remediation options from application vulnerability monitoring and assessment tooling.
Implemented centralized log management by ingesting CloudTrail and CloudWatch Logs into Splunk, enabling in-depth analysis, visualization, and proactive identification of security events.
Defined key metrics, established CloudWatch alarms, and configured Datadog monitors, ensuring real-time monitoring and timely alerts for critical events or performance anomalies.
Have used Palo Alto Prisma Cloud to streamline and consolidate security findings from AWS cloud and Azure.
Successfully configured Amazon Kinesis Firehose to transform and deliver logs, facilitating real-time analytics using Amazon Elasticsearch for enhanced insights.
Configured user accounts and access levels in Splunk and Datadog, enabling query execution, log analysis, and visualization for authorized users.
Generated comprehensive documentation outlining set-up steps, best practices, and guidelines, ensuring clear reference material for ongoing management and future improvements.
Conducted thorough testing and validation of the monitoring solution to guarantee data accuracy, effective alerts, and compliance adherence.
Conducted training sessions for operations and security teams, imparting knowledge on navigating the monitoring solution, executing queries, and interpreting results.
Demonstrated project ownership by managing the entire setup process, collaborating with teams, and delivering a solution aligned with organizational goals.
CLOUD SECURITY EGINEER 2018 to 2020
PWC BANK Austin, Tx
Performed security monitoring, security event triage, and incident response, coordinated with other team members and management to document and report incidents.
Enabled Cloud Trail across all geographic regions and AWS services to prevent activity monitoring gaps.
Have proficiently set up IAM users, groups, roles and policies ensuring authorized personnel had access to essential resources while maintaining stringent security.
Operational experience with network security appliances with a clear understanding of the architecture behind secure networks, rule placement, VPN setup, and system maintenance.
Led root cause analysis, debugging, support, and postmortem analysis for security incidents and service interruptions.
Enabled Cloud Trail log file validation so that any changes made to the log file itself after it has been delivered to the S3 bucket is trackable to ensure log file integrity.
Enabled access logging for Cloud Trail S3 bucket so that you can track access requests and identify potentially unauthorized or unwarranted access attempts.
Analyzed current technologies used within the company and determined ways to improve.
Proposed and established IT/Cloud security framework for necessary contributions from various departments.
Designed network and application vulnerability assessment programs and testing methodologies.
Performed technical risk assessments for enterprise systems and reported gaps and remediation actions.
Designed and configured Intrusion Prevention Systems and passive Intrusion Detection Systems in AWS leveraging AWS Guard Duty.
Created automated workflow to address security related incidents.
Performed regulatory compliance audits including SOC, PCI DSS.
Reported findings and advised on remediation efforts.
Assisted in preparing business application owners prior to external audits.
Working with oversight committees and privacy, legal, and compliance stakeholders to develop enterprise-level information security compliance policies that address purpose, scope, and policy directives.
Contact this candidate