Stephen Ogu

Boston, MA, ***** 617-***-**** ad3nvs@r.postjobfree.com LinkedIn

Cloud/Applications Security Risk Assessment Engineer Experienced Cloud System and Application Security Engineer adept at troubleshooting, documenting, and managing Linux systems. Skilled in vulnerability discovery, penetration security, and cloud security. Automation and Scripting using python programing language. Possesses a proven track record of design, implementation, and management of scalable and reliable cloud-based applications. An expert collaborator able interface with cross-functional teams to automate operations and address complex issues. Utilizes strong communication skills to drive success and continuous improvement. Drives technical advancements to ensure smooth operation of systems in dynamic environments. Core Competencies (6+ years’ experience)

• Cloud Engineering

• Penetration testing and Scripting using Python.

• Security Engineering

• Configuration Management/Version Control

• Deployment Automation

• Infrastructure Orchestration

• Monitoring/Data Analytics/Data Reporting

• Cloud Security Risk Assessment

• Security Engineering

• Cloud Governance

• Information Security Risk Management

• Cloud Service Providers (AWS, GCP, AAD)

• Financial Industry Knowledge

• Regulatory Compliance (NYS DFS, GDPR, FCA)

• Industry Frameworks (ISO27002, FFIEC, NIST, Cloud Security Alliance)

• Communication and Leadership

• Market Intelligence

• Cloud Quality/Testing

• Network Protocols

• Software Development

• Training Management

• Multitasking/Prioritization

PROFESSIONAL EXPERIENCE

Field Nation – Boston, MA Jan 2022 – Present

Principal Security Engineer/Solution Architect Engineer

● Solve network connectivity issues by adding/modifying NAT entries and firewall rules to enable connectivity.

● Penetration testing and Scripting for automation of technology processes

● Responsible for automatic deployment pipelines including design and implementation of elastic infrastructure in cloud.

● Leverage knowledge of network analysis fundamentals to engage in network performance analysis

● Spearhead troubleshooting efforts to assess and ascertain the root cause of issues or challenges

● Interface with leadership to develop strategies around virtualization, disaster management, and recovery

● Drive hands-on security engineering activities specializing in hacking techniques such as Red and Black-box Testing

● Direct cloud penetration testing to identify and exploit complex security issues in distributed, multi-tenant services

● Leverage advanced technical solutions to provide practical solutions for identified vulnerabilities and ensure secure services

● Execute comprehensive security assessments to evaluate the effectiveness of existing controls in cloud-based environments

● Promote awareness, education, and knowledge-sharing within the organization fostering a culture of security awareness

● Implement scalable, reliable, and secure IT solutions utilizing cloud computing within an Agile environment

● Provide technical leadership on continuous improvement of IT strategies while staying abreast of current industry trends ARM Holdings – Lagos, Nigeria Jan 2019 – Dec 2020

Solution Architect Engineer/Cloud Security Risk Assessment

● Provided technical expertise to troubleshoot and resolve issues ensuring maximum alignment with customer expectations

● Coordinated between development and operations teams to ensure seamless collaboration and successful delivery

● Conducted testing and quality assurance to streamline and optimize deployment processes and increase efficiency.

● Led efforts in Cloud Security Risk Assessment, running projects for assessing and reporting on risk and controls for Service Providers.

● Prioritized and completed internal and external risk assessments, negotiating validity with stakeholders.

● Collaborated with risk departments, defining clear roles and responsibilities for information security risk management processes.

● Demonstrated strong knowledge of Cloud information security controls, risks, and best practices in a large financial institution.

● Applied expertise in cloud service providers (AWS, GCP, AAD), cloud-based applications, and tools (CASB).

● Ensured compliance with cyber security regulations (e.g., NYS DFS Cybersecurity, GDPR, FCA) and industry frameworks

(ISO27002, FFIEC, NIST, Cloud Security Alliance).

● Managed junior staff as direct reports and functioned as an internal cloud security consultant. Fidelity Bank – Lagos, Nigeria Jan 2017 – Dec 2019 DevOps Engineer

● Led Continuous Integration/Continuous Delivery (CI/CD) process by establishing robust pipelines for efficient delivery

● Cultivated effective communication between development and operations to guarantee seamless collaboration

● Called upon technical expertise in troubleshooting, issue resolution, and to align applications with customer expectations. Application Security Engineer

● Improved efficiency, issue resolution and minimized downtime for 7 Application support/Incident Response applications

● Looked to proactive Application Security measures and rigorous Testing to improve customer satisfaction by 80%

● Analyzed exploits through vulnerability assessment and code analysis to identify and rectify identified vulnerabilities First Bank – Port Harcourt, Nigeria Jan 2015 – Dec 2017 Application Security Analyst

● Marketed and sold innovative digital banking products to diverse customer base yielding a 78% increase in usage.

● Led regular reviews, continual testing, and thorough analysis of customer feedback to maintain product quality

● Fostered collaboration with IT team to develop secure digital mobile banking application ensuring optimal performance TECHNICAL SKILLS

Cloud Infrastructure: Microsoft Azure, AWS, Google Cloud Service Web/Software Development: Java, JS, C#, Python, ASP.Net, ASP.NET Core, Flutter, React, Angular Languages: Bash, PowerShell, Python, Curl

Operating Systems: Linux (Debian, Ubuntu, CentOS, Fedora, Kali Linux), Mac OS API Tools: Postman

DevOps Tools: Kubernetes, Docker, Ansible, Chef, Terraform, Git, Prometheus, Nagios, Jenkins, Puppet Security Tools: Nmap, Burp Suite, Metasploit, Fuff, Amass, Sublist3r, DNS, Dirsearch, Intruder Payloads Teams, SharePoint, Outlook

EDUCATION

Northeastern University, Boston, MA 2022

Master of Science in Cyber Security

Federal University of Agriculture, Makurdi, Nigeria 2015 Bachelor of Science in Biochemistry

PROFESSIONAL CERTIFICATIONS

Microsoft Azure Administrator, Certification Number: H731-4654 2021 EC-Council Certified Ethical Hacker (CEH), ID Number: ECC9508467312 2021 Microsoft Certified: DevOps Engineer Expert, Certification Number: H731-4900 2021 EC-Council Certified Security Analyst (ECSA), ASPEN (eccouncil.org), ID Number: ECC6702583941 2019 Alibaba Clouder Certification Academy, ID Number: ACLS07190800002624 2019

Contact this candidate