Desmond Azinue

Cloud Security Architect Security Engineer

Dallas, TX 75212 +1-719-***-**** ad4o08@r.postjobfree.com

Summary of Qualifications

An accomplished, performance - driven Cloud Security Engineer with over 6 years+ experience with a focus on implementing and managing security controls, Active Directory, IAM, Single Sign-On (SSO), Multi-Factor Authentication (MFA), Identity Governance and Administration (IGA), information security, developing and improving secure application architectures, incident detection and response, responding to security inquiries, vulnerability mitigation, IT auditing/assessment, logging and monitoring, and standards for cloud operations. Proven track record of leading implementation efforts, ensuring compliance with Cloud Security Best Practices (AWS Well-Architected Framework), disaster recovery planning, security audits, API-based security, and responding promptly to security incidents in AWS, Azure cloud environments.

Strong background in analyzing security processes for continuous improvement in development lifecycle by designing secure solutions, implementing automation for cybersecurity systems and technology infrastructure. Excited about making a meaningful impact on Technology

Education & Certifications

B.S., Computer Science, University of Buea, Cameroon, 2016

AWS Certified Cloud Practitioner

AWS Certified Security Specialty

AWS Solutions Architect

Areas of Expertise

Incident Response: Splunk, SIEM,

Auth mechanism: SSO, MFA, PAM

Environments: AWS, Cloud SaaS Security, Azure, Linux

Automation Tools: Jenkins, Ansible, Terraform, GitHub Actions, CloudFormation, AWS CodePipeline

Compliance: PCI DSS, NIST, SOX, SOC2, CNAPP, CIS, Prisma cloud, NSA, PSS Benchmarks

AWS Services: API Gateway, AWS S3, Data Migration, Lambda, DynamoDB, Route 53, AWS EKS, VPC, RDS, Lambda

Encryption Protocols and Secure Data Transmission

Collaboration: Agile, JIRA, DevSecOps

AWS Security: Information Security, IAM, Data Protection, Active Directory, CloudTrail, Security Hub, GuardDuty, AWS KMS, AWS WAF, Web ACLs, LDAP, SSO, SSDLC, PKI tooling, SAST, DAST, Okta, IAST

Containerization: Docker, Kubernetes

Threat modeling, Application Security, Risk Assessment, Vulnerability Management, Penetration testing, IT Auditing/Assessment, Security Policies and Procedures, SecureAuth, SAML 2.0

Monitoring: Prometheus, Grafana

Scripting: Python, Bash, Git

Logging and Monitoring Solutions

Professional Experience

Cloud Security Architect

Emphasis, Dallas, TX

02/2020 – Present

Identified a critical security vulnerability in the existing production environment during assessment phase, leading to immediate mitigation measures and preventing potential data breaches.

Successfully coordinated the deployment of WAF infrastructure with client application teams, resulting in improved security posture and compliance with industry standards

Successfully led the implementation of SSO solutions using Ping Identity, enhancing user experience and bolstering security measures.

Identified a gaps in vulnerability management processes leading to delayed patching and increased risk exposure by providing automated vulnerability scanning tools and improved patch management procedures

Led a team of DevOps engineers in implementing infrastructure as code using Terraform, streamlining deployment processes and reducing deployment times by 30%

Led the successful migration of on-premises solutions to cloud environments, ensuring minimal disruption to operations through a secured network in hybrid contexts, ensuring secure communication between the on-premises and cloud environments

Spearheaded the development and execution of the MFA strategy, significantly improving security posture and ensuring compliance with relevant security frameworks.

Managed vulnerabilities and responded to security inquiries, contributing to the secure operation of cloud-based services.

Developed custom Python scripts to automate security tasks in Prisma Cloud, improving efficiency and accuracy in threat detection and response.

Applied security concepts, reviewed information, executed defined tasks, analyzed requirements, and created documentation.

Led implementation and managed configuration changes across cloud environments, ensuring compliance with security policies and regulatory requirements.

Developed technology and information security policies and standards aligned with regulatory requirements, ensuring the protection of information applications, systems, tools, and infrastructure.

Implemented and automated SAST and DAST tools (Veracode, Checkmarx, OWASP ZAP) in CI/CD pipelines, significantly reducing the risk of security vulnerabilities in cloud-based applications.

Identified and mitigated a critical security vulnerability in a new technology implementation, ensuring compliance with organization policy and standards.

Automated security controls, data, and processes to provide improved metrics and operational support, leveraging cloud-based APIs and systems automation technologies.

Successfully managed and maintained Active Directory services, including Azure Active Directory and implementing Zero Trust concepts to enhance security posture.

Assisted IT and business units in interpreting and applying information protection policies and standards, ensuring compliance across the organization

Successfully implemented and managed security controls on cloud-native solutions, including AWS Organizations, Governance, Web Application Firewall, and Network Firewall.

Developed and maintained comprehensive logging procedures and standards for cloud-based and on-premises systems, enhancing security posture.

Led a team of cloud security engineers, providing mentorship and guidance, fostering a collaborative team culture, and encouraging continuous learning

Led the management of asset lifecycles, including procurement, provisioning, and decommissioning, ensuring compliance with security policies.

Responded promptly to security incidents, conducted thorough investigations, and implemented appropriate remediation measures to prevent future breaches.

Collaborated with security leadership, engineering, and compliance to execute security and IT strategies, enhancing overall security posture.

Designed and implemented secure AWS cloud architectures, ensuring the confidentiality, integrity, availability of digital assets, conducted regular vulnerability assessments and implemented remediation measures to mitigate security risks.

Integrated identity management systems, digital certificates, and secrets management with application workloads, ensuring secure authentication and access control.

Led the design and implementation of secure cloud services, collaborating with product teams to ensure adherence to Security Development Lifecycle (SDL) guidance, resulting in enhanced security standards and robust cloud solutions.

Developed and reviewed cloud account configurations, network isolation, and security groups, enhancing overall compute platform security for host-based and container-based workloads

Collaborated with engineering teams on large-scale distributed systems, microservice-based architectures, and multi-region/multi-cloud environments, ensuring security was a cornerstone of the infrastructure.

Conducted regular security assessments, including vulnerability assessments and penetration testing, to identify and address potential security vulnerabilities.

Provided technical recommendations and improvements to mitigate and remediate risks/threats, ensuring data and application security.

Successfully executed security architectures for cloud/hybrid systems, ensuring the protection of critical assets and compliance with regulatory requirements.

Designed and implemented cloud security architecture using zero-trust principles, enhancing the security posture of multi-cloud environments.

Interpreted security and technical requirements into business requirements, effectively communicating security risks to stakeholders ranging from business leaders to engineers.

Designed highly scalable, available, and secure cloud-based systems and applications, optimizing infrastructure for performance, cost, and reliability.

Led the implementation of host-based security monitoring (e.g., AWS Inspector) and network security tooling, enhancing threat detection capabilities.

AWS Solutions Architect

WRLD Tech, Dallas, TX

01/2018 – 02/2020

Led cloud security issue remediation and troubleshooting efforts, collaborating with stakeholders to improve overall security posture.

Developed policies and procedures to standardize security functions and eliminate potential vulnerabilities and threats.

Implemented threat modeling, infrastructure-as-code (IaC) practices, and secure software development lifecycle (SSDLC) processes, resulting in a more secure and efficient cloud environment

Developed and implemented a new security assessment process that improved the overall security posture of the organization by 20%.

Designed, architected, and executed a highly secured, high-availability (HA), and disaster recovery (DR) enterprise cloud solution. Implemented a robust infrastructure with high bandwidth, low latency, and private, encrypted network connectivity from the customer's datacenter to OCI Virtual Cloud Network (VCN) in Oracle Public Cloud

Advocated for security best practices, fostering a proactive approach to security across engineering teams.

Investigated data loss prevention, data manipulation, and coordinated activities to address or mitigate risks and vulnerabilities.

Drive efficiency through the implementation of Infrastructure as Code (IaC) with tools like Terraform, achieving a remarkable 30% reduction in provisioning time.

Design and implement a centralized network architecture within AWS, leveraging AWS Transit Gateway (TGW) and TGW attachments.

Deploy and monitor infrastructure in public clouds (AWS) utilizing Infrastructure as Code (Terraform) with meticulous precision.

Implement AWS security best practices, employing services such as CloudTrail, Security Hub, GuardDuty, Inspector, IAM, KMS, and WAF.

Masterfully manage network configurations, including VPC Peering/Transit gateway between VPCs across AWS accounts.

Create or review Terraform templates, ensuring the automated setup of entire application infrastructure adheres to rigorous standards.

Optimize costs intelligently through strategic selection of EC2 instances, dynamic S3 storage class choices, and leveraging Auto Scaling capabilities.

Proficiently create and manage DNS records on Amazon Route 53, ensuring seamless functionality and load balancing.

Assign roles to EC2 instances, enabling secure access to and data storage from various AWS services like S3 and CloudWatch.

Efficiently manage DNS names and Alias records in Route53, enhancing load balancer performance.

Leveraged automation to minimize security and compliance toil, integrating security seamlessly into the engineering workflow.

Hands-on experience in AWS provisioning, showcasing in-depth knowledge of services such as EC2, S3, ELB, VPC, CloudWatch, IAM, and SNS.

Demonstrate advanced knowledge of databases (Oracle, MySQL, SQL Server) and expertise in migrating databases from on-premise to the cloud.

Junior/Intern DevOps Engineer

WorkMates LLC

05/2016 – 12/2017

Develop tooling and pipelines to manage and monitor a huge public cloud infrastructure

Implement data analysis and collection required for dashboards and monitors.

Implement automation to audit infrastructure and access

Documenting and testing new software applications and system integrations

Researching, investigating and fixing a wide range of technical issues Automate repetitive processes

Collaborating with senior engineers and cross-functional teams to implement new systems, improve existing systems, or new integrations

Assist with CI/CD pipelines and tooling

Debugging and testing code

Proactively learning about new technologies

Collaborate with Software Architects on how to best design their cloud applications for optimal scaling including content caching, compute optimizations, continuous integration and delivery pipeline, load balancer setup, and more.

Work closely with Team Leadership to understand and contribute to our solutions

Integrate as a member of a Dev-Ops team and complete assigned tasks, that will nurture and expand your technical skills

Learn systems in order to update information

Research and document various data processes

Abide by all safety procedures outlined by the company

Contact this candidate