Olumide Babatunde
**** *** ****** ** ** Forney, TX. 75126 469-***-**** ****.*********@*****.*** Joseph Ayo Babalola University
B.Sc. in Engineering Computer Science December 2011 OBJECTIVES
Skilled Security Engineer with exceptional development ability and extensive knowledge of physical and cloud security. Have excellent analytical and problem-solving skills and a strong ability to work with minimal supervision.
SKILLS
● Scripting experience (Linux, Python, Bash, PowerShell)
● Chef, Puppet, Jenkins or any build automation deployment experience
● DevOps background
● AWS, Microsoft Azure
● Systems administration (Linux and/or Windows Servers)
● Windows/Unix (bash, powershell, perl)
● Expertise with IPsec, VPN, Load Balancing, Iperf, MTR, Routing Protocols, SSH, Network Monitoring / Troubleshooting tools
Technical Certificatons & Trainings
● AWS Certified Developer
● AWS Solution Architect Associate
● AZ-100: Azure Infrastructure & Deployment
● AZ-101: Microsoft Azure Integration and Security WORK EXPERIENCE
Toyota Financial (BeyondCloud Solutions) May 2017 - Present
Cloud Security Engineer
● Managed 10+ AWS account with multiple VPCs in different environments (prod & non-prod) and 700+ servers.
● Worked as IAM admin, creating new IAM users & groups, defining roles and policies, Identity providers and KMS.
● Produced comprehensive architecture strategy for environment mapping in AWS that involved Active Directory, LDAP, AWS Identity and Access Management (IAM) Role for AWS API Gateway platform.
● Provided support to teams on various AWS services.
● Utilized tools like EvidentIO, CloudCustodian, Dome9 and Cloudhealth to manage, analyze health and keep track on security of AWS.
● Assessed, developed and implemented, operationalized and documented comprehensive security technologies and processes. Secure software development, data protection, cryptography, key management, identity and access management (IAM), network security (VPNs) within SaaS, IaaS, PaaS, and other cloud environments.
● Expert level experience with AWS tools, technologies and APIs associated with IAM, Cloud-Formation, AMIs, SNS, EC2, EBS, S3, RDS, VPC, ELB, IAM, Route 53, Security Groups, Lamda etc.
● Performs automation of tasks, patch management, O.S and application inventory management, secure AMI creation and life-cycle across AWS resources using AWS System Manager (SSM), CloudWatch event, Lambda, SNS, Cloud formation, Amazon Inspector, Service Catalog and other tools
● Created Operations Support Documentation to highlight standard practices, processes, and troubleshooting solutions.
● Provide compliance automation and the advancement of "Security and Compliance as Environment" in lieu of traditional security and sampling based security and compliance practices.
● Provided evidence for SOC I/II, PCI, HIPAA, and FedRAMP Certification audits.
● Responsible to formulate, document and communicate the cloud security architecture and associated practices.
● Web Application security testing, Vulnerability Assessment, penetration testing and generating reports using tool
● Skilled using Burp Suite, Acunetix Automatic Scanner, NMAP, Dirbuster, Qualysguard, Nessus, SQLMap for web application penetration tests and infrastructure testing.
● Experience on Network scanning and penetration testing using various web application security tools like Metasploit, OWASP ZAP Proxy, Nmap, and Nessus.
● Worked with Incident Response Team to gather relevant information for security events.
● Worked on setting up alarms and notifications for EC2 instances using Cloud Watch.
● Worked in the Cloud Security team as Security architect overseeing the automated security processes such as NACL, Security Groups, VPC, IAM, S3 etc. un-authorized access and modifications then alerting the incident details and responding to them with Reversal actions.
● Added alert triggers to different operations using PagerDuty. Citigroup (BeyondCloud Solutions) April 2013 –
April 2017
Cloud Security Engineer
● Provide subject matter expertise on architecture, authentication and system security.
● Architect, design, implement, support, and evaluate security-focused tools and services.
● Develop and interpret security policies and procedures.
● Evaluate and recommend new and emerging security products and technologies.
● Build security utilities and tools for internal use that enables Security Engineers to operate at high speed and wide scale.
● Performed PCI Security SAQ audits and implemented secure solutions for credit card transactions.
● Evangelize security within Amazon.com and be an advocate for customer trust.
● Maintains application servers in Azure, AWS and the associated networking necessary. Responsible for migrations of financial system and security products into Azure
● Provide strategies and requirements for the seamless migration of applications, web services, and data from local and server-based systems to the AWS cloud.
● Part of a team of devOps engineer for infrastructure support on AWS cloud. Creating cloud formation scripts for hosting software on AWS cloud. Automating the installation of softwares through powershell scripts
● Understanding of secure-cloud configuration, (CloudTrail, AWS Config, etc), cloud-security technologies
(VPC, Security Groups, etc.) and cloud-permission systems (IAM).
● Identity and Access concepts and technologies to secure production and corporate access, such as: SSO, SAML Federated Identity, RBAC, authentication & authorization solution etc.
● Add project users to the AWS account with multifactor authentication enabled and least privilege permissions.
● Hands on experience with IAM to set up user roles with corresponding user and group policies using JSON.
● Recognize, adopt, and instill the best practices in security engineering fields throughout the organization: development, cryptography, network security, security operations, and incident response.
● Perform non-technical security tasks such as contributing technical information to sections of the System Security Plan (SSP).
● Experience working with AWS Simple calculator to estimate pricing for corporate proposals.
● Experience with threat modeling, especially for web application and web APIs
● Web security and compliance experience (e.g., Firewalls, IDS/IPS systems, DOS prevention and PCI, HIPAA, FIPS, etc.)
Thanos Consulting LLC April 2011 – June 2013
Security Engineer
● Expertise in performing Application Security risk assessments throughout the SDLC cycle Performed Application security which includes Application Security design, review, testing and remediation
● Experience in vulnerability assessment and penetration testing using various tools like Burp Suite, DirBuster, OWASP ZAP proxy, NMap, Nessus, IBM AppScan enterprise, Kali Linux, Metasploit.
● Simulate how an attacker would exploit the vulnerabilities identified during the dynamic analysis phase.
● Sound knowledge and industry experience in Vulnerability Assessment and Penetration
● Testing on WEB based applications; Mobile based application and Infrastructure penetration testing.
● Ability to work in large and small teams as well as independently
● Broad knowledge of hardware, software, and networking technologies to provide a powerful combination of analysis, implementation, and support.
● Proven experience in manual/automated security testing, secure code review of web and mobile applications
● Security assessment based on OSSTMM methodology and OWASP framework.
● Experience in establishing process for periodic reviews of privilege user groups at AD, database and application level.
● Implementation and review of security controls across SDLC. Jubilee Consulting Jan 2009 – April 2011
Systems Engineer
● Automated NIS user administration for all domains by writing menu-based bash scripts saving 30 minutes per user creation.
● Monitored critical file systems using bash scripts, cron and send mail to trigger alerts to take proactive action preventing critical incidents.
● Enabled daily backups of production databases by taking backup dumps with bash scripts and cron to keep additional backups.
● Maintained compliance by pushing patches for bugs to all servers in environment through bash scripts over manual patching saving time
● Setup Puppet infrastructure in environment by installing puppet agents through bash script.
● Performed quarterly patching on all OS platforms such as Red Hat 5/6/7 and Solaris 8/9/10 and effectively communicating with all stakeholders for a layered shutdown/startup of applications post upgrade.
● Increased VM resources by increasing CPU cores, memory and hard disk to improve system performance fine-tuned for application requirements
● Implemented fail proof backups by taking VM clones in different data store and DNS for failover before performing critical changes on production applications.
● Implemented several backup procedures by taking dump/tar/LVM snapshots in Red Hat, ufs dump/detaching mirrors/zfs-snapshots in Solaris and VM-snapshots/clones at VMware Vsphere level.
● Created customized images from exiting virtual machines and reused them for quick deployments. University of Texas at Dallas – Engineering Lab July 2007- Dec 2008 System Ops
● Administered technology infrastructure and charged with availability, integrity, security, and maintenance of Desktop systems, local / wide-area networks, related systems and hardware, Servers, Server Operating Systems, and Server Applications, Connectivity, Telephony, HP printers, Xerox copiers, cabling, switches, routers, and hubs
● Defined standards with the input of management, and communicated and enforced standards among employees, and reported on compliance
● Proactively monitored services and responded to alerts and signs of trouble - analyzed, identified issues, performed debugging, and reinitiated systems with little downtime
● Provided training to business users on security, network and desktop applications
● Assisted upper management with budget planning for IT upgrades and maintaining current systems