Security Engineer Cloud
Resume:
Gisele Noukwi
SPLUNK CLOUD ENGINEER
TEL: 716-***-**** Email: ********@*****.***.
Summary of Qualifications:
I am a committed and ardent individual, with over 10 years of experience in Information Technology and over 6+ years as a Cloud Security Engineer with experience in supporting and optimizing mission-critical deployments in AWS, designing, and implementing CI/CD pipeline using Jenkins, provisioning, and managing highly available, fault-tolerant, and scalable infrastructures on AWS utilizing terraform as IAC along with Ansible to automate configuration management. Cloud experience in identity and access management, monitoring and event management, EC2, EBS, Route53, VPC, VPN, ELB, WAF, Firewalls, Cloud Watch, Cloud Trail, and patch management. Technical skills in writing bash codes. 6+ years as cloud security engineer (Banking and Finance and Health sector like JPMC, US bank, PNC, Well Fargo, Johnson and Johnson). I am also experienced in analyzing information requirements and delivering cost-effective solutions. I have a diverse background including solid knowledge in Splunk, and Zabbix.
Technical Skills and Technology Stack:
·Cloud Orchestration/Automation: AWS CloudFormation, AWS Lambda, AWS Systems Manager, AWS SSM, Parameter Store, Ansible, Docker, Bitbucket
·AWS Security: AWS Guard Duty, AWS Shield, AWS Inspector, AWS WAF, Firewal
·Manager
·Monitoring & Event Management: AWS CloudWatch (Events & Logs), AWS SNS, AWS S3, Zabbix, Splunk.
·Identity & Access Management: AWS Organization, AWS IAM, Active Directory, AWS Secrets Manager.
·Governance & Compliance: AWS Config Rules, AWS Organization, AWS Control Tower, AWS Trusted Advisor, AWS Well-Architected Tool.
·Programming Languages: Bash, JSON, YML, Python
·Data Protection: AWS Certificate Manager, AWS KMS, Snapshot Lifecycle Manager, AWS Cloud HSM, EBS Volume modification.
·Network: VPC, VGW, TGW, IGW, NGW.
·Image & Patch: AWS SSM Patch Manager, AWS Golden AMI Pipeline
·AWS Platform: AWS CloudFormation, AWS Lambda, AWS Systems Manager, S3, VPC, EC2, ELB, RDS, SNS, SQS, SES, Route53, CloudFront, AWS Auto Scaling, Trusted Advisor, CloudWatch.
Professional Experience:
Splunk Engineer/Admin
Capacity Bay, Glenarden, Maryland, March 2022 – Present.
Designing Splunk Enterprise infrastructure to provide high availability by configuring clusters across two data centers.
Responsible for installing, configuring, and administering Splunk Enterprise on Linux and Windows servers.
Filtering unwanted data in the heavy forwarder level thereby reducing license cost.
Created data retention policies and performed index administration, maintenance, and optimization.
Extensively used Splunk Search Processing Language (SPL) queries, Reports, Alerts and Dashboards.
Using DB connect for real-time data integration between Splunk Enterprise and databases.
Analyzing in the forwarder level to mask customers' sensitive data and able to manage distributed search across a set of indexers.
Responsible for troubleshooting various indexing issues by analyzing Splunk logs such as splunkd.log and metrics.log ingested as internal index.
Extracted complex fields from different types of log files using Regular Expressions (Regex).
Administer various shell and Python scripts for monitoring and automation.
Configure the Syslog server for forwarding the logs to the Splunk server via network protocols like TCP and UDP.
Provides On-call support for various production applications.
Splunk Engineer and Systems Administrator with extensive years of experience in planning, analyzing, and testing systems, including implementing numerous web-based and client-server enterprise IT solutions, security solutions, and monitoring tools.
Splunk Engineer and Systems Administrator with extensive years of experience in planning, analyzing, and testing systems, including implementing numerous web-based and client-server enterprise IT solutions, security solutions, and monitoring tools.
Created internal Apps that are CIM-compliant with index-time field extractions using regular expressions, embedded apps, and Splunk Knowledge objects.
Configured and managed centralized Syslog servers, over 500+ universal forwarders, and scripted inputs, ingesting over 800GB of data daily.
Configured and supported Splunk multisite Clustering both On-prem and in the AWS cloud.
Created dashboards, reports, scheduled searches, alerts, and customized advanced dashboards using XML for visualization.
Created Knowledge Objects, Regex Statements, and Splunk instances.
Created Scripts to automate transferring data into AWS Glacier.
AWS Cloud Engineer – Johnson & Johnson March 2020 – Feb 2022.
Support Clients with issues by striving to resolve tickets efficiently and to the client's satisfaction and making sure I escalate complex issues to the appropriate team.
Carry-on patching and operations activities monthly for vulnerability remediation of servers for security and compliance.
Initiate Incremental backup and take snap shots of EBS volumes, send communication emails to users in preparation for patching activities.
Configure lifecycle rules on an S3 bucket to move data between S3 storage classes for easy accessibility, archiving, and cost optimization.
Created Ansible playbooks to automatically install packages from a repository, to change the configuration of remotely configured machines, and to deploy new builds
Enabling Cloud Trail log file validation so that any changes made to the log file itself after it has been delivered to the S3 bucket are trackable to ensure log file integrity
Used CloudWatch and CloudTrail for auditing, monitoring and login, utilizing OpenSearch, and Splunk as well for log insight.
Design, maintain and implement IAM systems to ensure security and efficiency.
I was able to leverage server procurement and configurations for migration from Rhel 7 to Rhel 8.
Update SSL certificates and retrieve data for users.
Create Splunk alerts/reports for AWS operational investigation.
Worked with SAS on tickets and configuration on user access.
AWS Cloud Security Engineer – Luxoft USA February 2018 – 2020
Design and define the Banking/Capital marketing business unit security framework. Manage and maintain the overall AWS/AZURE SaaS Platform Security Framework.
Working with CISCO for security pillar audit and assessment for level-2 Level-3 compliance auditing.
Help US banking clients with cloud security controls and security posture management in the Cloud.
Manage and maintain up-to-date Vulnerability management assessment with Tenable.io.
Manage and maintain EDR-XDR with CrowdStrike.
Working with the CTACT Team to define and design the SIEM solution for our SaaS platform.
Work and provision CloudFormation templates for firewall to secure the environment, and IPS/IDS rules for environment protection.
Update and maintain firewall rules and policies that suit the environment and company requirements inbound and outbound rules.
Provide WAF script to Block or allow URLs based on requirements for data security.
Carry on patching and operations activities monthly for vulnerability remediation of servers and take snapshots of EBS Volumes.
Helped with DNS record Changes, procuring and configuring servers based on requirements.
Infrastructure as Code (IaC): Develop, automate, and maintain networking configurations using IaC tools (e.g., Terraform, AWS CloudFormation) to streamline deployments, updates, and scaling of network resources
Lead the security team in the lead absence and the project was completed successfully.
Work in close collaboration with the DevOps team to complete urgent deployments.
Prepare documentation for reference and ensure the HIPPAA Rule is in place.
Used CloudWatch and CloudTrail for auditing, monitoring and login, utilize OpenSearch, Splunk, Zabbix etc., as well for logs insight.
Design and implement robust AWS networking solutions, including VPC configurations, subnets, routing tables, and NAT gateways to make sure the environment is efficient.
Reach out to customers and make sure they are satisfied in case they have any roadblocks, ensuring they needs are met.
AWS Cloud Engineer – Optive Security December 2015 to January 2018
Ensure security of data, network access, and backup systems.
Implemented IAM best practices in AWS including MFA access key rotation, role-based permissions, enforced strong policy, configured security groups and NACLs, S3 bucket policies and ACLs, etc.
Used system manager to automate operational tasks across AWS resources.
Designed CI/CD Pipeline using Jenkins and Code Pipeline connected to GitHub and build environments.
Designed for high availability and business continuity using self-healing architecture, fail-over routing policies, multi-AZ deployment of EC2 instances, ELB health checks, Auto scaling, and other disaster recovery models.
Managed provision of AWS infrastructure using Terraform, CloudFormation and Ansible.
Leverage EC2 Lifecycle Manager to create snapshots of EBS Volumes on schedule intervals for backup and define a retention period as a cost-saving measure.
Developed a Lambda function that monitors instances that did not compile with company standards.
Set up and configured log files for detail monitoring and alert notifications when changes are made.
Monitor end-to-end infrastructure using CloudWatch integrated with SNS for notifications, Splunk, and other tools like Zabbix.
Architect a secure infrastructure with a client VPN Endpoint to allow users to access resources in AWS.
Configure lifecycle rules on an S3 bucket to move data between S3 storage classes for easy accessibility, archiving, and cost optimization.
Set up and configure log files for detail monitoring and alert notification in Splunk.
Have been part of a team that migrated databases and servers from on-prem to the cloud using tools like AWS Migration Hub, AWS Server Migration Service, AWS Database Migration Service, and AWS Cloud Endure.
Enabling Cloud Trail log file validation so that any changes made to the log file itself after it has been delivered to the S3 bucket are trackable to ensure log file integrity.
Implemented IAM best practices and role-based access control.
Leverage the Splunk platform for log monitoring/analysis/troubleshooting.
Created Ansible playbooks to automatically install packages from a repository, to change the configuration of remotely configured machines, and to deploy new builds.
Create Splunk alerts/reports for AWS operational investigation.
In charge of security solutions, firewalls and WAF for security purposes, and come up with codes in that respect.
Linux System Admin
9 Solutions, Largo, Maryland February 2014 to November 2015
Create, administered, and maintained User Accounts with stipulated permissions, Group login IDs, security passwords etc. on Linux server platform.
Installation, configuration, maintenance, patching and upgrading of Operating Systems software and hardware.
Installed and configured LAMP STACK (Linux, Apache, MySQL, and PHP) for different applications.
Monitored Linux Servers through Log Management and performance tuning through Splunk and Nagios for production applications.
Worked with Red Hat Linux tools like RPM and YUM to install packages and patches for Red Hat Linux servers.
Developed and maintained configuration management solutions (Ansible) and writing Ansible Playbooks for automation.
Experience writing code in Bash scripts for automation.
Responsible for maintaining and reducing downtime of the local environments.
Monitoring system performance, backing up and restoring files, troubleshooting Linux Network and security-related issues.
Developing automated processes that run daily to check disk usage and perform cleanup of file systems using shell scripting.
Installed, managed, troubleshoot, and maintained DNS application server.
Installed, and maintained Red Hat Linux servers, and updated and patched Virtual Machines within the company.
Configured, administered, and maintained VMware ESXi including Virtual servers.
Education & Certifications:
BSc in History and Political Science, UB
Splunk Core Certified User
Splunk Core Certified Power User
Splunk Core Certified Administrator
CompTIA Security+ CE
Splunk Core Certified Architect in progress
AWS Solution Architect
AWS Professional.
Contact this candidate