Cloud Security Information
Resume:
Feras Abedeljaber
Cleveland, OH 216-***-**** *********@*****.***
SUMMARY
Experienced Cloud Security Specialist with over 10 years of information security, risk management, and cloud architecture expertise. Specializing in the Banking and Government sectors, I have a deep understanding of securing AWS, Azure, and hybrid environments. Proficient in implementing security frameworks, managing identity and access controls, and ensuring regulatory compliance. Strong background in identifying and remediating vulnerabilities, handling Prisma Cloud alerts, and collaborating with cross-functional teams to design automated security solutions. Dedicated to applying industry best practices to mitigate risks and protect critical assets.
KEY SKILLS
Cloud Security: AWS (IAM, EC2, Kubernetes), Azure
Identity & Access Management (IAM): AWS IAM, Azure Active Directory
Infrastructure as Code (IaC): Terraform, Google Cloud Deployment Manager
Threat Detection & Incident Response: AWS Security Hub, SIEM
Automation & Scripting: Python, Bash, PowerShell
Network Security & Architecture: Firewalls, Network Traffic Analysis
Regulatory Compliance: NIST, ISO, FedRAMP, FFIEC
Data Analytics & Reporting: Tableau, SQL, C#, Power BI
PROFESSIONAL EXPERIENCE
Cleveland Metro Schools – Cleveland, OH
IAM Administrator
September 2024 – Present
Manage identity and access systems to ensure role-appropriate access to CMSD resources for all users.
Conduct comprehensive reviews of client environments, including tenant configurations, hardening, identity governance, MFA, SSO, and IDP migrations. Provide recommendations for security improvements based on best practices.
Respond to IAM-related security incidents, investigate breaches, and mitigate risks. Troubleshoot IAM issues such as access denials, password resets, and authentication failures.
Develop and enforce IAM policies and controls to ensure compliance with security and regulatory requirements. Conduct access control audits, monitor user activity, and provide documentation for security audits.
Assist in configuring security and compliance reports for AD/Entra ID platforms.
Oversee the user account lifecycle management, including creation, modification, and deactivation of accounts. Implement RBAC models and MFA solutions to secure role-based access to organizational resources.
Support proof of concept, deployment, and production environments for Entra ID and Active Directory (AD). Troubleshoot service-related issues and collaborate with Microsoft to resolve complex problems.
Assist clients with configuring advanced threat protection solutions, including Microsoft Defender for Identity.
Conduct health checks and cleanup of Active Directory and Entra ID infrastructures. Perform security assessments such as ESAE implementations, privileged group management, and AD domain controller health monitoring.
Assess DNS, DHCP, Group Policy, and other AD services to ensure optimal functionality and security.
Design and implement scalable AD and Entra ID solutions, including domain consolidations, migrations, and upgrades.
Led architecture efforts for transitioning clients to Microsoft Entra ID services.
Key Responsibilities:
User Account Lifecycle Management: Manage the creation, modification, and deactivation of user accounts according to district security policies and compliance standards.
Role-Based Access Control (RBAC): Design and implement RBAC frameworks to enforce secure, role-based access to systems.
Multi-Factor Authentication (MFA): Develop and maintain MFA solutions to enhance security for staff and students across district systems.
Security Audits & Compliance: Perform regular audits of access controls and user activity to ensure compliance with internal policies and external regulations.
Troubleshooted IAM Issues: Provided technical support for IAM-related problems, including password resets, access denials, and user authentication issues.
Cross-functional collaboration: Work closely with IT and security teams to establish and implement best practices for user access management.
IAM Policy Development: Assist in developing and enforcing IAM policies that balance security with operational efficiency.
Documentation & Reporting: Maintain comprehensive IAM documentation, including access rights, troubleshooting procedures, and security audits.
User Training: Train CMSD staff on IAM best practices, security policies, and access management tools.
Incident Response: Respond to IAM-related security incidents, investigate breaches, and collaborate with security teams to mitigate risks.
Third-Party Application Integration: Integrate external applications into CMSD’s IAM framework to ensure seamless access management across all platforms.
Freelance Threat Intelligence Analyst
Self-employed — July 2024 – September 2024
Location: Remote
Developed automated Python scripts for gathering, analyzing, and reporting security data from various sources, including threat feeds and network logs.
Utilized Python libraries (e.g., Pandas, NumPy, Requests) to process and clean large datasets, improving threat detection efficiency.
Created custom parsers and analysis tools to identify potential security threats such as malware, phishing attempts, and data breaches, resulting in a 30% reduction in false-positive alerts.
WWC Global, A Pequot Company (Homeland Security) — Washington, DC
Cybersecurity SME / Cloud Security / Technology Risk
January 2023 – March 2024
Spearheaded global cybersecurity initiatives to secure cloud and on-premise infrastructure, ensuring compliance with industry standards (FedRAMP, NIST, HIPAA), reducing risk exposure by 40%.
Developed and implemented user awareness training programs, educating employees on data protection principles, reducing human error-based security incidents by 25%.
Optimized Data Loss Prevention (DLP) strategies, fine-tuning technologies and policies to balance security and business needs, minimizing false positives while ensuring compliance with GDPR and HIPAA.
Managed governance, risk, and compliance (GRC) processes, aligning IT systems with regulatory frameworks (ISO 27001, PCI DSS), resulting in successful audits and certifications.
Directed cloud security initiatives in AWS environments, implementing best practices (AWS Shield, Guard Duty, WAF), leading to a 50% reduction in potential security threats.
Led the design and automation of security workflows using SOAR platforms, improving incident response efficiency and reducing manual intervention by 40%.
Advised senior leadership and cross-functional teams on risk management strategies, ensuring alignment of security programs with organizational goals, and securing critical infrastructure.
Led the design and implementation of Power BI reporting solutions, enabling cross-functional teams to make data-driven decisions and reducing reporting time by 40%, increasing operational efficiency.
Managed cloud infrastructure, overseeing user support, identity management, access control, and policy enforcement to ensure smooth operations and security compliance.
Provided support to developers, ensuring adherence to best practices in managing cloud systems and access control.
Handled user access, verified identities, and managed role-based permissions in cloud environments, strengthening security measures.
Ally Bank (US Tech Solutions) — Remote, North Carolina
Sr. Cybersecurity Engineer / Cloud & Sr. Auditor
March 2020 – January 2023
Enterprise Architecture in Banking: Led large-scale Enterprise Architecture (EA) initiatives within the banking sector, ensuring compliance with regulatory frameworks (Dodd-Frank, Basel III, AML). Optimized business operations and reduced risk by integrating financial services, compliance, and operational functions across departments.
EA Component Integration: Proficient in integrating core banking systems, CRM, payment processing, and data governance tools, aligning them with business processes to improve operational efficiency and customer experience.
Non-Technical EA Components: Collaborated with senior executives and regulatory bodies to align IT systems with business objectives, ensuring compliance with industry standards and supporting business growth.
Cross-Functional Collaboration: Worked with IT, operations, compliance, risk management, and business teams to deploy and optimize EA systems, improving scalability, security, and efficiency.
Regulatory Banking Environments: Navigated complex regulatory environments, ensuring compliance with SOX, GDPR, PCI-DSS, and other financial regulations. Led efforts to streamline processes while maintaining performance and data privacy.
Cloud Architecture & Security: Designed and deployed scalable, secure AWS cloud architectures (EC2, S3, RDS, VPC) for enterprise clients, improving operational efficiency by 25%. Managed AWS migration strategies ensuring 99.99% uptime and regulatory compliance.
Infrastructure-as-Code (IaC): Led cross-functional teams in developing IaC solutions using AWS CloudFormation and Terraform, reducing deployment times by 40% and ensuring repeatability in cloud environments.
Data Loss Prevention (DLP): Optimized DLP policies and integrated tools across cloud services, networks, and endpoints, ensuring the protection of sensitive data (PII, financial data) and compliance with GDPR and HIPAA.
Cloud Security Strategy: Architected and implemented cloud security strategies, optimizing VPC design, IAM roles, and security groups to safeguard AWS environments.
Security Tools Integration: Integrated FireEye and Trellis security tools into the SOC architecture, enhancing automated threat detection, reducing manual investigation by 15%, and improving incident response times.
SOAR Automation: Designed and implemented automated SOAR workflows, reducing manual intervention by 40% and streamlining incident response operations.
Risk Reporting: Developed risk dashboards and real-time security metrics using Splunk, improving decision-making and enhancing security posture across the organization.
Cybersecurity Audits & Compliance: Led cybersecurity audits to ensure adherence to NIST, PCI DSS, and ISO/IEC standards, successfully guiding teams through external audits and closing security gaps.
DevOps Security Integration: Collaborated with DevOps, risk management, and compliance teams to embed security into CI/CD pipelines, ensuring secure code deployment and reducing production vulnerabilities.
Vulnerability & Penetration Testing: Led vulnerability assessments and penetration testing, identifying critical security gaps and providing actionable recommendations, resulting in a 25% reduction in security incidents.
Cloud System Security: Conducted security reviews of cloud systems, assessing vulnerabilities to ensure compliance with security regulations. Utilized sandbox environments to proactively identify and mitigate threats.
PKI & Secure Communications: Administered PKI solutions, including certificate authorities (CAs), SSL/TLS certificates, and encryption protocols, ensuring secure communications and data integrity.
PKI Troubleshooting & Support: Resolved PKI-related issues such as certificate errors and trust chain validation problems, maintained business continuity, and ensured secure communications.
Training & Awareness: Provided PKI-related training and support to staff, increasing organizational awareness of security protocols and best practices.
Disney (Randstad) — Anaheim, California
Sr. Security Specialist (Part-Time)
October 2020 – September 2021
Security Awareness & Training: Led security awareness and training programs for SOC analysts and security teams, increasing response readiness by 30% and reducing incident response times by 20% through better understanding of emerging threats and security tools.
Executive Dashboards: Designed and implemented interactive Tableau dashboards to provide executive leadership with real-time visibility into key security metrics, trends, and incident response performance, driving data-driven decision-making across the organization.
Vulnerability Management: Spearheaded the vulnerability management lifecycle using Nessus, Qualys, and Nmap for proactive security assessments, identifying and mitigating over 50 critical vulnerabilities across network and cloud infrastructure.
Cloud Security Integration: Integrated AWS Security Hub across multiple AWS accounts, centralizing security monitoring and enhancing compliance with industry standards, resulting in a 25% reduction in security incidents.
Privacy & Security Controls: Advised engineering teams on privacy and security controls, ensuring secure software design and fostering a culture of security-first practices in application development.
Project Management: Streamlined project management processes using Jira, managing security-related tasks and ensuring timely completion of key initiatives, leading to a 15% improvement in project delivery efficiency.
Code Reviews & Security Best Practices: Conducted code reviews and provided actionable feedback to ensure adherence to security best practices, contributing to a 20% reduction in software vulnerabilities during development.
SIEM Implementation: Led the implementation of the Splunk SIEM platform to centralize security monitoring, enhance threat detection, and reduce incident response times by 30%, providing real-time analytics and actionable insights.
Data-Driven Insights: Developed interactive Tableau dashboards that offered real-time insights into security operations, improving decision-making speed by 25% and enabling cross-functional teams to respond faster to emerging threats.
Huntington National Bank — Akron, Ohio
Sr. Data and Network Security
January 2019 – January 2021
Data Loss Prevention (DLP): Developed and implemented comprehensive DLP strategies, securing sensitive data across multiple platforms and reducing the risk of data breaches by 30% through proactive policy enforcement and advanced monitoring techniques.
Network Security Leadership: Led network security initiatives, leveraging deep knowledge of TCP/IP and networking protocols to identify and resolve critical vulnerabilities, resulting in a 20% decrease in network-related security incidents.
Enterprise Architecture (EA): Directed the development and execution of EA strategies for large-scale, multi-agency initiatives, ensuring seamless integration of IT systems, regulatory compliance, and efficient service delivery models.
Collaboration with Government Agencies: Worked closely with government agencies and external partners to align EA frameworks with public sector regulations, operational needs, and policy frameworks.
Cross-Functional Team Leadership: Spearheaded cross-functional teams, unifying disparate business units and technology silos into a cohesive and efficient architecture, improving coordination and service delivery.
Governance Models Implementation: Drove the implementation of governance models to promote consistent standards across multiple agencies, enhancing transparency and decision-making processes.
PowerShell Scripting: Utilized PowerShell scripting to automate tasks and manage infrastructure, boosting operational efficiency and security.
Custom Security Tools: Developed custom security tools using scripting languages to enhance vulnerability detection and resolution, improving overall system security.
IT Infrastructure Integration: Orchestrated the integration of IT infrastructure across multiple departments, improving data interoperability and system coherence, leading to streamlined processes and enhanced service delivery.
Business Process Optimization: Designed and implemented business process frameworks to bridge gaps between organizational functions and IT systems, aligning enterprise goals with operational execution.
Data Flow Optimization: Played a central role in optimizing data flows, enabling faster decision-making processes by creating efficient channels for data exchange between agencies, reducing redundancy and improving data accuracy.
Shared Service Models: Guided the implementation of shared service models, reducing costs and enhancing scalability by centralizing operations across multiple departments.
Threat Detection & Network Monitoring: Optimized threat detection and network monitoring using Azure Sentinel, improving real-time threat identification, investigation, and response, resulting in a 25% improvement in incident response times.
Palo Alto Networks NGFW: Deployed and configured Palo Alto Networks Next-Generation Firewalls (NGFWs) to strengthen network segmentation, improve perimeter defenses, and reduce unauthorized access attempts by 40%.
Security Incident Management: Led security incident management, conducting root cause analysis and implementing corrective actions that mitigated recurring vulnerabilities, enhancing system integrity and uptime.
Automated Incident Handling: Automated incident handling using Azure Sentinel, improving alert accuracy and reducing manual investigation efforts by 30% through detection rules and playbooks.
Security Audits & Vulnerability Assessments: Conducted comprehensive security audits and vulnerability assessments, identifying and remediating critical risks across network infrastructure, leading to a 15% improvement in the overall security posture.
Akamai Configuration: Installed and configured Akamai security tools to enhance web application security and improve traffic filtering, reducing exposure to online threats.
PNC Bank — Cleveland, Ohio
First Line (Retail) Technology Risk Management - Application Engineer Risk Specialist
January 2015 – January 2019
Application Security Leadership: Led application security initiatives, collaborating with development teams to remediate vulnerabilities, implement secure coding practices, and enhance code security. Reduced high-risk vulnerabilities by 30% through focused remediation efforts.
Interactive Reporting & Analytics: Developed and optimized interactive reporting tools using Tableau and Excel, enabling stakeholders to track and analyze key security metrics. This improved decision-making speed by 20% and drove operational efficiency across the organization.
Vulnerability Management: Monitored security vulnerabilities using SAST and DAST tools, ensuring the timely remediation of critical application risks. Reduced the average time to fix vulnerabilities by 25% through effective tracking and prioritization.
Risk Assessment & Control Reviews: Conducted comprehensive risk assessments and control reviews on application controls, identifying gaps and recommending improvements that led to a 15% reduction in overall risk exposure.
Security Training & Best Practices: Designed and delivered security training programs focusing on secure coding practices, SAML integration, and OAuth 2.0 workflows. Increased developer adherence to security best practices by 40%, fostering a more secure coding environment.
Performance Optimization: Optimized data structures (arrays, linked lists, hash tables) to improve application performance, achieving a 40% improvement in processing efficiency and scalability of critical applications.
Automation & Compliance: Automated reporting and change management processes in ServiceNow, reducing manual processing time by 25% while ensuring alignment with compliance requirements and organizational policies.
IAM Policy Enhancement: Enhanced IAM policies across AWS environments, ensuring strict adherence to the principle of least privilege. Reduced access-related risks by 25% through regular policy reviews and enforcement.
Cross-Functional Collaboration: Collaborated with cross-functional teams to analyze security test results, identify control gaps, and provide actionable recommendations. This led to a 20% improvement in risk management and compliance adherence across the organization.
Federal Reserve of Cleveland — Cleveland, Ohio
Analyst and Developer
June 2014 – January 2015
Data Analysis & Reporting: Led data analysis and reporting efforts using SQL, Excel, and Python to identify trends, anomalies, and actionable insights. Influenced strategic decisions, improving operational efficiency by 20%.
KPI Reporting: Spearheaded the development and delivery of comprehensive KPI reports to senior management. Provided weekly presentations with data-driven insights, directly influencing business strategies and enhancing decision-making processes across the organization.
Risk Assessment & Cybersecurity: Led risk assessments and gap analysis for cybersecurity vulnerabilities, ensuring compliance with regulatory frameworks such as NIST and FedRAMP. Reduced potential vulnerabilities by 15% by implementing necessary security measures.
Web Application Development: Engineered and deployed scalable web applications using Python, JavaScript, and React. Improved system performance by 25%, enhancing user experience and application responsiveness.
API Design & Optimization: Designed and implemented high-performance APIs to streamline communication between front-end and back-end systems. Optimized data flow and increased application efficiency by 30%.
Task Automation: Automated routine tasks using Python and PowerShell scripting, reducing manual workload by 30%. Enabled the team to focus on more strategic projects, significantly increasing overall operational efficiency.
Cuyahoga County — Cleveland, Ohio
Analyst and Developer
June 2009 – June 2014
Firewall Implementation & Configuration: Led the implementation and configuration of firewalls across county-wide networks, ensuring compliance with local, state, and federal cybersecurity regulations. Significantly reduced the risk of unauthorized access and enhanced network security.
Intrusion Detection Systems (IDS): Managed and monitored IDS to detect and prevent potential security breaches, providing 24/7 oversight and reinforcing data protection across sensitive county infrastructure.
Application Development (C#): Developed and deployed scalable C# applications, achieving a 40% improvement in application performance, enhancing system reliability, and improving user satisfaction across multiple departments.
Backend Systems Engineering: Engineered and maintained backend systems using ASP.NET Core, ensuring stability and scalability for high-traffic applications. Optimized performance, supporting critical county operations with minimal downtime.
Security & Vulnerability Management: Collaborated with cross-functional teams to identify and address security vulnerabilities, proactively implementing solutions aligned with organizational goals. Resulted in a 25% reduction in security incidents.
EDUCATION
Master of Business Administration
Concentration in Information Systems
Cleveland State University — Cleveland, Ohio
Bachelor of Arts & Science
Major: Political Science Minor: Computer Science
Cleveland State University — Cleveland, Ohio
CERTIFICATIONS
RH124 – Red Hat System Administration
NIST & ISO – Standards and Frameworks
Security+ Prep Course (SYO-601)
TOGAF – The Open Group Architecture Framework
ITIL V3 2011 – Information Technology Infrastructure Library
CISSP – Certified Information Systems Security Professional (in progress)
AWS Certified Practitioner
Contact this candidate