Solution Architect Security Officer
Resume:
CHUKWUNONSO NWANKWO
*******************@*****.***
SUMMARY:
Passionate and innovative AWS Cloud Solution Architect with over four years of extensive experience in Architecting Cloud computing, System Administration, implementing high scalability, availability, and secured three-tier architecture design.
Experienced Information System Security Officer (ISSO) in Cybersecurity security, identity & access management, monitoring and event management, governance & compliance, application delivery, data protection, and image and patch management.
EDUCATION:
University of Maryland Global Campus Date: 2024
Master’s degree in Cloud Computing Services
Bellevue University Date: 2020
Bachelor’s Degree in CyberSecurity
Gateway Community College Date: 2017
Associates in Liberal Arts and Sciences
CERTIFICATIONS:
AWS Certified Solution Architect.
CompTIA Advanced Security Practitioner CE
CompTIA Security+ CE
SKILLS/COMPETENCIES:
Cloud Orchestration/Automation: AWS CloudFormation, Terraform, AWS Lambda, AWS Systems Manager, AWS SSM Parameter Store
AWS Security: AWS Security Hub, AWS Guard Duty, AWS Shield, AWS Firewall Manager, AWS Inspector, Web Application Firewall (WAF), AWS Trusted Advisor.
Monitoring & Event Management: AWS CloudWatch (Events & Logs), AWS SNS, AWS S3
Identity & Access Management: AWS Organization, AWS IAM, AWS AD Connector, Active Directory, AWS Workspaces, AWS Secrets Manager.
Governance & Compliance: AWS Config Rules, AWS Macie, AWS Organization, AWS Control Tower, SSO, OKTA, AWS Trusted Advisor, AWS Well Architected Tool, AWS Budgets, AWS License Manager.
Programming Languages: Bash, JSON, YML, Python
Data Protection: AWS Certificate Manager, AWS KMS, Snapshot Lifecyle Manager
Network: VPC, VGW, TGW, CGW, IGW, NGW
Image & Patch: AWS SSM Patch Manager, Ansible, AWS Golden AMI Pipeline
AWS Platform: AWS CloudFormation, AWS Lambda, Migration,AWS Systems Manager, Ansible, S3,
VPC, EC2, ELB,
AWS Migration: Phases (Assess, Mobilize,Migrate and Validate), Tools (CART,ADS, MGN, DMS)
OS: Microsoft Windows 7/8.1 and 10, Windows Server 2003, Linux, Android, Mac Os
Software: Microsoft Office Suite, Technology Service, Adobe
Cyber tools: Nmap, Wireshark,IDS, Nesus,etc
Policy: NIST SP 800-53 rev4, SP 800-37 rev2, FIPS-199, FIPS-200, ISO 27001/27002,
PCI/DSS, COBIT, ITIL,HITRUST, HIPPA.
EXPERIENCE:
Capgemini Government Solution
Aws Cloud Consultant “Solution Architect” 01/2018 - Till Date
Collaborate with enterprise architecture, information security, applications, and infrastructure teams. Support and contribute to evaluating, designing, and analyzing enterprise-wide solutions to translate business and technical requirements into an architectural blueprint to achieve business objectives.
Designed an environment for high availability and business continuity using self-healing-based architectures, fail-over routing policies, multi-AZ deployment of EC2 instances, ELB health checks, Auto Scaling, and other disaster recovery models.
Implemented AWS Systems Manager management service capabilities to automatically collect software inventory, apply OS patches, and automate administration tasks and complex workflows across our environments.
Designed secured, cost-optimized, highly available, and fault-tolerant 3-tier scalable architecture in AWS
Leveraged different design principles for security in the cloud and implemented various AWS services to improve our security posture for Authentication, Authorization, Monitoring, Auditing, Encryption, and Data path security.
Implemented security best practices in AWS, including multi-factor authentication, access key rotation, role-based permissions, enforced firm password policy, configured security groups and NACLs, S3 bucket policies, and ACLs.
Leveraged EC2 Lifecycle Manager to create snapshots of EBS Volumes on scheduled intervals for backup and define a retention period as a cost-saving measure.
Configured CloudWatch alarm rules for operational and performance metrics for our AWS resources and applications.
Configured S3 events to automate communication between S3 and other AWS services.
Designed highly available infrastructure using Elastic load balancer and auto-scaling for Web servers which Scale-in and Scale-out automatically; also isolated environment by having security groups and NACL across subnets for EC2 instances.
Optimized cost through reserved instances, selecting and changing EC2 instance types based on resource need, S3 storage classes, and S3 lifecycle policies, leveraging Autoscaling, etc.
Leveraged EC2 Create Snapshot API call to create snapshots of EBS Volumes on scheduled intervals.
Configured CloudWatch alarm rules for operational and performance metrics for our AWS resources and applications. Setup and configured logs files for detail monitoring and alerts notification when changes are made.
Monitoring from the end-to-end view of runtime systems CPU, bandwidth, disk space, and log files.
Perform security setup, networking, system backup, and patching for AWS and on-premise environments. Architect high availability environment with auto-scaling & Elastic Load Balancer.
Securely deploy MySQL Primary DB and its read replica in a private subnet with multi-AZ for disaster recovery and best practice.
Implemented AWS Config in my environment as a compliant tool to auto-remediate non-compliant configuration in the S3 bucket and EC2 using a system manager automation document.
Provisioned Aws Macie, which applies machine learning and pattern matching techniques to the buckets to identify sensitive data, such as personally identifiable information (PII), which was integrated into Event Bridge(CloudWatch) for auto-remediation.
Provisioned infrastructure as a code using Terraform by utilizing Vscode. Made my code reusable incase we need to make some changes.
Provided support in managing Iaas, Saas, and Paas in the AWS cloud platform.
Used Ansible in configuring my client’s environment by developing an Ansible playbook.
Metro App Consulting LLC New Haven, CT
Information Assurance Analyst, 10/2017 to 01/2018
Responsible for implementing and enforcing an Information Assurance (IA) program at the Program Manager O-5 level.
Assisted subordinate IAMs in creating RMF artifacts and Plans of Actions and Milestones (POA&Ms).
Ensured POA&M mitigations and timelines were adhered to and documented any changes.
Validated system requirements, security policies and procedures, contingency plans, incident response plans, personnel security, access control mechanisms, and identification and authentication mechanisms.
Ensured the implemented security safeguards were adequate to assure the integrity, availability, and confidentiality of the information being processed, transmitted, or stored consistent with that information’s sensitivity level.
Ensured system POA&M mitigations and timelines were adhered to and documented all changes.
Worked with a team of ISSOs to complete several packets to receive an ATO
Worked on documentation, artifacts, and policies needed to ensure compliance
Categorized the system using FIPS 199 evaluating systems utilizing high, moderate or low in the areas of the CIA triad (Confidentiality, Integrity, Availability) of information.
Identified applicable security controls and selected enhancements needed to heighten security
Implemented appropriate security controls based on NIST Special Publication 800-53 rev 4, FIPS 200, NIST 800-60, and FIPS 199.
Conducted meetings to discuss vulnerabilities and potential remediation actions with system and application owners.
Coordinated and supported risk assessments and ensured corrective action on any identified security exposures
Identified vulnerability scans and worked towards remediation within defined time frames
Educated employees and managers on current threats and vulnerabilities
Developed Security Assessment Report (SAR) detailing the assessment results and Plan of Action and Milestones (POA&M).
Develop detailed security design documentation for component and interface specifications to support system design and development.
Tracked the accreditation process within the RMF.
Evaluated, monitored, and report performance against plans to ensure that the guidelines met appropriate procedures and policies.
Participated in meetings with the IT Division team to gather evidence
Review and ensure there was a Privacy Impact Assessment (PIA) document after a positive PTA was created
Assisted in developing and reviewing remediation plans or POA&M for each area of testing using Nessus
Reviewed documents such as ISA/MOU, SAR (Security Assessment Report), SAP (Security Assessment Plan), Scans, SSP (System Security Plan)
Ensured integrity and confidentiality of sensitive data.
Completed the requirements to assist system owners in achieving ATOs.
Assisted in the tracking of unresolved cases to ensure their successful completion of escalation to the appropriate individuals or organizations based on established guidelines and procedures.
Assisted in the process of improving internal procedures and client deliverables.
Follow up with other team members consistently, proactively, and professionally to obtain requirements, resolve issues, coordinate multiple tasks for individual clients, and take all necessary actions to expedite the process to completion.
Researching and addressing information security issues as required to complete RMF packets
Creating and updating RMF documentation, i.e., System Security Plans (SSP), contingency plans, control family policies, etc., as needed
Developing a Risk Assessment plan and completing the risk assessment tab as needed in emass.
Drafting, reviewing, and updating the Plans of Action and Milestones (POAM)to address non-compliant items and develop mitigation strategies.
Creating and evaluating policies as needed to answer to security control requirements.
Working with other ISSMs/ISSEs to provide updated security scans to address controls requiring stig checks
Gateway Community College, New Haven, CT
Help Desk Technician, 09/2015 to 09/2016
Assisted Staff, Faculty, and students in password reset and unlocking their accounts from AD and AD Azure console
Installed new ink toner or cartridges in the college printers as well as simple troubleshooting
Provided Supported iPhones/iPads, set up VPN, and migrated data.
Navigated through Knowledge Base/Active Directory quickly and efficiently.
Created and assigned escalated problem tickets to the appropriate technical group using the ServiceNow ticketing system.
Supported wireless configuration & connectivity for guests, staff, faculty, and Students.
Receive incoming phone calls to troubleshoot and resolve network/software-related issues supporting
Experience with Microsoft Windows 7 and Windows 10, installation, configuring, and support & troubleshooting both in student computers and college computers
Remained productive during slow times, able to multitask effectively during busy times, exercise patience and professionalism during stressful situations
Performed several computer imaging, adding users to the correct domain and mapping out a printer
Set up workstations and laptops for new employees as well as their onboarding process
Equipment Maintenance, Troubleshooting
Familiar with McAfee endpoint security, app control, solidification, BitLocker, and compliance updates.
Event Set-ups and assisting the event planner
Faculty Training and Assistance
Researching products and testing newly implemented technology
Supervising student workers and Lab Assistants.
Video Editing, Echo360, H6 Zoom Recorder, Smart products (Smart Tv, SmartBoard), MsTeams, WebEx, Zoom Training and Set up/Skye
Editing and uploading files in Digital Signage (Visix Software).
Hardware troubleshooting and repairs (Amx and Bss Sound Web London)
Live streaming device (Mantis Encoder)
Public Address System (PA)
Handled A/V Setups (laptops and projectors) in conference rooms
Word, Excel, PowerPoint, Webex, MS Teams, Zoom
Contact this candidate