Cloud Security Engineer

Oluwafemi Alabi Okunlola

United States

+1-832-***-**** ********************@*****.***

Professional Summary:

A highly motivated engineer with expertise in Cloud Security and infrastructure, complemented by strong DevOps skills. Thrives in fast-paced, ever-evolving tech environments, embracing a proactive, self-driven approach. Possesses a diverse skill set, including deep technical knowledge, effective communication, and the ability to design and deliver structured educational and training programs.

Cloud: AWS

DevOps: Automating AWS cloud deployments, IAC with Terraform and CI/CD with GitHub Actions.

Security: AWS best practices for security, identity, and compliance, Prisma Cloud and CrowdStrike, Scanning & Monitoring, Infrastructure security, Network security and IAM.

Languages: Python

Education

●Lamar University, Texas: M.Sc. in Management Information Systems (2024)

●Ladoke Akintola University of Technology, Nigeria: B.Tech. (2018)

Certifications:

AWS Security Specialty

AWS Cloud Practitioner

Cloud Security Engineer

DoiT June 2022 - Present.

●Automated cloud resource deployment using Terraform and CloudFormation, creating reusable Terraform modules for streamlined, cross-team deployments.

●Designed and configured IAM policies, encryption mechanisms, and access control lists to ensure the integrity and confidentiality of sensitive data across cloud environments.

●Developed and maintained automated CI/CD pipelines using GitHub Actions, integrating security scans to identify vulnerabilities and ensure secure code deployments.

●Implemented GitHub OpenID Connect to securely request AWS tokens during workflow execution, enhancing security in deployment pipelines.

●Configured and managed cloud security monitoring tools including AWS CloudWatch, CloudTrail, Guard Duty, AWS Config, AWS Security Hub, and AWS Macie to detect and mitigate security threats.

●Leveraged compliance frameworks (NIST 800-53, CIS Benchmarks) to enforce security policies, ensuring operational and regulatory compliance across cloud environments.

●Guided cross-functional teams in integrating security practices into their infrastructure as code solutions, using automated security scanning tools like KICS and Regula.

●Managed access control for users, roles, and services in AWS and Azure, ensuring compliance with least privilege principles.

●Implemented data protection using AWS KMS for data at rest encryption and TLS for secure data transmission, ensuring data integrity and confidentiality.

●Provided guidance and support to ITOps teams to deliver CIS-compliant AWS accounts and help secure cloud environments for product teams.

Cloud Security Engineer

Zoom April 2019 – May 2022.

●Ensure adherence to industry security standards like PSN, ISO27001, and PCI-DSS, safeguarding cloud environments with robust compliance measures.

●Enforce DevSecOps best practices by assessing BitBucket pull requests, ensuring secure, efficient code quality in collaboration with cloud engineers.

●Design and implement comprehensive Cloud Security frameworks with automation tools like AWS Lambda, Bash, and Python, protecting new technology solutions.

●Monitor AWS environments using CloudTrail, Guard Duty, and CloudWatch to mitigate risks and ensure compliance while integrating AWS Security Hub for centralized monitoring.

●Streamline infrastructure provisioning with reusable Terraform scripts and optimize CI/CD pipelines using SRE practices, ensuring secure deployments and enhanced performance.

●Perform system hardening and refine access controls across various platforms, including Linux, Windows, and macOS, ensuring systems are secure, compliant, and protected against unauthorized access.

Cloud Engineer

Techdavez Integrated Systems. Feb 2018 – March 2019.

●Architected and managed scalable cloud infrastructure solutions on AWS, utilizing services such as EC2, S3, ELB, ASG, EBS, RDS, IAM, CloudFormation, and CloudWatch.

●Designed and implemented resilient VPC architectures with public and private subnets, distributed across multiple Availability Zones to ensure high availability and fault tolerance.

●Configured secure cloud environments using security groups, network ACLs, internet gateways, and route tables to enforce network security and optimize traffic management.

●Automated infrastructure provisioning and application deployment using Terraform, Ansible, and Chef, enabling consistent and efficient cloud management.

●Led migration projects to transition on-premises core applications to AWS, optimizing performance and reducing costs by leveraging AWS VPC, ELB, and Auto Scaling.

●Configured S3 buckets with lifecycle policies to optimize data storage costs and ensure efficient management of infrequent access data.

●Managed IAM roles and permissions for teams, creating secure access policies and streamlining workflows with Code Pipeline and CloudFormation templates.

●Built and maintained real-time monitoring dashboards in Datadog, tracking system performance and setting up automated alerts to ensure operational efficiency.

●Established and managed Kubernetes clusters, ensuring the proper installation of kube-proxy, container runtimes, and kubectl, while managing containerized applications via Helm charts.

●Configured and managed NAT Gateways and instances to enable secure internet access for instances within private subnet

Contact this candidate