Cloud Security Engineer - Detection & Automation Expert
Resume:
Huy Ngo
Cloud Security Engineer Detection Engineering AWS & Azure CISSP
Cloud Security Engineer with progressive experience from SOC operations to cloud security engineering, specializing in designing cloud architectures, developing threat detection systems, and streamlining security workflows through automation. Skilled in AWS and Azure security services, detection engineering, and policy-as-code implementation. *************@*****.*** 669-***-**** linkedin.com/in/huydinhngo github.com/HN168 WORK EXPERIENCE
Cloud Security Specialist
Guild - InfoSec Operations
05/2024 - 08/2025,
Designed and implemented threat detection workflows using GuardDuty, CloudWatch, and CloudTrail to identify security events across AWS infrastructure.
Tuned detection rules and SIEM alerts, reducing false positive rate by 25% through systematic analysis and optimization. Built IAM guardrails & Service Control Policies enforcing least-privilege access, MFA requirements & zero-trust principles. Automated security workflows with Python, Lambda & CloudFormation to accelerate incident response & remediation. Integrated Wiz CNAPP with Jira for automated misconfiguration detection & remediation across EC2, IAM, S3 resources. Designed vulnerability management program using InsightVM and Security Hub, identifying and remediating critical vulnerabilities including XSS, injection flaws, and API security weaknesses. Cloud Security Analyst
CommonSpirit Health - Cyber Vigilance & Defense
01/2022 - 05/2024,
Built security controls for cloud infrastructure using IAM policies, network segmentation, and encryption. Mapped threat detections to MITRE ATT&CK framework, identifying coverage gaps & implementing new detection rules. Maintained PCI DSS, HIPAA, and GDPR compliance through security assessments and control validation. Cybersecurity Analyst
CommonSpirit Health - Cyber Defense Center
06/2020 - 01/2022,
Investigated and responded to security incidents including phishing campaigns and insider threat activity. Deployed and tuned CrowdStrike Falcon across endpoint fleet to improve detection coverage. Information Technology Specialist
Selection Realty & Mortgage Lending LLC
01/2020 - 06/2020,
Supported IT operations with a focus on security risk management and infrastructure protection. TECHNICAL SKILLS
AWS GuardDuty - Security Hub - CloudTrail
- CloudWatch - Config - IAM - SCPs -
Inspector - Lambda - Multi-account
architecture
Azure Sentinel - Defender for Cloud - Azure
Policy - Azure Monitor - Entra ID - Key
Vault - Network Security Groups
Page 2 of 2
TECHNICAL SKILLS
Security
Automation
Python - CloudFormation - Policy-as-
Code - CI/CD security integration
Cloud
Architecture
Zero-trust implementation - Secure
design - Network segmentation
Detection &
Threat hunting
Detection-as-Code - MITRE ATT&CK
mapping - Log correlation
Application
Security
OWASP Top 10 - API security
(AuthN/AuthZ) - Container &
Kubernetes (EKS, ECS, Docker)
Vulnerability
Management
InsightVM - Snyk - Prowler -
CloudFormation Guard - Wiz CNAPP
Compliance &
Governance
PCI DSS - HIPAA - GDPR - SOC 2 - ISO
27001 - CIS Benchmarks - NIST CSF
EDUCATION
Master of Science - Information Security Engineering (MSISE) SANS Technology Institute
Graduate Certificate - Cloud Security
Bachelor of Science in Cybersecurity
Purdue University Global
CERTIFICATES
AWS (SAA) - Solutions Architect Associate (ISC)2 - CISSP GCTD - Cloud Security Threat & Detection GCSA - CloudSec & DevSecOps Automation GWEB - Web Application Defender GPCS - Public Cloud Security GCIH - Certified Incident Handler GCIA - Certified Intrusion Analyst GSOC - Security Operations Certified GCLD - Cloud Security Essentials
Contact this candidate