Post Job Free
Sign in

Cloud Security Engineer with AWS & SIEM Expertise

Location:
Forney, TX
Posted:
February 02, 2026

Contact this candidate

Resume:

CELESTINE FON

TEXAS- WILLING TO RELOCATE 313-***-**** *********@*****.***

Professional Summary

I have a strong technical background in RedHat Linux, VMware, Oracle Enterprise Linux/UNIX, and Windows environments, with expertise in installation, configuration, backup recovery, and security policy implementation. In AWS Cloud Services, I specialize in designing highly scalable, fault-tolerant architectures while ensuring robust security controls. My expertise spans Cloud Security, DevSecOps integration, and risk management frameworks, leveraging AWS tools such as CloudTrail, Guard Duty, Lambda, AWS Config, and Inspector. Additionally, I have hands-on experience with open-source SIEM and monitoring tools like Splunk, Nagios, and Datadog. My work extends across various AWS services, including CloudFormation, AMIs, EC2, S3, RDS, VPC, and more, enabling me to build and maintain secure, resilient cloud environments. Work History

PINE GATE RENEWABLES

CLOUD SECURITY ENGINEER– North Carolina 01/2022 – Present

• Implemented role-based access control (RBAC) using AWS IAM, configured strong password policies, IAM audits, implemented multi-factor authentication (MFA) across user accounts using Okta and Azure AD, improving authentication security and compliance

• Designed, implemented, and ran security solutions to detect security incidents; vulnerabilities and misconfigurations at various layers of cloud infrastructure (virtual machines; containers; network, cloud environment).

• Designed and implemented a centralized logging and monitoring solution using AWS CloudTrail, CloudWatch, and Splunk, enhancing visibility into cloud operations and reducing incident detection through real-time monitoring and alerting.

• Enhanced network security using Palo Alto Prisma, Check Point Cloud Guard, Cisco Umbrella, and VPN/SD-WAN solutions, ensuring strong protection against threats and secure connectivity.

• Proactively identified threats and automated responses to security incidents by leveraging tools such as AWS Guard Duty, Macie, and Detective, Azure Security Center, and Google Security Command Center, integrated with SIEM solutions like Splunk and IBM QRadar. Enhanced incident management using PagerDuty and Opsgenie, reducing response times and minimizing potential damage from security breaches.

• Designed and implemented secure network architectures by leveraging tools such as AWS VPC, Security Groups, and Network ACLs, along with Azure Virtual Network to enforce firewalls, encryption, and zero-trust policies.

• Secured data at rest, in transit, and during processing by implementing strong encryption mechanisms using AWS KMS, Azure Key Vault, and HashiCorp Vault.

• Enhanced data protection with AWS S3 encryption (server-side and client-side) and data masking/anonymization tools, ensuring compliance with security standards and safeguarding sensitive information.

• Implemented comprehensive compliance and governance frameworks by utilizing AWS Config to automate compliance checks, achieving adherence to CIS benchmarks and Azure Policy to enforce security configurations, reducing non-compliance incidents.

• Enhanced cloud security posture by setting up AWS Security Hub, Azure Secure Score, to identify and remediate misconfigurations, ensuring adherence to security best practices.

• Integrated third-party tools like Cloud Custodian, Vanta to ensure continuous monitoring and remediation across multi-cloud environments, significantly improving regulatory compliance and minimizing audit findings

• Strengthened vulnerability management by conducting regular scans using AWS Inspector, Nessus, and Qualys. Automated patch management for EC2 instances and Azure VMs. Leveraged third-party tools like Tenable.io for dynamic vulnerability assessments, significantly improving OU security posture and reducing exploitable risks.

• Implemented DevSecOps practices by integrating AWS Inspector to scan Docker images and repositories for vulnerabilities, Enhanced infrastructure as code (IaC) security using Chekov in CI/CD pipelines, reducing Terraform configuration vulnerabilities.

• Ensured endpoint security for virtual machines and containers by deploying tools like CrowdStrike for advanced threat detection and response. Leveraged AWS Systems Manager (SSM) and Ansible for patching and configuration management, enhancing the security of cloud-based VMs.

• Automated Docker image scans with Trivy, alongside AWS Inspector, to achieve comprehensive container security. Leveraged Azure DevOps pipelines and Jenkins for orchestration, integrating tools like Snyk and SonarQube to minimize deployment risks and deliver secure, reliable code across multi-cloud environments.

• Enhanced cloud security posture by setting up AWS Security Hub, Azure Secure Score, to identify and remediate misconfigurations, ensuring adherence to security best practices.

• Integrated third-party CSPM tools like Prisma Cloud, Dome9, to provide comprehensive visibility and automated remediation across multi-cloud environments, significantly reducing risk exposure.

• Optimized encryption and certificate management by automating SSL certificate provisioning with AWS ACM, reducing renewal errors. Deployed HashiCorp Vault for centralized certificate and secrets management, These implementations helped certificate lifecycle management, enhanced security, and ensured uninterrupted, secure service delivery.

• Hardened web applications with Web Application Firewalls (WAF) using AWS WAF and Azure Application

• Integrated Static Application Security Testing (SAST) tools, including Veracode and Checkmarx, into CI/CD pipelines to identify and remediate code-level vulnerabilities early in the development lifecycle. Gateway, blocking common threats like SQL injection and cross-site scripting (XSS). Additionally, employed runtime application self-protection (RASP) solutions to detect and mitigate attacks during runtime.

• Implemented Zero Trust Architecture by designing policies with AWS Verified Access, improving user authentication security and deployed ZScaler to enable secure access to cloud resources, reducing unauthorized access

DUKE ENERGY CO-OPERATION.

CLOUD SYSTEM ENGINEER - North Carolina 04/2018 – 01/2022

• Provided direct application and user support for any technical issues triggered on RHEL 6, 7 servers.

• Proficiently managed documentation on Confluence while implementing patching and upgrading with RedHat, Ubuntu Support.

• Tuned, analyzed and monitored the performances of ESXi hosts for virtual machines.

• Engineered Infrastructure automation that eliminated time consuming manual process deployment and configurations using Ansible.

• Install, configure, and manage Ansible Galaxy for automation.

• Experience in integrating version control systems like Git Lab with Ansible Tower for continuous delivery of playbooks.

• Managed and inspected docker repositories, images, registries, and docker files.

• Improved developer workflow by Dockerizing monolithic apps into micro services with Docker-compose.

• Used Terraform to build and launch AWS resources EC2, S3 storages, Route53.

• Integrated and Configured Terraform Atlantis with Github Enterprise.

• Collaborated with teams on Cloud migration project with the goal to minimize the cost of bare metal resources.

• Monitored system performance using tools such as CloudWatch and Nagios, identifying and resolving performance bottlenecks and anomalies proactively

• Worked with Cloud Watch for monitoring AWS resources including EC2 instances by setting metrics and alerts.

• Experienced in Python scripts to read and write from CSV files, make API calls to retrieve data from servers like AD, SQL and generate reports.

• Used protocols like SCP, SFTP and FTP for transferring files over the network.

• Installed and configured Nagios to constantly monitor network bandwidth, memory usage, and hard drive status.

• Deploying, configuring, and troubleshooting DHCP, FTP, TFTP, Apache, SSH, and NFS.

• Handled full fledge lifecycles of server deployment, provisioning, troubleshooting, and decommissioning.

• Extensive performance analysis of the system using top, sar, vmstat, netstat and iostat to check the CPU utilization, bottlenecks of I/O devices,

• Managed file systems and SAN by creating Logical Volumes, resizing logical volumes and volume groups. SOC ANALYST.

MOONSTAR EXPRESS - Michigan 03/2016 – 03/2018

• Real-time monitoring of logs in SOC from various devices, including Firewalls, IDS, IPS, Windows/Linux OS, Proxy/Networking devices, Databases, and Web Servers.

• Prevents over 1500 vulnerabilities monthly by monitoring security events and alerts from various sources such as SIEM, firewalls, and other security tools to detect and respond to security incidents in a timely and effective manner.

• Investigate security incidents, determining the scope, severity, and impact of attacks.

• Prioritize, and differentiate between potential intrusion attempts and false alarms True/False Positives.

• Investigate endpoints using SEPM and successfully terminated and deleted over 1600 possible malicious files and processes.

• Research and test new security tools/products and make recommendations of tools to be implemented in the SOC environment.

• Investigate VPN alerts and reach out to users to confirm legitimacy of such activity.

• Utilize the MITRE attack framework for confirmed incidents analysis.

• Excellent working knowledge of security platforms and tools, such as firewall, CASB, proxy, SIEM, and SOAR.

• Monitor the health of security devices and syslog instances and respond to anomalies as defined in the SOP.

• Implemented and enforced cloud security best practices, including IAM policy management, data encryption, and vulnerability assessments to maintain compliance with industry standards like SOC2

• Conduct investigation of security incidents, including phishing alerts, to assess the extent and gravity of threats. Analyze phishing alerts and

• follow-through until containment and elimination.

• Perform threat intelligence including open-source investigations to identify current attacks that may target the clients/industry.

• countermeasures, eliminating these threats and vulnerabilities.

• Collaborate with other security professionals (incident response teams, threat intelligence analysts, and penetration testers) to provide timely and effective incident response.

• Security risk assessments, vulnerability management, and penetration testing activities to identify and remediate vulnerabilities.

• Maintain documentation related to security incidents and breaches, including incident reports, playbooks, and other security-related documentation.

• Identifying over 1500 malicious network activities and threats impacting network operations and developing appropriate

• Handle security incidents by collecting, analyzing, and preserving digital evidence, while ensuring incidents are properly tracked and recorded according to organizational SOC requirements.

• Configured and managed virtual networks, subnets, routing tables, and secure connections (e.g., VPNs, Direct Connect) to support hybrid and multi-cloud environments

• Develop SOPs (Standard Operating Procedures) and playbooks for different incidents. Improve incident response times, analysis of incidents,

• and overall, SOC functions.

• Provided Tier 2/3 support for cloud infrastructure issues, training users and stakeholders on cloud best practices.

• Ensures company-wide security best practices and protocols to mitigate risk of data breach. Technical Skills

• Cloud Platforms: AWS, Azure, Google Cloud Platform (GCP)

• Version Control: Git, GitHub, GitLab, Bitbucket, CodeCommit

• Infrastructure as Code (IaC): Terraform, CloudFormation, ARM Templates

• Configuration Management: Ansible, Chef, Puppet, AWS Systems Manager

• CI/CD Tools: Jenkins, GitLab CI, CI/CD Pipelines

• Containerization & Orchestration: Docker, Amazon EKS, ECS, AKS

• Operating Systems: Linux (Ubuntu, Red Hat), Windows Server, macOS

• Scripting Languages: Python, Bash

• Security Controls: IAM, KMS, Security Groups, AWS WAF, SCP, Secrets Manager, SSL/TLS

• Database Management: RDS, DynamoDB

• Networking: VPC, VLANs, VPNs, Subnetting, DNS, TCP/IP, HTTP, DHCP, Route53

• DevSecOps Tools: SonarQube, Checkmarx, OWASP, Aqua Security, Trivy, Snyk, AppScan

• Compliance & Frameworks: NIST, CIS, HIPAA, Zero Trust, COBIT, PCI DSS

• Monitoring and Analysis Tools: CloudWatch, CloudTrail, AWS Config, Splunk, Datadog, Nagios

• Web Technologies: Apache, Nginx, Tomcat, LDAP, NFS, DNS, HTTPS.

• Identity and Access Management: OKTA (AWS) SSO

Education

Bachelor of Computer Science 11/2014

University of Buea

Associate degree in Information Technology

Wayne county Community College(WCCCD) - Michigan

CERTIFICATIONS

AWS Certified Solution Architect Associate

Certified Ethical Hacker

CompTIA Sec+

Oracle Database Administrator

Reference: Available Upon Request



Contact this candidate