Security Architect - Cloud & Enterprise Security Leader

Location:

Menifee, CA, 92584

Posted:

April 06, 2026

Contact this candidate

Resume:

Alonzo Ramos

Security Architect

Menifee, CA *2585

951-***-**** (Cell)

******.*******@*****.***

Summary:

Security Architect Enterprise & Cloud Transformation Leader Strategic Security Architect with 5 years leading enterprise-scale security architecture for a global retail brand, supporting growth from ~$3.5B to a $9.8B acquisition by 3G Capital. Key contributor to long-term technology and security vision designed to enable an additional $10B+ in scalable, secure digital growth. Core member of the Agile Architecture Review Board, driving modernization standards, risk governance, and cloud-first security practices across global infrastructure, applications, and data platforms. Certifications:

GDSA - GIAC Defensible Security Architecture #2549, GCPN - GIAC Cloud Penetration Tester #1283, GCSA- GIAC Cloud Security Automation #950,

Azure – Microsoft Azure Fundamentals Certified

AWS – CCP – Certified Cloud Practitioner, eJPT- ELearnSecurity Junior Penetration Tester CISSP - Certified Information Systems Security Professional ID#557241 CISM – Certified Information Security Manager ID#1736986, NSE3 - Network Security Expert (FORTINET) ACE - Accredited Certified Engineer-Palo Alto Networks, QUALYS Certified Specialist – Vulnerability Management CEH –Certified Ethical Hacker ID#ECC044628,

CCNA Certified ID#CSCO10559570

MCITP-Enterprise Administrator Certified ID#7608475, (Microsoft Certified Information Technology Professional) Education:

Information Technology, Stanbridge College of Information Technology- Irvine CA B.A. Criminal Justice, B.A. Humanities, California State University, Fullerton, CA Technical Training and Accomplishments:

CISOEXECNET Member, SABSA Security Architecture Enterprise Framework – Training Agentic AI Fundamentals, Frameworks & Applications – LinkedIn Learning, Proofpoint Certified AI Data Security Specialist

AI Governance Training – BSidesLV 2025,

GRID – GIAC Response and Industrial Defense – SANS Training DEFCON 31, AppSec Village 3rd place CTF Submission winner, DEFCON 33, Goon

Expel Board Member 2022-2024,

RHISAC – Security Architecture Group Champion/Founder 2024 -present Defcon 27 – Red Team Village, Offensive hacking, exploit testing and configuration, network attacking and detection, Cisco CCNP- Building Scalable Cisco Networks, Multilayer Switched Networks, Remote Access, & Internetworking Troubleshooting Languages: Bilingual: speak, read, write English/Spanish. 2

Skechers USA Corporate, Security Architect 5/21 – present

• Served as Security Architect for a $3.5B–$9.8B global enterprise transformation, aligning security architecture with growth, M&A readiness, and private-equity acquisition requirements using risk-assessment frameworks and AWS security services, which secured stakeholder confidence and enabled seamless integration of new assets

• Architected enterprise security strategy supporting global e-commerce, retail, supply chain, and corporate systems - ensuring scalability, resiliency, and regulatory alignment during rapid business expansion.

• Introduced modern security architecture practices-including Zero Trust principles and AWS-first cloud-native security controls- strengthening the enterprise security posture and improving compliance across all business units

• Implemented Zero Trust principles using identity-centric access controls and micro-segmentation, which reduced the attack surface and improved overall access security

• Deployed AWS-first cloud-native security controls such as GuardDuty, Security Hub, and IAM policies, enhancing threat detection and ensuring regulatory compliance

• Implemented identity-centric access models using role-based access control and least-privilege principles, improving authentication security

• Applied network segmentation and enforced least-privilege policies with firewalls and VLANs, reducing the risk of unauthorized access

• Led security architecture reviews for all Tier-1 initiatives, reducing architectural risk while accelerating delivery velocity across engineering teams.

• Designed cloud security reference architectures enabling secure adoption of AWS services, CI/CD pipelines, and automation frameworks at enterprise scale.

• Partnered with executive leadership, infrastructure, application, and compliance teams to translate business growth objectives into actionable security roadmaps.

• Led private-equity readiness by applying data-analysis and CI/CD controls to document security posture, ensuring all acquisition due-diligence requirements were met

• Established repeatable security patterns and guardrails, reducing project friction while increasing consistency, auditability, and long-term maintainability.

• Shaped multi-year technology vision to embed security into the $10B digital expansion, enabling growth without delays

• Coached development teams on secure API design using TypeScript and Kubernetes, integrating CI/CD pipelines to enforce security checks, which improved code quality and reduced security defects

• Developed and implemented enterprise information security strategy aligned with business objectives, increasing security program maturity by 38% and reducing risk exposure across 8 business units

• Led security architecture reviews for Agile Architecture Review Board, evaluating 80% of enterprise technical projects and providing guardrails for development teams, engineers, and business analysts

• Established AI governance framework and technical security standards for global Skechers entities, increasing policy adoption by 45% and accelerating compliant deployment timelines

• Mentored and provided technical guidance to Security Engineers and Analysts across EDR, IAM, SOAR, SIEM, DLP, CASB, DSPM, SASE, and GRC programs, improving team capability maturity

• Designed cloud security architecture for a $70M financial workflow modernization initiative, implementing AWS and Oracle Cloud guardrails, CSPM, and CIEM controls, which secured the migration and reduced potential compliance gaps

• Reduced critical cloud misconfigurations by 50% through AWS security guardrails using SCPs, CSPM/ CIEM tools, and centralized IAM patterns across 30+ AWS accounts

• Delivered centralized security architecture repository (digital library) and roadmap dashboards, improving stakeholder visibility and technical decision-making across global teams, Configured & Managed bi-annual CTFs to improve overall security skills ESRI, Enterprise Security Engineer 11/19 – 1/2021

• Handled incident response and investigated all SOC alerts, including after-hours cases; managed Proofpoint TRAPS/TAP, Secure Server, FireEye CMS upgrades, Cisco Umbrella configurations, and LogRhythm SIEM exclusions, which streamlined alert triage and reduced investigation time

• Handled all Phishing alerts, trained end-users on Phishing, strengthening 65% awareness for corporate teams

• Ran periodic penetration tests on applications and web servers and managed security investigation tools such as Moloch, Check Point firewalls, Microsoft ATA, Men & Mice, and daily intelligence reporting, improving vulnerability identification

• Administered XSOAR/Demisto, Hybrid-Analysis, Cisco Talos, VirusTotal, Zeek/BRO, Nessus vulnerability management, CrowdStrike, Sophos Central, Nagios, PCAP analysis, and an ESXi test environment, enhancing threat detection and response capabilities

• Collaborated with inter-departmental teams, InfraGard, and CISA Intel members to document processes and procedures, improving cross-functional security coordination

• Enaged in the cyber war-room during high fidelity security incidents to execute action per run-books and defensive strategies

• Contributed to digital wiki, with techincal guidelines, procedures, standards, and “How to” documentation for other engineers and staff.

Pechanga Resort & Casino, IT Security Administrator 6/2016 – 11/19

• Administered Varonis alert tracking, Cylance Endpoint protection, MFA, Cisco VPN configurations, Cisco ISE/RSA, SOP policies, LogRhythm SIEM, and DLP, ensuring timely detection of security incidents and compliance with internal policies

• Managed PhishMe Cofense phishing-simulation campaigns, ObserveIT file-activity monitoring, and Sendio email filtering, reducing successful phishing attempts and improving the organization’s email-security posture

• Managed Cisco ASA firewalls, ACLs, Cisco IronPort WSA, Cisco ACS, and Nexpose vulnerability scans, hardening network defenses and decreasing the number of identified vulnerabilities

• Served as a member of the MSISAC multistate cyber-partner network, delivered security-awareness training, and consulted management on security best practices, raising employee security awareness and supporting governance initiatives

• Provided security advisories and conducted SIEM case investigations, managed threat feeds, configured the STIX TAXII API, and created custom SIEM rules to track malware, enabling faster incident response for other IT teams

• Wrote New Employee Orientation on IT Security Basics and trainings within casino to increase 55% security awareness

• Tested proof-of-concept malware and ransomware attacks using EDR solutions such as CrowdStrike, Cylance, AMP, TRAPS, Carbon Black, and Trend Micro, which informed the selection of tools that enhanced threat detection across the casino network Proficio, Security Engineer 5/2015 - 6/2016

• Managed Security Services for national and international clients, Fortinet, Cisco, Juniper, Palo Alto Firewalls,

• Managed IDS/IPS HP Tipping Points, Digital Vaccines, reputation filters, building filters to block countries from national networks, applied automated Perl “Active Defense scripts” to work with SIEM correlation rules to block massive SSH attacks, blacklisted ips, enumeration, creating Active Channels with HP ArcSight to monitor syslog events, patterns, inbound attacks,

• Created CVE reports with last Security Vulnerabilities per different manufacturer, provide custom ACLs, create Linux connectors to pick up syslog events from up to 200 types of technology devices, including Unix, Linux. Windows, etc.,

• Managed Qualys scanning Accounts and networks to automate internal and external scanning to detect all vulnerabilities.

• Ran custom connectors to test F5 virtualization, AD, change Controls, Project Plans, Remediation, PRTG monitoring system IEEE, Systems Administrator 8/2012 - 5/2015

• Secured all systems by implementing role-based access control (RBAC) and enforcing security policies and procedures, managed LAN/WAN connections, and collaborated with stakeholders to define security requirements, resulting in fewer unauthorized-access incidents and more reliable network performance

• Managed Citrix XenCenter 5.6 SP2, HP Blade and Linux servers, VMware ESXi 5.0, and Net-Apps SAN backup/restore processes, virtual resources, improved virtualization operations, reduced server downtime & raised backup success rates

• Managed Active Directory, Lotus Notes/Domino servers and databases, and Cisco Unified Communications Manager

(Publisher/Subscriber) and Call Manager 8.5-8.6, used Python scripts to automate user provisioning, and maintained 99% email and telephony availability for end users

• Managed Cisco 4507-E switches and 2811 routers, configured OSPF, EIGRP, static routes, VLANs, DNS, DHCP, FTP, and GPOs, applied Agile sprint planning to prioritize changes, and improved network performance while reducing support tickets

• Managed Akamai disaster recovery and Symantec Endpoint Protection, created network documentation in Visio, automated HP server provisioning, performed Acronis imaging, used PuTTY and Bomgar for remote access, administered EMC Isilon storage, and leveraged cloud platforms for backup, which increased system resilience and improved backup reliability Rincon Gaming Commission, Security Systems Analyst 5/2011- 8/2012

• Manage LAN/WAN connections, security surveillance, assist in IT audits, and IT security compliances, administered Fortis database, Exchange 2010, Active Directory, local forms, software / badge systems, surveillance software

• Validated IT security/ encryption verifications, network connectivity, slot machine audits, Symantec Backup and Mail security solutions, Office 2007, develop process and procedures for IT troubleshooting and technical implementation

• Managed, SOX, MICS, SQL 2008, IPADs, iPhone, HTC support, GLI Verify software, installation on development of local Access 2007 database for eproms, gaming software audits, and assets, and IT Security administration. Alliance8 Inc, IT Director (Hands On). 5/2010 - 5/2011

• Led a team of CRM developers, desktop engineers, and IT security staff to maintain data and voice infrastructure, applying analytical skills to prioritize work and improve system reliability

• Oversaw IT budgets and expenses while building and supporting Windows Server 2003/2008 environments; automated server provisioning and implemented Fonality VoIP systems, ensuring SOX compliance and smoother communications

• Administered firewall rules, GPO deployment, and Active Directory support; set up SIP-based predictive dialers, VPN/SSL connections, and web servers, coordinated all IT projects and relocations, delivering them on schedule, managed FSMO roles, replication, and Windows Server 2008 rollouts; deployed Sonitrol surveillance, Ecora auditing, Symantec Endpoint Protection, and backup solutions, enhancing overall security and data protection for the business.

Contact this candidate