| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidateCandidate's Name
EMAIL AVAILABLE PHONE NUMBER AVAILABLE Potomac, MD Street Address
PROFESSIONALSUMMARYIve several years of experience as a Cloud Security Engineer / Vulnerability Threat Manager, specialized in helping organizations manage security processes and tools, including data protection, identity & access management, risk and compliance, incident response, and continuous security monitoring of all systems, services, and integrations to rapidly identify potential security issues and initiation mitigation measures. CERTIFICATIONS AWS Certified Cloud Practitioner - Certified. AWS Certified Solutions Architect (Associate) Certified. AWS Certified Solutions Architect Professional - Certified. AWS Certified Security Specialty - Certified. CyberArk PAM- Certified. CyberArk SENTRY -Certified.SKILLS AWS WAF, SSL certificate, IdentityAccess Management (IAM), AWSSecurity Token Service (STS), AWSSecurity Hub, AWS Guard Duty, AWSKMS, AWS SNS, AWS Cloud Watch,AWS Cloud Trail, Cloud Formation,Terraform, ECS Containers, Jira, SDLC,Sumo Logic, Dome9, Terraform. PaloAlto Firewalls, Prisma Cloud [CSPM]Payment Card Industry Data SecurityStandard Compliance (PCI DSS), CISTop 18 Controls, Tenable Nessus, AWSCloud Security and Infrastructureexperience, VulnerabilityManagement & Gap assessment,Security Guard Rails, AWS SecurityHub, AWS Guard Duty, AWS Inspector,AWS VPC, VPC Flow logs, SIEM.WORK HISTORY IAM Ops/CyberArk Consultant Citizens Bank Rhode Island, RI 8/2023-06/2024 Designed, implemented, and managed cloud security solutions with CyberArk for several departments within Citizens enterprise environment. Built and integrated security controls into the cloud to protect data Protection, integrity, authentication, access security, and disaster recovery. Defined and implemented a data loss prevention system to protect customer data and meet compliance requirements, as well as examined and implemented an email encryption plan for the Bank Implemented secure solutions to protect assets in the cloud, including encryption, authentication, and authorization by using Identity Governance and Administration [IGA] and Role-Based Access Control [RBACK] in managing access to resources. Experience with Identity Governance and Administration (IGA) and Privileged Access Management (PAM) tools (Okta, SailPoint, Ping Identity and CyberArk developed cybersecurity framework, Developed architecture that mitigated security threats in cloud- based environments, determined which security threats were most critical in the cloud, determined which threats were most common to healthcare industry, and developed security threat models to determine the impact of identified threats. Defined, implemented, and supported cloud security policies, processes, and service integration across the organization. Designed and implemented layered security architecture, detecting, unauthorized access, detecting malicious behavior, detecting abnormal activity & WAF.Senior Cloud Security Engineer AmerisourceBergen - Philadelphia, PA 01/2019 7/2023 Evaluated and mitigated security threats through automated and manual analysis and provided enterprise-wide security assessments. Performed basic penetration testing on a cloud environment to determine potential vulnerabilities and prevent data loss. Assisted in designing, implementing, and testing cloud security, including business continuity, disaster recovery, and system monitoring. Followed up with teams responsible for Patching Windows systems within on-prem and cloud environments that are part of VTM scan results. Increased security awareness of employees and clients through training, workshops, and presentations Designed, implemented, and managed cloud security solutions for several departments within AmerisourceBergen enterprise environment. Developed and implemented secure solutions to protect assets in the cloud, including encryption, authentication, and authorization. Reviewed, built, and improved security operations processes based on industry standards and guidelines to perform Threat Analysis, Forensics Analysis, Data Loss Prevention, Vulnerability Management, Patch Management, Penetration Testing, Security Monitoring, and Incident Response. Designed and implemented layered security architecture, detecting, and detecting unauthorized access, detecting and detecting malicious behavior, detecting and detecting abnormal activity. Adopted new security controls and best practices in the cloud environment, including best practices on cloud security, security configuration, network security, data security, and operations. Created a cloud security strategy for critical data-center infrastructure and implemented a hybrid cloud strategy to deliver a 99.999%availability SLA. Established a security model for a SaaS platform used by a several users. Fixed security vulnerability in applications by implementing fix, testing, and patching process. Learned the secret sauce on how to build secure cloud architectures with data classification, multi-tenancy, data protection, multi-factor authentication, key management, and secure code reviews. Led security architecture and development, including application security testing and penetration testing, to ensure data security and compliance across the cloud infrastructure and the company's Web application. Coordinated with the Security Operations and Offensive Security teams to monitor threat intelligence sources for new and updated vulnerabilities, techniques to evade endpoint security, and related security concerns.Cloud Security Engineer / Vulnerability Mgt Ingram Micro - Los Angeles, CA 01/2015 - 11/2018 Assessed the security posture of companies like Bank of America cloud environment, including identifying sensitive data stored in the cloud, identifying security controls, and determining how to mitigate security incidents. Maintained one of Imgram Micro client Bank of America Situational Awareness around industry news on software vulnerabilities, including 0-day vulnerabilities and emergency patching. Designed and developed a full-scale test lab to determine the security posture of AWS cloud. Coordinated with stakeholders to drive remediation of vulnerabilities in compliance with company policy and applicable regulatory requirements such as PCI and SOX. Implemented a highly scalable, cloud-based platform for performing security checks, analyzing results and identifying areas for improvement leveraging Dome9 and AWS Security Hub. Designed and built security architecture and infrastructure for secure infrastructure and infrastructure automation. Sifted through large data to prioritize impactful vulnerabilities and reduce noise often associated with vulnerability tools. Enabled validation of reduced risk, by confirming vulnerable assets remediate through reporting. Designed, implemented, and managed a secure cloud-based solution for multiple cloud providers to securely store company data. Developed and maintained vulnerability management processes and standards. Supported, maintained, and integrated vulnerability management solutions with various systems and applications within BOA. Built out cloud environment for day-to-day operations, designed and implemented solutions to secure cloud infrastructure. Implemented cloud security architecture to integrate security into all applications, applications, security, software, and information technology.Cybersecurity Analyst GEICO -- Maryland 03/2011 - 12/2014 Led a team of 5 analysts to identify and prioritize data sources and analysts to ensure the highest quality of information. Collected, analyzed, and stored all necessary information to identify potential threats to the organization. Assessed current cyber security posture to identify current gaps and determine the scope of the company's risk to the organization. Worked on penetration testing teams to research potential vulnerabilities and secure networks. Performed routine and routine-type cyber security risk assessments. Assisted the company with the analysis of its network environment, investigating possible network vulnerabilities, and developing and implementing an overall security plan.EDUCATION University of Lagos, OverseasBachelor of Science: Computer ScienceThe SANS Technology Institute, Washington D.C 06/2018 Certificate of Completion: Cloud Security Architecture and Operations |
