Amber H.

Amber H. Email and Phone Number

Cloud Security Architect | MBA Candidate | CISA | CCSK @ Southern Company
Atlanta, GA, US
Amber H.'s Location
Atlanta Metropolitan Area, United States, United States
About Amber H.

Amber is a dynamic Cloud Security, Application Security, and DevSecOps professional with over 7 years of comprehensive experience enhancing cybersecurity across industries such as Healthcare, Banking, Government, Blockchain, Education, and Energy.She has extensive expertise in designing and implementing secure cloud architectures, embedding security into CI/CD workflows, and driving vulnerability management to mitigate risks in multi-cloud environments. Amber has led key security initiatives, including quantum encryption readiness aligned with NIST standards, deploying & managing CSPM/CNAPP solutions, and integrating application security practices into development pipelines. Her ability to collaborate with cross-functional teams and streamline security processes has been instrumental in fortifying organizational security postures.Amber’s consulting background includes spearheading compliance assessments (HITRUST, SOC 2, PCI) for on prem and cloud infrastructure and advising on regulatory frameworks. As a leader, she has authored application security policies, guided security incident response strategies, and mentored teams to adopt best practices in cloud and application security.She holds a Bachelor of Science in Public Policy, a Master of Science in Information Systems (Audit and Control), and is pursuing an MBA specializing in Computer Information Systems and AI Business Innovation. Amber is a Certified Information Systems Auditor (CISA), HITRUST Certified Professional (CCSFP), and Certified Cloud Security Knowledge (CCSK) professional with advanced training in DevSecOps and the MITRE ATT&CK Framework.Amber is passionate about leveraging her cybersecurity expertise to drive innovation, improve resilience, and deliver secure, scalable solutions in an increasingly complex threat landscape.

Amber H.'s Current Company Details
Southern Company

Southern Company

View
Cloud Security Architect | MBA Candidate | CISA | CCSK
Atlanta, GA, US
Website:
southerncompany.com
Employees:
11711
Amber H. Work Experience Details
  • Southern Company
    Southern Company
    Atlanta, Ga, Us
    View
  • Southern Company
    Cloud Security Architect
    Southern Company May 2024 - Present
    Atlanta, Ga, Us
    - Leading deployment of Wiz CSPM and conducting Enterprise wide gap assessment on our Azure environment.- Driving quantum encryption readiness aligned with NIST standards for post-quantum environments.- Designing tailored security solutions to meet business needs while ensuring compliance with best practices.- Leading and mentoring cross-functional teams to address and resolve complex security challenges.- Educating stakeholders on security principles and maintaining expertise in emerging technologies.
    View
  • Tcm Bank, N.A.
    Application Security Engineer
    Tcm Bank, N.A. Feb 2024 - May 2024
    - Conducted a comprehensive security assessment using tools such as Checkmarx, Tenable, Burp Suite, and Postman to test the security of the API application and middleware components.- Acted as a liaison between security and development teams, coordinating external penetration tests and remediation activities.- Facilitated weekly meetings with the team to review findings from Checkmarx and prioritize remediation efforts.- Authored the application security policy for the bank, providing a structured approach to application security.
    View
  • Southern New Hampshire University
    Cloud Security Engineer
    Southern New Hampshire University Mar 2023 - Jan 2024
    Manchester, Nh, Us
    - Liaison between Office of Product Innovation and Information Security, enhancing cloud security in Azure and GCP; integrated security into Azure DevOps and GitHub Actions for CI/CD pipeline integrity.- Collaborated with dev and ops teams using tools like CodeQL, Dependabot and Tenable WAS for proactive security vulnerability detection and remediation.- Led Wiz CSPM POC deployment, customizing and integrating it effectively, and communicated strategic advantages to senior leadership for seamless adoption.- Authored secure coding policies and disaster recovery plans, guiding development teams in best practices for cloud security response strategies.- Served as a DevSecOps SME, providing SonarQube architecture guidance and DevSecOps playbook for our DevOps team to help with prioritzing DevSecOps implementations.- Completed BlackHat’s DevSecOps MasterClass for advanced application security automation, covering hands-on security practices and tool integration in the development lifecycle.- Gained expertise in MITRE ATT&CK® framework through a 6-hour program, focusing on threat-informed defense and adversary emulation, enhancing skills in security frameworks and tools.
    View
  • Voice
    Devsecops Engineer
    Voice Jan 2022 - Mar 2023
    Brooklyn, Ny, Us
    - Leveraged SonarQube for CI/CD pipeline integration, automating code quality and security scanning, and leading collaboration for vulnerability management.- Proficient in Sysdig Secure for container and Kubernetes security, enhancing incident response and compliance across containerized applications.- Managed enterprise-wide vulnerability detection and mitigation with Tenable.io, integrating into CI/CD for automated security assessments.- Implemented and managed Dependabot in GitHub Actions, automating dependency updates and integrating security into development workflows.- Administered secrets using HashiCorp Vault, following security best practices to support secure application development.- Utilized Google Security Command Center for comprehensive threat detection, risk assessment, and security policy enforcement across GCP assets.- Conducted in-depth security analysis of smart contracts using Trail of Bits tools, driving innovation in blockchain application security.- Orchestrated Cloudflare services to enhance web security, managing DDoS mitigation, WAF configuration, and secure content delivery.- Monitored Kubernetes and microservices performance with Grafana/Loki & Prometheus, ensuring operational reliability in Kubernetes environments.- Utilized Terraform to make changes to GCP infrastructure and IAM permissions, while promoting & adhering to IaC best practices.
    View
  • Coalfire
    Security Consultant
    Coalfire Jun 2021 - Jan 2022
    Greenwood Village, Co, Us
    - Spearheaded HITRUST validated assessments for AWS and GCP environments, seamlessly coordinating with clients, conducting detailed walkthroughs, and authoring critical planning and reporting documents.- Elevated the team's proficiency by training junior consultants in testing HITRUST controls, auditing techniques, and effective project management, fostering a knowledgeable and skilled consulting workforce.- Diligently reviewed and tested an expansive array of policies, procedures, and technical configurations against 300-500 unique security controls, ensuring compliance with HITRUST requirements.- Demonstrated deep expertise in security frameworks and regulatory requirements, including SOC 2, ISO, NIST, COBIT, HIPAA/HITECH, and PCI, applying this knowledge to enhance cloud service security and to advise clients with strategic and technical insights.
    View
  • Crowe
    It Assurance Senior Staff
    Crowe Aug 2019 - May 2021
    Chicago, Illinois, Us
    - Led over 30 client engagements, driving project success through effective client meetings, budget management, and delivery of IT assurance services, with a focus on areas such as SOC, PCI, and HITRUST.- Supervised and mentored staff, ensuring quality execution of technical work and providing constructive feedback on workpapers, fostering team development and skill enhancement.- Actively contributed to strategic and tactical planning, aiding in the development of new product offerings and services to enhance client value and service delivery.- Co-led the local office’s diversity and inclusion group (Crowe’s AABRG), organizing events and initiatives that supported a more inclusive work environment.- Maintained responsibility for project reporting, ensuring timely communication of potential issues and project status to leadership.- Conducted thorough technology product and industry trend research, contributing to the enhancement of IT controls and professional standards within the IT Assurance profession.- Collaborated with management in setting performance expectations and evaluating the performance of junior staff, fostering a culture of excellence and continuous improvement.
    View
  • Porter Keadle Moore
    It Systems Associate
    Porter Keadle Moore May 2018 - Aug 2019
    - Developed Audit plans and assessed the IT control environment for financial institutions and technology service providers - Performed internal and external vulnerability scans and penetration test of client’s network using tools such as Nmap and Nessus - Developed and review SOC 1 and 2 controls and testing in compliance with SSAE 18 SOC1 and SOC 2 guidance- Supervised, trained, and mentored associates and interns throughout the engagement lifecycle and assess performance of staff for engagement reviews.
  • City Of Atlanta
    Senior Performance Auditor
    City Of Atlanta Apr 2016 - May 2018
    Atlanta, Georgia, Us
    - Conducted in-depth assessments of various city programs and processes, ensuring they achieved intended outcomes and adhered to relevant policies and regulations.- Played a pivotal role in auditing the City's $250 million Infrastructure Bond Program and Affordable Housing Programs, executing rigorous tests and analysis to evaluate financial integrity and program efficacy.- Responsible for drafting, reviewing, and ensuring the accuracy and quality assurance of audit reports, effectively communicating findings to stakeholders.- Developed comprehensive audit objectives, work plans, and recommendations, grounded in thorough analysis and findings, to drive improvements and corrective actions.- Utilized Structured Query Language (SQL) to extract and analyze data, assessing departmental performance in meeting service level agreements and operational benchmarks.
    View

Amber H. Education Details

  • Georgia State University
    Georgia State University
    Master Of Business Administration - Mba
  • Georgia State University
    Georgia State University
    Information Systems Audit And Control
  • Georgia State University
    Georgia State University
    Public Policy (Planning & Economic Development)
  • University Of West Georgia
    University Of West Georgia
    Geographic Information Systems

Frequently Asked Questions about Amber H.

What company does Amber H. work for?

Amber H. works for Southern Company

What is Amber H.'s role at the current company?

Amber H.'s current role is Cloud Security Architect | MBA Candidate | CISA | CCSK.

What schools did Amber H. attend?

Amber H. attended Georgia State University, Georgia State University, Georgia State University, University Of West Georgia.

Who are Amber H.'s colleagues?

Amber H.'s colleagues are Deacon Roberson, Karen White, Bart Fart, Ashley Hays, Loria Zeeck, Cezary Zieba, Jamie Ricks.

Free Chrome Extension

Find emails, phones & company data instantly

Find verified emails from LinkedIn profiles
Get direct phone numbers & mobile contacts
Access company data & employee information
Works directly on LinkedIn - no copy/paste needed
Get Chrome Extension - Free

Aero Online

Your AI prospecting assistant

Download 750 million emails and 100 million phone numbers

Access emails and phone numbers of over 750 million business users. Instantly download verified profiles using 20+ filters, including location, job title, company, function, and industry.