Senior Security Engineer (Aws ☁️)
CurrentAs a Senior Cloud Security Engineer at Ibotta, I have effectively contributed to the improvement of our cloud security infrastructure and corporate training in the following ways:Firewalls: Deployed and configured WAFs, safeguarding critical web applications. Working currently on the potential to deploy Network Firewalls using AWS Firewall Manager to protect resources living within our VPCs. Identity Center and ABAC: Assisted in the rollout AWS Identity Center as well as ABAC (Attribute Based Access Control) for IAM. Privacy Engineering Task Force: I was added to a Task Force as the security SME. I assisted in architecture reviews, setting up the AWS infrastructure, conducted security audits, and remediated any security gaps in the final Privacy Enablement Pipeline service. Which was used to automate Data Subject Deletion and Access requests required by multiple privacy laws. Services used: Rest API Gateways, Lambda functions, S3 Buckets, SNS and SQS. Vulnerability and Audit Process: Created a new audit process for a specific vulnerability, secret leakage, and IAM User key rotations.Incident Response Runbooks: Authored runbooks for the following compromised AWS services: EC2, IAM, and S3 Buckets. Purple Team: Building out Ibottas first ever purple team focused on common attacks against AWS cloud infrastructure. Attack Simulation Workshop: Led a workshop training infrastructure specialists on handling SSRF vulnerability attacks where over 75 software engineers were in attendance. Deception Engineering: Led a project to create and deploy strategically Canary Tokens across Ibotta's AWS accounts. GCP Auditing: Conducted audits on GCP projects, implemented GCP security recommendations, and cleaned up inactive projects.