Security Engineer | Cloud Security & Vulnerability Management (Fedramp)
CurrentLeveraged OKRs to track KPIs, ensuring effective project management and continuous improvement.Automated IAM provisioning using Terraform to streamline Okta access policies and AWS permission sets, improving security policy enforcement, and ensuring compliance with Infrastructure as Code (IaC) best practices.Conducted thorough threat modeling and refined security tools, significantly enhancing detection accuracy and minimizing false positives in cloud services to meet FedRAMP (NIST SP 800-53, Rev. 5) compliance requirements.Automated end-to-end vulnerability assessments utilizing Nessus Tenable and Wiz, increasing visibility into security risks and elevating the organization’s overall security stance.Showcased expertise during FedRAMP and DISA STIG audits for 3PAO by owning Tenable and Wiz operations, ensuring vulnerability scans and compliance checks for EC2 instances and database servers, and passing FedRAMP audits without discrepancies.Automated data aggregation from security scanners (Snyk, Wiz, Tenable, SentinelOne, Invicti) using Lambda and GitHub Actions, eliminating manual effort and enabling daily integration into Domo for actionable data visualization.Designed and implemented prioritized vulnerability remediation strategies in collaboration with cross-functional teams, resulting in expedited resolution of vulnerabilities and improved system integrity.Established a Security Champions Program by creating dashboards and scorecards in Domo, achieving a 85% reduction in remediation time and improving team response efficiency.Streamlined vulnerability ticketing by replacing ServiceNOW with Jira, building Tenable and Wiz API integration that automated ticket creation and saved the company $200,000 annually in licensing costs.Automated the creation of vulnerability tickets in Jira by integrating Terraform and GitHub Actions, ensuring findings were systematically assigned and tracked for timely resolution by relevant teams.