Cybersecurity Engineer Iii (+Cloud)
Current- Cloud Security posture at BCH: Used Palo Alto's Prisma to generate configuration changes for hardening AWS accounts - Used Pacbot to generate resource inventory - Worked with application owners to identify internet exposed sites and moving them behind Imperva(WAF). - Ec2 image management: Built an AWS Lambda based serverless App to copy the latest CIS hardened images from marketplace into our core security account. Subsequently, sharing it out to all accounts in BCH's AWS Org - IAM user management: Used AWS labs to build a Stacksets deployment that automatically finds IAM users and disables/deletes them on a schedule - Built file transfer endpoints using AWS transfer family - Worked with the Networking team to enable security features in Fortinets deployed in AWS - Feeding AWS logs to Splunk: Built a solution to transfer Cloudtrail and Guardduty logs to Splunk. - Developing Incident Response workflow for responding to Guardduty detections. - GSuit adoption and hardening: Worked to identify and recommend hardening controls for GSuit in a research environment. - M365 adoption and hardening: Used M365 best practices to generate a list of security controls for the Windows team to implement. Focus on Exchange and Onedrive. - Certificate Automation POC: Used Sectigo's network agent method to test automatic renewal and deployment of SSL certs.