Cloud Security Engineer
Current• Experience in limiting Access to AWS Services using IAM and restricting network access using NACLs and Security Groups to ensure the principle of least privilege.• Engineered and executed a comprehensive credential verification system using AWS Lambda, EventBridge, and SNS, significantly improving security and user authentication processes. This system was designed following agile principles, utilizing Terraform for infrastructure automation, resulting in a 40% improvement in deployment… Show more • Experience in limiting Access to AWS Services using IAM and restricting network access using NACLs and Security Groups to ensure the principle of least privilege.• Engineered and executed a comprehensive credential verification system using AWS Lambda, EventBridge, and SNS, significantly improving security and user authentication processes. This system was designed following agile principles, utilizing Terraform for infrastructure automation, resulting in a 40% improvement in deployment efficiency and a 25% reduction in operational costs.• Collaborated with the cybersecurity team to conduct comprehensive security assessments, including penetration testing and application security testing using OWASP guidelines and Burp Suite, to identify and mitigate potential security risks.• Improved cloud infrastructure resilience, reducing downtime by 25% through the strategic integration of monitoring tools (CloudWatch, CloudTrail), enhancing real-time threat detection and automated incident response.• Led DevOps initiatives to promote efficient change management and infrastructure automation, achieving a 97% adherence to best practices and reducing manual errors by 91% through the use of Terraform and Git.• Actively collaborated with DevOps Engineers, Platform & Software Engineering teams, identifying and addressing over 300 security threats, thereby maintaining 99.9% uptime for key applications.• Enhanced security posture by conducting rigorous security assessments, including code reviews and vulnerability scans, ensuring comprehensive coverage against cyber threats.• Guide other teams in building security into their infrastructure as code solution using code scan such as Checkov, Terrascan, Sonarqube.• Experience in safeguarding data integrity using AWS KMS for data at rest and TLS for data in transit through effective encryption key access control.• Provide guidance & code to ITOps to help them deliver CIS compliant AWS accounts to product teams. Show less