Cloud Security Engineer Aws Solutions Architect Resume Example

Love this resume?

By clicking Build Your Own Now, you agree to our Terms of Use and Privacy Policy

Jessica Jessica
, , 100 Montgomery St. 10th Floor (555) 432-1000,
Professional Summary

Results-driven IT Cloud Engineer/Security professional with notable success in planning, analysis, and implementation of security initiatives in the cloud. Strengths in providing comprehensive management of server infrastructures and data center operations. Implementing upgradable, scalable, Hyper-converged infrastructure helping clients achieve business agility, scalability, high availability, and flexibility while providing strong AWS ecosystem expertise and building bridges between other teams.

  • AWS Cloud Practitioner - Certified
  • AWS Certified Developer Associates - Certified
  • AWS Certified Solutions Architect - Certified
  • AWS Certified Security Specialty - Certified
  • Certified Ethical Hacker CEH-V10 - Certified
  • Certified Penetration Testing Engineer - Certified
  • VMware Certified Datacenter Virtualization Associate - Certified
  • AWS Certified Solutions Architect Professional - (In-View)
  • SCRUM MASTER - Certified
  • ITIL - Certified

AWS, Azure, Google Cloud, BCP & DRP, PKI, Cisco Umbrella, Scripting.
Database Querying Languages; MySQL, NOSQL/DynamoDB, Python, Windows Shell, Palo Alto Prisma, Cortex. Strong verbal comm. Palo BPA, Prisma. AWS Firewall, Control Tower concepts, Security Hub, Security Guardrails etc. Gradle, Git, Docker, Ansible, Kubernetes, Bamboo, Slack, Nagios, Jenkins, Puppet.

Amazon Web Services (EC2, EBS, S3, IAM, AMI, VPC, VPC Peering, NACL, Security Groups, Route53, Auto Scaling Group, ELB, SNS, CloudWatch, Elastic Beanstalk, Cloud Formation) AWS CodeDeploy, AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, Cloud Passage, F5, Barracuda Guardian Angel, Jira, Aviatrix, F5, Arista CVP / vEOS. Palo Alto Panorama, Expedition, Guardrails Configuration

Work History
02/2018 to 12/2020 Cloud Security Engineer/AWS Solutions Architect Paypal | California, MD,
  • Managed enterprise scale solutions that leverage the following AWS Services: EC2, S3, EBS, SSM, Dynamo DB, EMR, CloudFormation, RDS, CloudFront, VPC, Route53, IAM, CloudWatch, Elastic Beanstalk, Lambda, etc.
  • Hands-on experience in performance tuning, including the following: (load balancing, web servers, content delivery Networks, Caching (Content and API).
  • Built Cloud Security Architecture Specifications for multiple Information Security Domains including but not limited to; Cloud, Networking, Endpoint, SDLC, etc.
  • Designed, deployed and monitored infrastructure in public clouds (AWS, Azure) using Infrastructure as Code (Terraform, CloudFormation, Ansible).
  • Primary responsibilities include platform deployment, stack configuration, Initial application deployment, rolling application updates, customer onboarding, and maintain a 24x7 production environment with a high level of service availability.
  • Drove incidents to resolution by coordinating with engineering teams.
  • Partnered to improve automation and orchestration for manual processes required to operate and deploy cloud services.
  • Managed infrastructure services in a production environment to ensure high availability and reliability.
  • Designed the architectural frameworks solution (IaaS, PaaS, SaaS) that best suits the clients web application hosting demands in the AWS cloud platform, leveraging AWS services such as EC2, Elastic Beanstalk, S3 web hosting, ECS, Lambda, AWS Fargate, with focus on integrated and automated service delivery.
  • Built VPCs from scratch, creating private and public sub-nets, creating security groups and network access lists, configuring internet gateways, OpenVPN, creating AMI, understanding of user access management/role based access/multi factor authentication and API access, configuration of auto scaling and elastic load balancer for scaling services if a configured threshold has been exceeded, configuration of SNS to send notifications and Cloud Watch to collect logs and metrics, spinning both Windows and Linux EC2 instances as needed.
  • Improved our incident management lifecycle to identify, mitigate, and learn from reliability risks.
  • Developed deeper insights and analysis into the quality of experience for our customers.
  • Collaborated with other engineering teams to understand their systems and help improve them.
  • Managed our infrastructure as code. We use terraform and ansible.
  • Manage Linux systems and cloud assets in AWS and Azure.
  • Participated in a 24/7 call rotation and eventually manage it and design all the processes around it.
  • Researched, recommended, deployed and managed tools that assist in ensuring the availability, security, consistency, manageability and cost efficiency of our product infrastructure.
  • Participated in and possibly eventually own the operations and engineering processes that are audited as part of our SOC2 Type 2 certification. (We have been certified since 2019).
  • Planned and maintained continuous delivery, coordinate hotfixes and feature releases.
  • Used my knowledge of AWS and Azure to assist engineering in planning feature development.
  • In conjunction with Support, I assisted in responding to customer issues by collecting information for the Support team to communicate to customers and for the Engineering team to use to make fixes.
  • Perform daily system monitoring and troubleshooting for Mission customers, which includes verifying the integrity and availability of cloud infrastructure, server resources, systems and key processes, reviewing system and application logs, and verifying completion of scheduled jobs such as backups, live data feeds, and batch processing
  • Communicated with vendors and other teams about technical issues
  • Wrote knowledge base articles and runbooks for commonly asked questions or frequently reported issues, including root cause analysis (RCA).
  • Performed changes to infrastructure outside of documented runbooks such as software upgrades and patching.
  • Proposed, developed and supported automation solutions for source code deployment and configuration management.
  • Developed internal and customer facing cloud services (serverless and container-based) in AWS using AWS ECS.
  • Designed storage solutions for mission critical data in common databases (PostgreSQL) and cloud services (S3, DynamoDB, etc.).
08/2015 to 03/2018 Cloud Engineer/DevOps Consultant CapitalOne | City, STATE,
  • Worked with development, product management and customers to transition prototype of on-prem workloads to the cloud as needed.
  • Produced high-quality technical documentation such as RFCs, architectural documents and diagrams, API specifications.
  • Led sessions with business and technical experts to deeply understand their needs, solicit and document requirements.
  • Consulted and advised engineers, architects and executives, help define the right choice of technology stack, serve as a leading technical expert on Data.
  • Created SOW's and/or provide a structured and complete informational background to the engineering team.
  • Designed and articulated major aspects of highly scalable, reliable, and performing technical data solutions that leverage AWS cloud platform to automate business solutions.
  • In-depth technical knowledge of networks, storage systems and computing platforms including Amazon AWS, .NET, Windows, and CI/CD pipelines.
  • As a last line of defense against a compromised account, I ensured all IAM users have multi-factor authentication activated for their individual accounts and limited the number of IAM users with administrative privileges.
  • Rotated IAM access keys regularly and standardize on a selected number of days for password expiration to ensure that data cannot be accessed with a potential lost or stolen key.
  • Enforced a strong password policy requiring minimum of 14 characters containing at least one number, one upper case letter, and one symbol.
  • Applied a password reset policy that prevents users from using a password they may have used in their last 24hrs password resets.
  • Ensured that no S3 Buckets are publicly readable/writable unless required by the business.
  • Turned on Redshift audit logging in order to support auditing and post-incident forensic investigations for a given database.
  • Encrypted data stored in EBS as an added layer of security.
  • Encrypted Amazon RDS as an added layer of security.
  • Enabled required SSL parameter in all Redshift clusters to minimize the risk of man-in-the-middle attack.
  • Restricted access to RDS instances to decrease the risk of malicious activities such as brute force attacks, SQL injections, or DoS attacks.
  • Encrypted extremely sensitive data such as protected health information (PHI) or personally identifiable information (PII) using customer-controlled keys.
  • Granted the fewest privileges possible for application users.
  • Involved IT security teams throughout the application development life cycle.
  • Inventoried and categorized all existing AWS Resources.
  • Designed and implemented system security and data assurance.
  • Worked closely with customers, internal staff and other stakeholders to determine planning, implementation and integration of system-oriented projects.
02/2013 to 11/2015 Information Security Consultant Marriott International | City, STATE,
  • Conducted security audits to identify vulnerabilities.
  • Researched and developed new computer forensic tools.
  • Reviewed violations of computer security procedures and developed mitigation plans.
  • Monitored use of data files and regulated access to protect secure information.
  • Developed plans to safeguard computer files against modification, destruction or disclosure.
  • Monitored computer virus reports to determine when to update virus protection systems.
  • Performed risk analyses to identify appropriate security countermeasures.
  • Recommended improvements in security systems and procedures.
  • Led projects and analyzed data to identify opportunities for improvement.
  • Recommended improvements in security systems and procedures.
  • Identified issues, analyzed information and provided solutions to problems.
  • Used critical thinking to break down problems, evaluate solutions and make decisions.
  • Ran security scans (e.g. Qualys scan), analyze the output, and covert issues to software improvement tickets.
  • Monitored application and server logs for potential cybersecurity related activity.
  • Investigate, triage, document, and escalate cybersecurity incidents, as necessary.
  • Suggested and drive cybersecurity improvements to level up the organization.
  • Managed access to sensitive information systems, coordinating with various internal teams to scope necessary access levels.
  • Assisted with compliance and documentation tasks as necessary.
  • Audited data access, appropriate use of software, and cybersecurity training compliance.
  • Created/updated guides, policies, and training materials for cybersecurity related changes.
  • Maintained the security and confidentiality of Curative information systems as part of day-to-day functions, escalating related concerns to management.
Expected in 12/2001 Bachelor of Science | Economies University Of Nigeria, Nsukka, Nsukka, Overseas, GPA:
Expected in 12/2021 Bachelor of Science | Cloud And System Administration Western Governors University, Online, GPA:
Expected in 06/2018 Certificate of Completion | SEC545: Cloud Security Architecture And Operations The SANS Technology Institute, Washington DC, GPA:

By clicking Build Your Own Now, you agree to our Terms of Use and Privacy Policy

Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.

How this resume score could be improved?

Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:


Resume Strength

  • Personalization
  • Strong Summary
  • Target Job

Resume Overview

School Attended
  • University Of Nigeria, Nsukka
  • Western Governors University
  • The SANS Technology Institute
Job Titles Held:
  • Cloud Security Engineer/AWS Solutions Architect
  • Cloud Engineer/DevOps Consultant
  • Information Security Consultant
  • Bachelor of Science
  • Bachelor of Science
  • Certificate of Completion