senior cloud security engineer solutions architect resume example with 9+ years of experience

(555) 432-1000,
, , 100 Montgomery St. 10th Floor
Professional Summary

Enthusiastic AWS Cloud Security, Solutions Architect and Network Engineer eager to contribute to team success through hard work, attention to detail and excellent organizational skills. Clear understanding of defining and fine tuning AWS Cloud technologies to achieve enterprise business goals and objectives. Helping businesses to manage cloud server infrastructures and data center operations. Implementing upgradable, scalable, highly available and fault tolerant infrastructure across multiple platforms


AWS Inspector, AWS Shield, Guard Duty,

AWS Secret Manager, Qualys, Nessus, OpenVAS, Symantec DLP.

(IDS/IPS) SIEM (Splunk/Qradar) Palo Alto Firewalls & Log Analysis, SIEM, Palo Alto Prisma, Palo Alto Panorama. Orchestration Services ECS, Docker Containers, Elastic Beanstalk – Amazon Web Services (EC2, EBS, S3, IAM, AMI, VPC, VPC Peering, NACL, SG, Route53, Auto Scaling, ELB, SNS, Cloud Watch and Cloud Formation).

CloudPassage, IBM Qradar, CheckPoint Dome9, Barracuda Guardian Security, F5, PostgreSQL, MySQL, SQL server, DynamoDB. Jenkins, Puppet, Chef, Terraform, Ansible. Compliance: Cisco ISE, Cisco Firepower (Threat Detector/ Management Center)

Protocols Standards: TCP/IP, UDP, IGRP, EIGRP, BGP, OSPF, DHCP, DNS and Spanning Tree protocol.

Hardware: Cisco Routers Series, 2811, 2911, 2921, 4500 and CAT 6500. Catalyst Series Switches, 4500, 6500, 3700/Nexus 5k, 7k, 9k, and 2k.

  • AWS Certified Cloud Practitioner – Certified
  • AWS Solutions Architect Associate – Certified
  • AWS Developer Associate – Certified
  • Cisco Certified Network Professional (CCNP) – Certified
  • COMPTIA Security Plus – Certified
  • Cisco Certified Network Associate (CCNA) – Certified
  • AWS Certified Security Specialty - (In-View)
  • AWS Solutions Architect Professional - (In-View)
Western Governors University Online, Expected in 05/2022 Bachelor of Science : Cloud Computing - GPA :
Anne Arundel Community College Arnold, MD Expected in Associate of Arts : General Studies - GPA :
The SANS Technology Institute WASHINGTON D.C, Expected in 06/2018 Bachelor of Science : Cloud Security Architecture And Operations - GPA :
Work History
Criterion Systems - Senior Cloud Security Engineer /Solutions Architect
Dulles, VA, 01/2019 - 01/2021
  • Worked closely with customers, internal staff and other stakeholders to determine planning, implementation and integration of system-oriented projects.
  • Managed use of various types of databases and configured, installed and upgraded new ones.
  • Monitored and tested application performance to identify potential bottlenecks, develop solutions, and collaborate with developers on solution implementation.
  • Defined enterprise processes and best practices and tailored enterprise processes for applications.
  • Implemented best practices with best of breed applications to ensure infrastructure can meet business needs and requirements.
  • Built highly available and scalable systems, services, and applications in Lockheed AWS Cloud environment.
  • Led the design, implementation, operation, and management of Linux based on-premises systems and current and future AWS cloud services.
  • Automated everything that can be and find creative ways to automate those that cannot.
  • Served as a technical expert and resource for the AWS cloud environment within Lockheed Martin.
  • Built all systems, applications, and services with a security-first mindset.
  • Took on the task of moving the environment to a server-less infrastructure where possible.
  • Partnered with stakeholders in and out of IT to build out technical solutions based on individual group requirements.
  • Built out everything as Infrastructure as Code for the production environments in AWS.
  • Created and maintained technical documentation for managed services and systems.
  • Build out monitoring systems to ensure maximum performance and uptime.
  • Ensured the team is providing timely and responsive support both within and outside of IT for the systems supported by the team, including call rotations, after-hours work, and weekends.
  • Assisted with the building out of business continuity planning, disaster recovery, and testing.
  • Coordinated planned service outages with all IT and business groups and ensure 24/7/365 coverage.
  • Played a key role in developing short- and long-term goals, strategies, and objectives.
  • Helped with the development of action plans that present challenging but realistic deadlines.
  • Ensured that stakeholders are suitably educated on issues that may affect them using non-technical, but clearly communicated means.
  • Built and maintained metrics necessary to support KPI reporting as related to the group's responsibilities.
  • Built and maintained knowledge of new technologies that provide value to the organization and took action to introduce those technologies through documentation, training, recommendations, and proof of concepts.
  • Handled change management process and ensured compliance with all change management policies concerning upgrades, troubleshooting, implementations, and day to day management of systems.
  • Had a continuous improvement mindset that looks for opportunities to improve efficiencies, reduce costs where possible, and refine processes where needed.
  • Articulated solution benefits to both technical & non-technical audiences, as well as provide leadership and mentoring to several IT teams and other internal / external thought leaders.
  • Keenly couple key insights to present highly technical concepts and solutions specifics to audiences of varying technical capabilities in a clear, concise, and easily understood manner.
  • Estimated engineering effort, planned implementation, and deployed changes that meet requirements for functionality, performance, reliability, and adherence to best practices and principles.
  • Enabled access logging for Cloud Trail S3 bucket so that customer can track access requests and identify potentially unauthorized and unwarranted access attempts.
  • Enabled Cloud Trail across all geographic regions and AWS services to prevent activity monitoring gaps.
  • Rotated IAM access keys regularly and standardize on a selected number of days for password expiration to ensure that data cannot be accessed with a potential lost or stolen key.
  • Performed security monitoring, security event triage, and incident response, coordinate with other team members and management to document and report incidents.
  • Administered IT-monitoring toolsets like AWS CloudWatch to collect and track metrics, collect and monitor log files, and set alarms.
  • Built and maintained AWS infrastructure using Terraform and AWS CloudFormation for different teams within Lockheed Martin.
  • Utilized AWS snowball to migrate large-scale data transfers quickly and securely.
  • Restricted access to RDS instances to decrease the risk of malicious activities such as brute force attacks, SQL injections, or DDoS attacks.
  • In-depth technical knowledge of networks, storage systems and computing platforms including Amazon AWS, .NET, Windows, and CI/CD pipelines.
  • Granted the fewest privileges possible for application users.
  • Recommended and managed transmission protection requirements for all environments (systems, applications, containers, etc.) such as VPC peering best practices, SSL certificate management, key pairs, etc.
  • Architecting/operating solutions built on AWS Platform; Deployed Palo Alto, F5, Aviatrix Transit Gateway boxes and configured boxes with customer's requirements.
  • Enabled CloudTrail log file validation so that any changes made to the log file itself after it has been delivered to the S3 bucket is trackable to ensure log file integrity.
  • Involved IT security teams throughout the application development lifecycle.
  • Inventoried and categorized all existing custom applications deployed in AWS.
Interactive Brokers Llc - AWS Cloud Solutions Architect / Security Engineer
Chicago, IL, 04/2015 - 12/2018
  • Conducted security audits to identify vulnerabilities in Danaher Corp cloud tenant account in AWS.
  • Encrypted data and erected firewalls to protect confidential information.
  • Monitored use of data files and regulated access to protect secure information.
  • Performed risk analyses to identify appropriate security countermeasures.
  • Designed and implemented scalable solutions in the cloud environment leveraging cloud enterprise technology and services in AWS such as AWS VPC, Auto Scaling, ELB, AWS Global Infrastructure (Regions and Availability Zones).
  • Ensured compliance to defined privileged user access controls.
  • Create gold images / AMIs and employ auto-scaling
  • Designed a secured hybrid network connection between the provisioned private network in AWS Cloud space (VPC) and the customer corporate network leveraging AWS VPC Peering, VPN connection, AWS transit Gateway.
  • Experience in deploying and monitoring applications on various platforms using Elastic Beanstalk, setting up the life cycle policies to back the data from AWS S3 to AWS Glacier.
  • Encrypted Amazon RDS as an added layer of security
  • Assisted with designed and security oversight of next-generation firewalls, intrusion prevention systems, DDoS solutions, SSL-terminating load balancers, WAF, security groups and NACL.
  • Coached and provided technical leadership to others on network designs, platform sizing, infrastructure system design and the application of new technologies and project management methodologies.
  • Detailed knowledge and sizing experience of networking technologies as well experience with storage architectures associated to private/public and hybrid cloud environments.
  • Quickly and accurately assess current operations, identify opportunities for architectural changes to drive additional business benefit.
  • Cost estimation, with a focus of helping customers understand return on investment as well as total cost of ownership advantages of solutions proposed.
  • Assess performance and service level agreements against business needs and expected results.
  • Knowledge of data modeling, data access, and data storage techniques
  • Designed the architectural frameworks solutions (IaaS, PaaS, SaaS) that best suits the clients web application hosting demands in the AWS cloud Platform, leveraging AWS services such as EC2, elastic beanstalk, S3 web hosting, ECS, Lambda, AWS Fargate, with focus on integrated and automated service delivery.
  • Developed strategies for modernization of existing systems and migration into a cloud environment using AWS Migration Hub, AWS Server Migration Service, and AWS Database Migration Service.
  • Designed and implemented system security and data assurance.
  • Orchestrated cloud governance, authorization, authentication, and identity access management of the clients' entire cloud environment using AWS IAM services (IAM users, IAM groups, IAM Roles, IAM Policies, identity federation) AWS organization, AWS Single Sign-On.
  • Designed, Deployed, managed, and operated scalable, highly available, and fault-tolerant systems on AWS Cloud.
  • Enabled required parameter in all Redshift clusters to minimize the risk of man-in-the-middle attack.
  • Managed AWS-provided portal account access credentials and privileges.
  • Turned on Redshift audit logging in order to support auditing and post-incident forensic investigations for a given database.
  • Encrypted data stored in EBS as an added layer of security.
  • Used coordination and planning skills to achieve results according to schedule.
  • Created plans and communicated deadlines to ensure projects were completed on time.
  • Participated in continuous improvement by generating suggestions, engaging in problem-solving activities to support teamwork.
  • Quickly learned new skills and applied them to daily tasks, improving efficiency and productivity.
Washington Suburban Sanitary Commission - Network Engineer
City, STATE, 04/2013 - 03/2015
  • Provided detailed technical documentation, including network diagrams, process flow charts and procedural guidelines.
  • Conducted security assessments and made recommendations for disaster recovery, remote access, network appliances, servers and directory services security.
  • Introduced automation of monitoring system for 24/7 network systems, bolstering continuity of operations.
  • Monitored network capacity and performance, as well as diagnosed and resolved complex network problems.
  • Developed strategies, budgets and deployment plans to inform and influence management and stakeholders.
  • Demonstrated advanced knowledge of large-scale global enterprise network operations and security.
  • Monitored servers and escalated emergency technical issues beyond scope to maintain optimum up-time.
  • Managed application patches, data backup, security changes and network configuration and replaced boards, changed servers and loaded and tested software applications.
  • Analyzed WSSC network configurations and determined implementation requirements.
  • Analyzed network flow statistics on a daily basis and submit essential reports to management to understand existing network traffic flows.
  • Provided hands-on technical expertise to prepare network equipment, associated installation tools and logistic for remote installations.
  • Upgraded configuration of existing network equipment to support new features and functions.
  • Worked with field installation contractors while they are on-site and provided all technical details to complete installations.
  • Progressively led and set up branch router and switch upgrades by installing 2811/3824 routers with IPS, VPN, and Cisco Voice Over IP and Power over Ethernet switches using Cisco 3560, 3750 and 4507R.
  • Communicated technical procedures and processes to non-technical users.
  • Participated in problem-management reporting, resolution, and documentation in the Change Asset and Problem Reporting System (CAPRS).
  • Implemented, upgraded, maintained, troubleshooted, and supported Catalyst switch platforms by maintaining solid understanding of the switching technologies, remote management, and network topologies.
  • Spearheaded a project focused on setting up a web proxy to filter web traffic to the Internet utilizing a Blue Coat Security gateway.
National Archives And Records Administration - Network Support Engineer
City, STATE, 02/2010 - 04/2012
  • Diagnosed network problems involving combination of hardware, software, power and communications issues.
  • Drafted post-mortem documentation analyzing instances of network system failures, including required repair and restoration efforts.
  • Supported users in setup and configuration of wireless bridge networks.
  • Designed and implemented cloud network infrastructures, including intra- and inter-data center connections.
  • Diagnosed and executed resolution for all network and server issues.
  • Answered and triaged requests for assistance in order to provide top-notch support.
  • Monitored network hardware operations to evaluate proper configuration.
  • Improved overall user experience through support, training, troubleshooting, improvements and communication of system changes.
  • Assisted installation, configuration, and administration of Cisco equipment in IT architecture of the organization.
  • Configured IT LAN/WAN elements and held responsibility of maintaining and monitoring performance of network.
  • Served as escalation point for Tier2 support.
  • Work in coordination with team members to decrease key IT problems and complete assigned projects.
  • Configure OSPF and EIGRP routing protocol to support customer networks.
  • Configure and monitor ACL’s on routers.
  • Provided support to Network Operation Center (NOC) and Data centers which include cabling, monitoring tools, PDUs and servers.
  • Configure and deploy L2 Cisco switches to support customer LAN network.
  • Analyzes, evaluates, and recommends technical requirements and specifications for the seamless integration of company-wide networking resources.
  • Prepares layouts, configurations, and bills of materials as a normal part of project assignments.
  • Provides input to management for design changes or improved operations of campus IP backbone.
  • Assists IT management in designing, building, and efficiently operating the company’s data network.
Additional Information

U.S Government Security Clearance: Public Trust

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

Your data is safe with us

Any information uploaded, such as a resume, or input by the user is owned solely by the user, not LiveCareer. For further information, please visit our Terms of Use.

Resume Overview

School Attended

  • Western Governors University
  • Anne Arundel Community College
  • The SANS Technology Institute

Job Titles Held:

  • Senior Cloud Security Engineer /Solutions Architect
  • AWS Cloud Solutions Architect / Security Engineer
  • Network Engineer
  • Network Support Engineer


  • Bachelor of Science
  • Associate of Arts
  • Bachelor of Science

By clicking Customize This Resume, you agree to our Terms of Use and Privacy Policy

*As seen in:As seen in: