Livecareer-Resume

Usmc Project Senior Cloud Engineer Resume Example

Love this resume?

By clicking Build Your Own Now, you agree to our Terms of Use and Privacy Policy

Jessica Claire
Montgomery Street, San Francisco, CA 94105
Home: (555) 432-1000 - Cell: - resumesample@example.com - -
Professional Summary

A seasoned Information/Cloud Security engineer with deep skill set as Cloud Infrastructure professional with more than five (11) + years of combined IT experience working as a cloud Solutions architect/Cloud Security Engineer for several customers and managing server infrastructures and data center operations. Implementing upgradable, scalable, hyper-converged infrastructure and micro-services across multiple platforms (Unix, Linux, Amazon Linux).

Certifications
  • AWS Certified Cloud Practitioner - Certified
  • AWS Certified Solutions Architect Associate - Certified
  • AWS Certified Security Specialty - (In-View)
  • Certificate of Cloud Security Knowledge (CCSK) - Certified
  • CompTIA Security+ - Certified
  • Navy Qualified Validator Level II - Certified
Skills

Database Querying Languages; PostgreSQL, MySQL, SQL server, NOSQL/DynamoDB. Jenkins, Puppet, Chef, Terraform, Ansible. AWS Inspector, AWS Shield, Macie, Guard Duty, AWS Secret Manager, Cloud Passage, Qualys, Nessus, OpenVAS, Symantec DLP.
(IDS/IPS) SIEM (AlienVault).


Firewalls & Log Analysis, SIEM, etc.
Orchestration Services ECS, Docker Containers, Elastic Beanstalk – Amazon Web Services (EC2, EBS, S3, IAM, AMI, VPC, VPC Peering, NACL, Security Groups, Route53, Auto Scaling, ELB, SNS, Cloud Watch and Cloud Formation).

Work History
11/2018 to Current
USMC Project - Senior Cloud Engineer Verizon Communications Rolling Meadows, IL,
  • I Designed, built, upgraded, and operated multiple cloud environments. Hands-on installation & configuration within the AWS/Azure Clouds.
  • I have vast experience using ITSM systems like ServiceNow/BMCRemedy/Jira to define service provisioning processes.This includes participating in service design sessions,runbooks and Infrastructure as Code to enable user and system provisioning.
  • Working knowledge of NIDS (Network Intrusion Detection Systems) and HIDS (Host-based Intrusion Detection Systems), DoD HBSS (Host Based Security System) [McAfee ePo], DoD ACAS (Assured Compliance Assessment Solution) [ Tenable, Nessus], STIGs, IAVM (IA Vulnerability Management), AWS Managed Firewall, AWS CloudWatch, AWS CloudTrail, AWS Security Groups, AWS IAM.
  • I constantly reviewed/monitored entire environment and executed initiatives to reduce failures, defects, and improve overall performance.
  • Cyber Compliance & Risk Management, Provide support to senior ISSO for implementing, and enforcing information systems security policies, standards, and methodologies.
  • Assists with preparation and maintenance of documentation.
  • Maintain records on workstations, servers, routers, firewalls, intelligent hubs, network switches, etc.
  • To include system upgrades.
  • Propose, coordinate, implement, and enforce information systems security policies, standards, and methodologies.
  • Maintain operational security posture for an information system or program.
  • Provide support to the Information System Security Manager (ISSM) for maintaining the appropriate operational Information Assurance posture for systems.
  • Develop and maintain documentation for Assessment & Authorization in accordance with DoD policies.
  • Develop and update the system security plan and other Information Assurance documentation.
  • USMC Project - ISSE.
  • Perform and review technical security assessments of computing environments to identify points of vulnerability, non-compliance with established information assurance (IA) standards and regulations and recommend mitigation strategies.
  • Validate and verify system security requirements definitions and analyze and establish system security designs.
  • Perform security research, analysis, and design for all client computing systems and the network infrastructure.
  • Responsible for the prevention, detection, investigation and response with respect to security threats and attacks.
  • Facilitate and manage security vulnerability assessments and penetration tests.
  • Participated in application and infrastructure projects and other business initiatives to provide security-planning guidance with the following drivers: reduce risk, protect business applications while ensuring the highest level of data and infrastructure (endpoints, servers, networks, data center, cloud) security.
  • Reviewed and evaluated current access routes, sites, vendor integration points, and security platform integrations; recommended improvements and develop corrective strategies to improve security prior to implementation.
  • Assisted with designed and security oversight of next-generation firewalls, intrusion prevention systems, DDoS solutions, SSL-terminating load balancers, WAF, security groups and NACL.
  • Recommended and managed transmission protection requirements for all environments (systems, applications, containers, etc.) such as VPC peering best practices, SSL certificate management, key pairs, etc
    Created and maintained comprehensive documentation related to Continuous Support and Incident Response.
  • Reviewing alerts and data from systems/networks and respond accordingly, including documentations and escalation.
  • Develop tactical response procedures for security incidents
    Performed security monitoring, security event triage, and incident response; coordinate with other team members and management to document and report incidents.
  • Participated in deep architectural discussions to build confidence and ensure customer success when building new and migrating existing applications, software and services on AWS platform.
  • Technical liaison between the customer's service engineering & support teams.
  • Presentation skills with a high degree of comfort speaking with executives, IT Management, and developers; strong communication skills with an ability to right level conversations.
  • Architecting/operating solutions built on AWS Platform; Deployed Palo Alto, F5, Aviatrix Transit Gateway boxes and configured boxes with customer's requirements.
  • Experienced with "on-premise to cloud" migrations and IT transformations with the aid of AWS solutions
06/2017 to 10/2018
Cloud Security / Cybersecurity Analyst KPMG City, STATE,
  • Participated in the planning and design of engineering infrastructure projects.
  • Provided off-hours support for critical applications as required.
  • Mentored and provided technical guidance to staff of customer on AWS cloud implementation solution.
  • Developed highly scalable, flexible, and resilient cloud solutions for a AI/ML platform in AWS.
  • Built VPCs from scratch, creating private and public subnets, creating security groups and network access lists, configuring internet gateways, OpenVPN, creating AMI, understanding of user access management/role based access/multi factor authentication and API access, configuration of auto scaling and elastic load balancer for scaling services if a configured threshold has been exceeded, configuration of SNS to send notifications and Cloud Watch to collect logs and metrics.
  • Participated in deep architectural discussions to build confidence and ensure customer success when building new and migrating existing applications, software and services on the AWS platform.
  • Reviewed Complementary User Entity Controls (CUEC) policy submissions from Budget Submitting Offices (BSOs) for conformance with CEUC guidebooks.
  • Performed Audit liaison duties by reviewing Prepared by Client (PBC) documentation before submitting to auditors to ensure PBC artifacts submitted by system owners' answer the PBC ask.
  • Provided analysis of PBCs on the Audit Response Center (ARC) tool, compared to the spreadsheet presented by auditors Ernst and Young (EY) to ensure the Auditors list reflected the command submissions.
  • Ensured PBCs were scrubbed for Personally Identifiable Information (PII) before submitting to auditors.
  • Pulled PBC artifacts from audit tool and submitted to Auditors on behalf of system owners.
  • Supported kick-off, walkthrough and observation meetings by taking note of high-level items and possible PBCs.
  • Led two external audits by providing support to system owners, leading System owner/Independent Public Accountant (IPA) meetings and supporting Notice of Finding and Recommendation (NFR) meetings.
  • As part of the Enterprise Continuous Monitoring Program (ECMP) team, develop ECMP assessment strategy plan to assist in continuously monitoring controls post authorization to ensure compliance with security requirements and policies.
  • Designed, deployed, managed and improved critical security infrastructure services/tools for authentication and authorization, PKI, secrets management, logging, detection, vulnerability management and more.
  • Partnered with teams throughout the customer's departments on technology initiatives to improve security and bring standard methodologies to our products and services.
  • Analyzed the latest attacker techniques and develop approaches to detect them across the company's diverse environments and endpoints.
  • Defined, implemented, and tuned detective capabilities and data sources to detect and remediate malicious activities.
  • Worked with engineering and operations teams to implement threat detection signals, deploy new tooling, and improve response capabilities.
  • Analyzed security data and report on threats and incidents across various platforms and environments.
01/2013 to 06/2017
Cloud Security Architect Vsolvit LLC City, STATE,
  • Designed and implemented system security and data assurance.
  • Hands-on experience writing Production-ready automation code to implement solutions with Puppet, Ansible, CloudFormation or similar - e.g.: Chef, Terraform.
  • Strong interpersonal, organizational, and communication skills with the ability to work effectively across internal and external organizations and virtual teams.
  • Reviewed design to make sure design is aligned with Architecture.
  • Proven experience in systems and cloud network design and development.
  • Strong understanding of information processing principles and practices.
  • In-depth technical knowledge of networks, storage systems and computing platforms including Amazon AWS, .NET, Windows, and CI/CD pipelines.
  • As a last line of defense against a compromised account, I ensured all IAM users have multi-factor authentication activated for their individual accounts, and limited the number of IAM users with administrative privileges.
  • Rotated IAM access keys regularly and standardize on a selected number of days for password expiration to ensure that data cannot be accessed with a potential lost or stolen key.
  • Enforced a strong password policy requiring minimum of 14 characters containing at least one number, one upper case letter, and one symbol.
  • Applied a password reset policy that prevents users from using a password they may have used in their last 24 password resets.
  • Ensured that no S3 Buckets are publicly readable/writable unless required by the business.
  • Turned on Redshift audit logging in order to support auditing and post-incident forensic investigations for a given database.
  • Encrypted data stored in EBS as an added layer of security.
  • Encrypted Amazon RDS as an added layer of security.
  • Enabled require_ssl parameter in all Redshift clusters to minimize the risk of man-in-the-middle attack.
  • Restricted access to RDS instances to decrease the risk of malicious activities such as brute force attacks, SQL injections, or DoS attacks.
  • Encrypted highly sensitive data such as protected health information (PHI) or personally identifiable information (PII) using customer-controlled keys.
  • Granted the fewest privileges possible for application users.
  • Involved IT security teams throughout the application development life-cycle.
  • Inventoried and categorized all existing custom applications deployed in AWS.
  • Assisted with designed and security oversight of next-generation firewalls, intrusion prevention systems, DDoS solutions, SSL-terminating load balancers, WAF, security groups and NACL.
  • Recommended and managed transmission protection requirements for all environments (systems, applications, containers, etc.) such as VPC peering best practices, SSL certificate management, key pairs, etc.
  • Designed and implemented monitoring and protection capabilities to help identify and protect against DoS attacks, MITM, EC2 instance compromise, secret compromise, etc.
  • Created and maintained comprehensive documentation related to Continuous Support and Incident Response.
  • Reviewed alerts and data from systems/networks and respond accordingly, including documentations and escalation.
  • Developed tactical response procedures for security incidents.
  • Performed security monitoring, security event triage, and incident response; coordinate with other team members and management to document and report incidents.
  • Operational experience with network security appliances with a clear understanding of the architecture behind secure networks, DMZ's, NAT's, rule placement, VPN setup, and system maintenance.
  • Led root cause analysis, debugging, support, and postmortem analysis for security incidents and service interruptions.
  • Enabled Cloud Trail across all geographic regions and AWS services to prevent activity monitoring gaps.
  • Turned on Cloud Trail log file validation so that any changes made to the log file itself after it has been delivered to the S3 bucket is traceable to ensure log file integrity.
  • Enabled access logging for Cloud Trail S3 bucket so that you can track access requests and identify potentially unauthorized or unwarranted access attempts.
  • Turned on multi-factor authentication (MFA) to delete Cloud Trail S3 buckets, and encrypt all Cloud Trail log files in flight and at rest.
  • When creating IAM policies, I ensured that they're attached to groups or roles rather than individual users to minimize the risk of an individual user getting excessive and unnecessary permissions or privileges by accident.
04/2008 to 12/2012
Group IT Specialist Legal Shield Inc City, STATE,
  • Presented to high level officials on protecting their employees and their businesses.
  • Educated business owners and their employees on the growing problem of Identity theft.
  • Offered propositions on the importance of Identity Theft and Legal Benefits to Companies.
  • Helped business owners successfully implement a variety of legal benefit programs that can help a company reduce absenteeism, increase productivity, keep a progressive company image.
  • Supported the enforcement of IT procurement policy using a web-based workflow approval system.
  • Provided support for the execution of the Director role as the IT Expenditure Approval Authority.
  • Reviewed IT procurement requests to safeguard against duplicative investments.
  • Assisted in creating and configuring reports that show planned/requested IT spending.
  • Assisted in creating and configuring reports that provide data and metrics for assessments, analysis, and future planning.
  • Assisted the Legal Shield in adding, removing, or adjusting database workflows, fields, and administration features to keep up with changing IT security policy.
  • Provided recommendations/expertise to streamline IT procurement processes.
Education
Expected in
Bachelor of Science: Computer Science
University of Lagos - Overseas,
GPA:

By clicking Build Your Own Now, you agree to our Terms of Use and Privacy Policy

Disclaimer
Resumes, and other information uploaded or provided by the user, are considered User Content governed by our Terms & Conditions. As such, it is not owned by us, and it is the user who retains ownership over such content.

How this resume score could be improved?

Many factors go into creating a strong resume. Here are a few tweaks that could improve the score of this resume:

80Good

Resume Strength

  • Length
  • Personalization
  • Strong Summary
  • Target Job

Resume Overview

School Attended
  • University of Lagos
Job Titles Held:
  • USMC Project - Senior Cloud Engineer
  • Cloud Security / Cybersecurity Analyst
  • Cloud Security Architect
  • Group IT Specialist
Degrees
  • Bachelor of Science