Summary

AWS Cloud Security Engineer with 6+ years of experience in the Information Technology industry and 4+ years in Cloud Computing, Network Security protocol and technologies, firewalls, VPNs, IDS/IPS, Encryption, System Administration, Infrastructure Provisioning and Automation and Cloud Security/Performance Optimization. Implemented cloud services like IAAS, PAAS, and SAAS. Proficient in monitoring and implementing security policies resulting in a 50% reduction in security incidents.

Work Experience

Cloud Security Engineer

Nexttel                                                            October 2022 –March 2024

• Configured AWS VPC with optimized network architecture, applying NACL and Security groups to enforce stringent access controls, resulting in zero security breaches and improved data protection.
• Automatized server provisioning and configuration using Terraform and Ansible, resulting in a 40% decrease in deployment and improved scalability during high-demand periods.
• Spearheaded the implementation of AWS IAM Identity Center to define federated access permissions for organization users based on group memberships in a centralized directory; mitigated security vulnerabilities, enhanced compliance, and reduced access management overhead by 50%.
• Collaborated with Network and Development team to architect, implement, and upkeep test environments in VirtualBox using Vagrant, resulting in a 50% improvement in deployment speed and increased testing capabilities.
• Managed 15 Aws accounts, including the setup and configuration of EC2 instances, RDS databases, VPCs, Elastic Load Balancers (ELBs), CloudFront distributions, and health checks.
• Identified vulnerabilities in existing security systems and led the implementation of enhanced security measures, resulting in a 60% reduction in potential violations and ensuring compliance with industry regulations.
• Implemented a comprehensive AWS Security Hub remediation plan, resolving 10+ security issues and mitigating potential cyber threats, leading to improved data integrity and customer trust.
• Led the initiative to migrate hardcoded database credentials to AWS Secret Manager, enabling secure retrieval of credentials on-demand. Implemented regular database password rotation to enhance security and reduce vulnerability to unauthorized access by 60%.
• Collaborated with cross-functional teams to troubleshoot and debug cloud-based applications and services, resulting in a 30% decrease in system downtime and enhanced customer satisfaction.
• Developed and maintained automation scripts for cloud deployments, resulting in a 40% reduction in deployment duration and a 25% increase in team productivity.
• Create AWS S3 bucket objects and assign IAM role to store the objects.
• Configured S3 life cycle policy to transit objects/backups from one storage level to other storage level.
• Create a deletion policy, Enabled versioning & MFA for critical AWS S3 objects.
• Replicate critical backups / objects from one AWS region to another AWS region as per client requirement.

Cloud System/Operation Engineer

The Home Depot                                     August 2020 - September 2022

• Orchestrated the seamless implementation and configuration of ELK stack, providing developers and DevOps engineers with a cost-effective log analysis solution, resulting in a 60% increase in application performance and a 30% reduction in infrastructure incidents.
• Provisioned and maintained cloud-based backup and disaster recovery plans, reducing data loss by 50% and minimizing system downtime during disaster recovery.
• Configured AWS VPC, Amazon Aurora, Amazon EC2, Amazon EFS, Amazon Cloud Front and Amazon ElastiCache to build a highly available, auto-scaling multi-tier web application.
• Optimized VPC security by leveraging AWS API & AWS Firewall Manager, enabling centralized management of security groups and network firewall rules across 75+ VPCs and AWS Accounts, leading to a 25% improvement in compliance and risk mitigation.
• Conceptualized Amazon Inspector and Systems Manager to automate security assessments and operational tasks such as patching and configuration management across Amazon EC2 fleet.
• Developed and executed a robust set of web application controls, effectively mitigating common attack vectors and reducing security incidents by 40%.
• Configured EBS volumes and configure encryption keys on top of EBS volumes.
• Implemented AWS CLI utility to automate backups and EBS volume snapshots, reducing manual effort by 80% and saving 15 hours per week in operational tasks.
• Configured CloudTrail to send logs to S3 and use Athena to generate reports, to visualize resource utilization.

IT Support Engineer

G-Info-Tech                                                October 2017 - December 2019

• Implemented automation scripts for AWS cloud-related tasks, resulting in a 20% reduction in manual effort and a 20% increase in task completion speed.
• Monitored and analyzed cloud performance metrics, identifying, and resolving issues thereby reducing impacted end-users and resulting in a 25% improvement in system uptime.
• Configured cloud watch alarm for EC2 and RDS instances metrics.
• Enable encryption on EC2 volumes and S3 buckets by using AWS KMS.
• Troubleshot and resolved cloud-related issues, reducing downtime by 50% and improving system availability by 25%.
• Configured and support servers, operating systems and network components resulting in a 15% increase in operational efficiency, information security policies and infrastructure standards.

Education

University of Douala

Associate degree, Computer Software Engineering

Bachelor of Engineering in Computer Science

Licenses & Certifications

AWS Certified Solutions Architect – Associate – Issued Nov 2021 – Expires Nov 2024

AWS Certified Developer – Associate – Issued Mar 2022 – Expires Mar 2025

AWS Certified SysOps Administrator – Associate – Amazon Web Services (AWS) Issued May 2022 – Expires May 2025

AWS Certified Security – Specialty – Amazon Web Services (AWS) Issued May 2023 – Expires May 2026