Achu Mofor
USA
Summary
Cloud Security Engineer with 10 years of IT experience and 6 years of hands-on experience securing cloud environments across AWS, Azure, and GCP. Skilled in implementing cloud security controls, encryption, IAM, monitoring, and compliance frameworks (NIST, ISO 27001, FedRAMP, PCI-DSS). Proven ability to build and maintain secure, scalable, and resilient infrastructures while collaborating with cross-functional teams to protect enterprise data and workloads in the cloud.
Overview
9
9
years of professional experience
Work History
AWS Cloud Security Engineer
CVS
, CO
11.2019 - Current
- Experience in security architecture for multi-cloud deployments, ensuring compliance with NIST, FedRAMP, ISO 27001, and PCI-DSS standards.
- Designed and implemented VPCs, IAM roles, MFA, and encryption policies (KMS, SSL/TLS, S3 encryption) to secure enterprise workloads.
- Deployed AWS Landing Zones for multi-account governance, security baselines, and centralized logging.
- Automated infrastructure deployments with CloudFormation and Terraform, improving provisioning speed by 40%.
- Configured and managed CloudWatch, GuardDuty, Security Hub, and Splunk for monitoring, log analysis, and threat detection.
- Conducted risk assessments, vulnerability scans, and penetration testing, reducing critical vulnerabilities by 30%.
- Partnered with application teams to integrate DevSecOps pipelines, embedding security checks into CI/CD workflows.
- Supported incident response and forensic analysis for cloud-related security incidents, strengthening detection and response processes security policies.
- Collaborate with architects and application teams to implement best practices for cloud security.
Cloud Security Engineer
Bank of America
Houston, TX
11.2019 - 10.2022
- Collaborated with cross-functional engineering teams to secure cloud-based applications, data pipelines, and backend services across AWS, and hybrid environments.
- Implemented and maintained cloud infrastructure as code (IaC) using Terraform and AWS CloudFormation to automate secure deployments of EC2, S3, RDS, IAM, and Lambda resources.
- Supported secure API development and integration by applying authentication, encryption, and role-based access controls (RBAC) for internal and external applications.
- Configured AWS security controls such as GuardDuty, Security Hub, Config, Macie, and CloudTrail to improve visibility, monitoring, and automated threat detection.
- Partnered with DevOps and reliability teams to integrate security scanning and compliance validation into CI/CD pipelines using GitLab and Jenkins.
- Conducted vulnerability assessments and remediation of infrastructure and application components, prioritizing findings in alignment with business impact.
- Monitored, investigated, and responded to cloud infrastructure security alerts, ensuring timely triage and root-cause analysis.
- Assisted with the deployment of WAF, AWS Shield, and perimeter defense solutions to mitigate DDoS and web application threats.
- Worked with Python and AWS SDKs (Boto3) to automate remediation workflows and security compliance reporting.
- Participated in risk assessment and compliance reviews to ensure adherence to NIST, ISO 27001, and PCI-DSS standards.
- Collaborated with product and platform teams to promote secure design, shift-left security practices, and continuous improvement of Wells Fargo’s cloud posture.
- Supported incident response and contributed to disaster recovery exercises, improving resilience, and reducing response times.
Cybersecurity Analyst
Humana
, CO
10.2016 - 10.2019
- Implemented firewalls, intrusion detection, and encryption solutions to secure enterprise IT environments.
- Conducted security audits, risk assessments, and forensic investigations, identifying critical gaps and recommending mitigation.
- Developed and enforced device hardening standards, improving endpoint security across Windows and Linux servers.
- Collaborated with compliance teams to ensure adherence to cybersecurity risk management policies.
Education
BACHELOR’S -
COMPUTER SCIENCE
01-2013
AWS CERTIFIED SOLUTIONS ARCHITECT – PROFESSIONAL -
AWS Certified Security – Specialty -
COMPTIA SECURITY Plus – CASP -
Skills
- Cloud Platforms: AWS (EC2, VPC, IAM, S3, CloudFormation, CloudTrail, GuardDuty, Security Hub), Azure, GCP
- Security & Compliance: Zero Trust, IAM, MFA, Encryption (KMS, TLS, SSL), Firewalls, WAF, Vulnerability Management, Risk Assessment, Incident Response, Data Loss Prevention
- Networking: TCP/IP, VPN, VPC Peering, Load Balancers, NACLs, DNS, Secure Remote Access
- DevOps / IaC: Terraform, CloudFormation, Jenkins, Git, Docker, Kubernetes
- Monitoring & Logging: Splunk, Dynatrace, CloudWatch, ELK Stack
- Scripting: Python, JSON, YAML, Bash, AWS CLI
- Frameworks & Standards: NIST, ISO 27001/2, CIS Benchmarks, SOC 2, FedRAMP, PCI-DSS
Timeline
Cloud Security Engineer
Bank of America
11.2019 - 10.2022
AWS Cloud Security Engineer
CVS
11.2019 - Current
Cybersecurity Analyst
Humana
10.2016 - 10.2019
BACHELOR’S -
COMPUTER SCIENCE