Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Arinze Momife

Midlothian,TX

Summary

Visionary Lead Cloud Security Engineer with over 12 years of experience architecting secure, compliant, and scalable cloud environments across GCP, AWS, and multi-cloud ecosystems. Expert in designing enterprise-grade standards (CIS, NIST, ISO 27001, SOC 2), implementing real-time threat detection, and driving DevSecOps maturity with tools like Security Command Center, Chronicle, Wiz CSPM, Vanta, and GKE. Pioneered compliance automation hardened base images, and vulnerability management at Appfire, securing 40+ GCP projects and 270+ applications. Combines AI governance, threat modeling (MITRE ATT&CK, STRIDE), and strategic leadership to deliver cost-optimized, zero-trust solutions. Doctoral candidate in AI/ML, advancing cloud security through innovative detection pipelines.

Overview

13
13
years of professional experience
1
1
Certification

Work History

Lead Security Engineer

Appfire
03.2024 - Current
  • Authored CIS GCP Foundation Benchmark v1.3, integrating Security Command Center (SCC) with Event Threat Detection, Container Threat Detection, and Wiz CSPM via API, including hardened base images (Container-Optimized OS, Ubuntu Minimal) for GKE with Binary Authorization and Artifact Registry scanning, securing 40+ GCP projects with 100% CIS compliance.
  • Developed standards for NIST (SI-4, AC-2, RA-5, IR-4) and ISO 27001 (A.10.1, A.12.4.1, A.9.1.2), enforcing time-bound access, cryptographic controls, and audit-ready logging, achieving zero audit findings in 2025 reviews.
  • Developed standards for public-facing GCP resources, enforcing auto-tagging (public-approved: true), expiration policies, and exception workflows, reducing unauthorized exposure risks by 30%.
  • Led integration of GCP-native tools (Security Command Center, Cloud KMS, IAM, VPC Service Controls) with Wiz (CSPM/CNAPP) and Sumo Logic (log analytics), neutralizing 95% of misconfiguration vulnerabilities and boosting anomaly detection precision by 25%.
  • Engineered automated remediation pipelines using Cloud Functions and Pub/Sub, integrating Chronicle and Sumo Logic to address threats (e.g., excessive IAM roles, compromised instances) in under 5 minutes, reducing incident response time by 50%.
  • Fortified access controls with Cloud Identity and IAM, implementing SSO and RBAC for 200+ app team members, accelerating developer onboarding by 20%.
  • Orchestrated enterprise-wide log aggregation via Cloud Logging, VPC Flow Logs, and Sumo Logic, delivering real-time insights and slashing false-positive alerts by 25%.
  • Led cross-functional collaboration, aligning security and app teams to secure GKE and Cloud Functions workloads under strict Organization Policies, reducing configuration drift by 40%.
  • Leading Vanta integration to automate SOC 2 and ISO 27001 compliance, directing DevOps teams to implement GCP, Jira, GitLab, and monday.com connectors, streamlining audit readiness for 270+ applications.
  • Directed security integration into CI/CD pipelines, embedding SAST/DAST tools (Fortify, Veracode) into Cloud Build and GitLab, reducing code vulnerabilities by 25% for 40+ projects.
  • Integrated SCC with Chronicle for real-time IAM, BigQuery, and Cloud Storage anomaly detection, improving detection accuracy by 15% across multi-project deployments.
  • Led Wiz <> Jira automation via Appfire connectors, mitigating risks like hardcoded tokens and excessive OAuth scopes, logging issues in RACI-based risk registers with 100% compliance transparency.
  • Mentored DevOps and app teams on GCP security best practices, fostering a culture of compliance and reducing misconfigurations by 20%.

Senior Cloud Security Engineer

Rite Aid Pharmacy
10.2022 - 01.2024
  • Security Architecture Design: Designed and deployed secure cloud architectures for distributed systems, enabling critical business verticals such as live streaming platforms and ad services.
  • DevSecOps Integration: Integrated security into CI/CD pipelines using SAST, DAST, and SCA tools to identify and remediate vulnerabilities early in the development lifecycle.
  • RESTful API Security: Secured RESTful APIs by implementing authentication (OAuth2, JWT), encryption (TLS), and rate limiting, and conducted security assessments using tools like Postman, Burp Suite, and OWASP ZAP.
  • Threat Reduction Initiatives: Led a comprehensive security program, achieving a 20% reduction in threats through strategic architectural implementations and regular audits.
  • CSPM Tool Integration: Streamlined vulnerability management by integrating CSPM tools (Wiz) with Jira, enabling efficient tracking and remediation of risks across AWS and GCP environments.
  • IAM Process Optimization: Redesigned Identity and Access Management (IAM) processes, auditing over 1,600 entitlements to enhance system security and reduce risk exposure.
  • Incident Response & Forensics: Analyzed CloudTrail logs, GuardDuty alerts, and VPC Flow Logs to identify security threats, providing actionable remediation strategies and supporting digital forensics investigations.
  • Security Automation: Automated key security workflows using Python and Bash scripting, reducing manual toil by 40% and improving operational efficiency.
  • Cross-Team Collaboration: Partnered with engineering and product teams to architect secure, scalable solutions aligned with business objectives.
  • Metrics-Driven Risk Management: Developed and implemented metrics-based strategies to evaluate and enhance the cloud security posture, enabling proactive risk management and compliance tracking.
  • Collaboration with Google Engineers: Partnered with Google Cloud engineers to define and implement security policies, IAM roles, and network configurations tailored for new cloud deployments, ensuring alignment with industry best practices and organizational requirements.

Infrastructure Security Engineer

Unity Technologies
07.2019 - 10.2022
  • Cloud Security Architecture: Designed and implemented IAM policies across GCP and AWS, securing multi-account environments and improving access governance while reducing operational overhead.
  • DevSecOps Implementation: Embedded security into CI/CD pipelines using SAST, DAST, and SCA tools, ensuring secure code deployment and reducing vulnerabilities in production environments.
  • RESTful API Security: Conducted security assessments of RESTful APIs, identifying vulnerabilities such as broken authentication, injection flaws, and misconfigurations using Burp Suite and OWASP ZAP.
  • CSPM Implementation: Spearheaded the deployment of the Orca CSPM tooling, significantly enhancing the cloud security posture and enabling proactive risk management strategies.
  • Distributed Systems Security: Partnered with engineering teams to secure distributed systems, ensuring scalability, resilience, and compliance with industry standards.
  • Incident Response & Threat Analysis: Investigated and mitigated AWS-based security incidents, coordinating with internal teams to reduce response times by 50%.
  • Security Automation: Developed Python scripts for continuous AWS and GCP security posture monitoring, ensuring adherence to ISO27001, SOC2, and NIST standards.
  • Firewall Optimization: Led an overhaul of GCP firewall rules, achieving enhanced network security while maintaining developer agility and ensuring compliance with industry regulations.

Principal Associate Platform Security Engineer

The OCC
05.2018 - 06.2019
  • Multi-Cloud Security Architecture: Designed and secured multi-cloud architectures across AWS and GCP, focusing on scalability, compliance, and robust cloud security frameworks.
  • DevSecOps Practices: Integrated SAST, DAST, and SCA tools into CI/CD pipelines to automate vulnerability detection and remediation during the software development lifecycle.
  • RESTful API Security: Implemented security controls for RESTful APIs, including input validation, encryption, and role-based access control (RBAC), and conducted penetration testing using Postman and Burp Suite.
  • Threat Modeling & Risk Prioritization: Designed risk-based security frameworks, integrating CVSS scoring, threat modeling, and attack path analysis into security operations, prioritizing risks like API key exposure and lateral movement.
  • Container Security: Led container security initiatives for Kubernetes (GKE, EKS) and Docker-based deployments, enhancing visibility and ensuring compliance for containerized workloads, reducing exploitable vulnerabilities by 40%.
  • Security Tooling: Architected, deployed, and maintained security tools and services, including firewalls, IAM policies, and access management solutions.
  • Incident Response: Conducted AWS IAM audits and investigated security incidents, reducing excessive permissions by 60% and improving response times.
  • Automated compliance checks with Forseti and AWS Config, aligning with NIST and SOC2 standards across 20+ projects.

Senior Associate Cloud Security

PricewaterhouseCoopers
02.2016 - 05.2018
  • Cloud Migration Blueprint: Designed and developed a GCP migration blueprint to facilitate seamless cloud adoption while ensuring robust security measures.
  • Multi-Cloud Security Enhancements: Oversaw the implementation of AWS and GCP security tools, strengthening the organization’s cloud security posture across multi-cloud environments.
  • Automation Initiatives: Automated security tooling, alerting, and remediation workflows, reducing manual intervention and boosting operational efficiency.
  • Vulnerability Management: Spearheaded security updates and patching initiatives, significantly reducing vulnerabilities and enhancing compliance with industry standards.
  • Cloud Security Assessments: Led comprehensive cloud security assessments, implementing robust security controls to strengthen client infrastructure protection while maintaining compliance with industry standards.
  • Security Framework Upgrades: Orchestrated upgrades to security frameworks across multiple cloud platforms, reducing vulnerability incidents by 30% and enhancing system resilience.
  • Cross-Functional Collaboration: Partnered with cross-functional teams to develop and deploy cloud security solutions, ensuring seamless integration and operational efficiency across AWS and GCP environments.
  • Security Audits & Threat Assessments: Conducted thorough security audits and threat assessments, identifying and resolving potential vulnerabilities in cloud environments to mitigate risks proactively.
  • Automated Security Monitoring: Pioneered automated security monitoring protocols, streamlining threat detection and incident response procedures across cloud platforms, reducing manual intervention by 40%.

Cloud Security Engineer

Pinnacle Group
04.2014 - 02.2016
  • Cloud Migration Strategies: Contributed to the development of secure and cost-effective AWS cloud migration strategies, providing actionable insights to streamline the migration process.
  • IAM Management Expertise: Gained hands-on experience managing AWS Identity and Access Management (IAM), implementing least-privilege principles to enhance authentication and authorization.
  • Resource Hardening: Applied security best practices to harden AWS resources, including EC2 instances, Kubernetes clusters, and databases, ensuring compliance with CIS benchmarks and improving security posture by 25%.
  • Security Patching & Updates: Participated in systematic security patching and updates, improving the organization’s overall application security posture by 25%.
  • Cloud Security Governance: Collaborated with cross-functional teams to enhance cloud security governance, ensuring alignment with business objectives and regulatory requirements.
  • Workflow Automation: Assisted in monitoring and automating cloud security workflows, including patch compliance and alerting, reducing manual overhead and boosting operational efficiency.
  • IAM Role-Based Access Controls: Engineered robust AWS cloud security solutions by implementing IAM role-based access controls and conducting comprehensive vulnerability assessments.
  • DevSecOps Integration: Partnered with DevOps teams to integrate SAST/DAST controls within CI/CD pipelines, ensuring continuous compliance and risk mitigation for 10+ teams.

Network/Security & VoIP Engineer

Acuative Corps
03.2012 - 04.2014
  • Secure Environment Deployment: Engineered and deployed secure, highly available user environments using Cisco UC blades, focusing on cloud-based VM deployments aligned with strict security and compliance standards.
  • Threat Detection and Response: Improved overall security posture by leveraging SIEM and endpoint security solutions, enhancing threat detection and response capabilities.
  • Cisco Routing & Switching: Configured and managed Cisco routers (ASR, ISR) and switches (Catalyst 2960, 3750, 4500) for multiple enterprise customers, ensuring optimal network performance and security.
  • VoIP Systems Management: Deployed and maintained Cisco VoIP systems, including Cisco Unified Communications Manager (CUCM), Cisco Unity Connection, Cisco IP Phone series 7900, Cisco CallManager Express (CME), and Cisco Unified Survivable Remote Site Telephony (SRST), for diverse customer environments.
  • VoIP Troubleshooting: Resolved complex VoIP-related issues, including call quality degradation, one-way audio, and SIP trunking problems, ensuring minimal downtime for customer operations.
  • Network Integration: Directed the integration of CME routers, voice gateways, and switches with advanced firewall and WAF technologies to safeguard cloud network infrastructures.
  • Patch Management: Monitored and applied security patches for routers, switches, and Cisco Unified Communication equipment, ensuring compliance with security policies and reducing vulnerabilities.
  • Cross-Team Collaboration: Collaborated with cross-functional teams to optimize network and VoIP security, ensuring alignment with organizational objectives and maintaining operational excellence.

Education

Ph.D. - Artificial Intelligence & Machine Learning

George Washington University
Washington DC.
05.2027

CVDL Master - AI/ML, Computer Vision & Deep Learning

OpenCV University
01.2024

M.S. - Information Assurance

Strayer University
Irving, TX
01.2016

Bachelor of Science - Computer Science

Nnamdi Azikiwe University
Nigeria
01.2005

Skills

  • Cloud Security: GCP (Security Command Center, Chronicle, IAM, VPC Service Controls, Cloud Armor, Binary Authorization, Cloud DLP, Apigee, Cloud KMS, Cloud Identity); AWS (IAM, GuardDuty, Security Hub, Config, CloudTrail)
  • CSPM & Compliance: Wiz, Orca, Vanta, Security Health Analytics, CIS GCP Benchmark, NIST SP 800-53 (SI-4, AC-2, RA-5, IR-4), ISO 27001 (A101, A1241, A912), SOC 2, PCI DSS, HIPAA, HITRUST
  • DevSecOps: Cloud Build, GitLab CI, GitHub Actions, SAST, DAST, SCA, Terraform, Veracode-Risk Manager
  • Container Security: GKE, Binary Authorization, Workload Identity, Hardened Base Images (COS, Ubuntu Minimal), Artifact Registry
  • Threat Modeling: MITRE ATT&CK, STRIDE, PASTA, CVSS
  • API Security: OAuth2, JWT, TLS, RBAC, Postman, Burp Suite, OWASP ZAP
  • Automation: Python, Bash, Cloud Functions, Pub/Sub, Wiz <> Jira Integration, Vanta Integration
  • Monitoring & Analytics: Cloud Logging, Chronicle, Event Threat Detection, Rapid Vulnerability Detection, Sumo Logic, VPC Flow Logs
  • Project Management: Mondaycom, Jira, RACI Risk Registers
  • Networking & VoIP: Cisco CUCM, CME, SRST, Catalyst Switches, ASR/ISR Routers, SIEM, Firewall/WAF

Certification

  • Google Cloud Professional Security Engineer
  • Google Cloud Architect Professional
  • Google Cloud Certified Engineer
  • GCP Network Professional
  • AWS Certified Security – Specialty
  • AWS Solutions Architect – Associate & Professional
  • CompTIA Security+
  • Certificate of Cloud Security Knowledge (CCSK) v5, CSA
  • AI Governance, Risk & Security, ELVTR
  • Terraform Certified (In Progress)

Timeline

Lead Security Engineer

Appfire
03.2024 - Current

Senior Cloud Security Engineer

Rite Aid Pharmacy
10.2022 - 01.2024

Infrastructure Security Engineer

Unity Technologies
07.2019 - 10.2022

Principal Associate Platform Security Engineer

The OCC
05.2018 - 06.2019

Senior Associate Cloud Security

PricewaterhouseCoopers
02.2016 - 05.2018

Cloud Security Engineer

Pinnacle Group
04.2014 - 02.2016

Network/Security & VoIP Engineer

Acuative Corps
03.2012 - 04.2014

CVDL Master - AI/ML, Computer Vision & Deep Learning

OpenCV University

M.S. - Information Assurance

Strayer University

Ph.D. - Artificial Intelligence & Machine Learning

George Washington University

Bachelor of Science - Computer Science

Nnamdi Azikiwe University

Similar Profiles

CREATE PROFILE
Arinze Momife