Summary
Overview
Work History
Education
Skills
Professional Appearances
Certification
Affiliations
Timeline
Generic

Damien Burks

Euless,TX

Summary

Results-driven Cloud Security Engineer with extensive experience and expertise in designing and implementing cutting-edge security solutions within AWS and GCP. Proven track record of developing custom security frameworks and preventive controls, bolstering incident response capabilities, and streamlining security governance processes. Adept at building and deploying DevSecOps pipelines, driving large-scale application deployments, and delivering exceptional AI/ML-powered solutions. Recognized for professional appearances at renowned security conferences and a history of stellar technical documentation. Demonstrates a commitment to excellence, innovation, and education in the cybersecurity field.

Overview

8
8
years of professional experience
1
1
Certification

Work History

Cloud Security Engineer - SVP

Citi
01.2024 - Current
  • Streamlined incident response processes by automating threat detection and mitigation in cloud infrastructure, enhancing response time and security posture.
  • Led a strategic migration from AWS Cloud Development Kit (CDK) to Terraform Enterprise to support the automated incident response framework, CCAF, across AWS and Google Cloud (GCP).
  • Developed comprehensive playbooks and standardized secure coding practices, supporting incident response engineers in AWS and GCP environments.
  • Designed and implemented custom incident response strategies for Amazon Elastic Kubernetes Service (EKS), including AWS-specific security controls and protocols.
  • Architected and deployed an automated incident response framework (CCAF) on Google Cloud using Terraform Enterprise, Cloud Workflows, Cloud Functions, and Pub/Sub, enabling consistent and scalable incident response.
  • Participated in Cloud Security Architecture Review forums, providing key recommendations for mission-critical products within AWS and GCP.

Cloud Security Engineer - VP

Citi
08.2021 - 01.2024
  • Led the development and implementation of an automated AWS Incident Response framework by utilizing the AWS Cloud Development Kit (CDK)
  • Decreased AWS Incident Response time via automation by over 65%
  • Utilized Terraform to implement a custom AWS acceptance testing platform that tests the robustness of the custom AWS Incident Response framework
  • Implemented AWS DevSecOps deployment pipeline using the following services and technologies: CodePipeline, SonarQube, CodeCommit, CodeBuild
  • Deployed AWS Tier 2/3 infrastructure using Terraform Enterprise and AWS CloudFormation
  • Designed and implemented robust preventive security controls within AWS using Hashicorp Sentinel and Open Policy Agent
  • Developed security metrics and technical analysis to give insight into performance and trends via Splunk and Prisma Cloud.
  • Engaged business and technology stakeholders to gather goals and requirements for the development of custom security controls with AWS

Security Software Engineer II

Verizon
07.2020 - 08.2021
  • Developed and designed application POCs for IT security operations and security governance processes.
  • Developed and implemented a DevSecOps pipeline for large-scale application deployments to remove deployment overhead with the following technologies: Jenkins, SonarQube, Fortify, BlackDuck, Ansible
  • Architected and implemented an AI/ML video-recommendation engine for an enterprise-wide ticketing management system that reduced over 35% of open requests.
  • Reviewed project specifications and designed technology solutions that met or exceeded performance expectations.
  • Wrote stellar documentation for APIs and automated deployment processes.

Security Systems Engineer I

Verizon
01.2019 - 07.2020
  • Developed new, efficient, and well-tested code for a variety of different projects.
  • Developed and maintained a custom-built email management system that is used by a small Application Security team to track and update service tickets.
  • Involved in the full life cycle of software design process of other projects, including prototyping, proof of concepts, design, interface implementation, testing and maintenance.
  • Contributed to the development of scalable RestAPI's of our in-house DLP product that services over 1000 internal users.
  • Applied leading theories and concepts to the development, maintenance, and implementation of information security standards, procedures, and guidelines.

High-Level Technical Support

Texas Southern University
09.2016 - 12.2018
  • Installed and maintained university systems, network, and remedy ticketing system
  • Completed troubleshooting and repair when computers experienced problems
  • Made recommendations and developed technical design for new application features
  • Trained users in the proper use and troubleshooting of hardware and software

Information Security Engineer (Intern)

Verizon
06.2018 - 08.2018
  • Designed, maintained, and supported information security systems as part of the implementation and daily operations
  • Designed a security framework using the following technologies: Docker, Jenkins, Kubernetes, Python, Git, Blackduck, Twistlock, Zap
  • Implemented static/dynamic code testing, automated security scans, threat modeling, design reviews, and penetration testing of Docker containers to identify vulnerabilities and security defects
  • Assisted with performing AWS EC2 baselines and constructing standard operating procedures.

Education

Master of Science - Cybersecurity Technology

University of Maryland - Global Campus
Hyattsville, MD
04.2023

Bachelor of Science - Computer Science

Texas Southern University
Houston
12.2018

Skills

  • AWS Security Hub, Macie, GuardDuty
  • AWS CodePipeline, CodeCommit, CodeBuild, CodeDeploy
  • AWS IAM, SNS/SQS, KMS, Lambda, EKS, Step Functions, EventBridge
  • AWS CloudTrail, CloudWatch
  • AWS Cloud Development Kit (CDK)
  • HashiCorp Terraform
  • Open Policy Agent (OPA) / Rego
  • Jenkins/GitHub Actions/Harness/Tekton
  • Docker/Kubernetes/Openshift
  • Python/Bash
  • NIST 800-53, FedRAMP
  • Splunk
  • Prisma Cloud
  • MITRE ATT&CK
  • Google Cloud Functions, Workflows, IAM, Pub/Sub

Professional Appearances

  • Burks, D and Gupta, R (2024, October) Come and See CCC. Presented at Open Source in Finance Forum (OSFF) 2024, New York, US
  • Burks, D and Veliz, E (2023, June) How Citi advanced their containment and forensic capabilities through automation. Presented at fwd:cloudsec 2023, California, US
  • Burks, D and Veliz, E (2023, June) How Citi advanced their containment capabilities through automation. Presented at AWS re:Inforce 2023, California, US
  • Burks, D (2022, November) Minimizing AWS S3 bucket attack vectors at scale. Presented at BSidesDFW - 2022, Texas, US
  • Burks, D (2022, August) Automated S3 Blocking with AWS Macie & DataCop. Presented at DevOpsDays - Dallas 2022, Texas, US
  • Burks, D and Veliz, E (2022, October) Citi's Cloud Automation Framework. Presented at FS-ISAC FinCyber Today 2022, Arizona, US

Certification

  • AWS Certified DevOps - Professional
  • AWS Certified Security - Specialty
  • AWS Certified Cloud Practitioner
  • Google Cloud Certified - Digital Cloud Leader
  • Google Cloud Certified - Associate Cloud Engineer

Affiliations

  • AWS Community Builders
  • National Society of Black Engineers (NSBE)

Timeline

Cloud Security Engineer - SVP

Citi
01.2024 - Current

Cloud Security Engineer - VP

Citi
08.2021 - 01.2024

Security Software Engineer II

Verizon
07.2020 - 08.2021

Security Systems Engineer I

Verizon
01.2019 - 07.2020

Information Security Engineer (Intern)

Verizon
06.2018 - 08.2018

High-Level Technical Support

Texas Southern University
09.2016 - 12.2018
  • AWS Certified DevOps - Professional
  • AWS Certified Security - Specialty
  • AWS Certified Cloud Practitioner
  • Google Cloud Certified - Digital Cloud Leader
  • Google Cloud Certified - Associate Cloud Engineer

Master of Science - Cybersecurity Technology

University of Maryland - Global Campus

Bachelor of Science - Computer Science

Texas Southern University
Damien Burks