Summary
Overview
Work History
Education
Skills
Certification
State
City
Number
Timeline
Generic

Esther Chefoin

Clermont,IA

Summary

Dedicated Cloud DevSecOps expert with over 7 years of specialized experience in cloud security, DevOps security, and container security. Pursuing a role that combines my strengths as an ISSO with my expertise in Cloud Security Engineering. My goal is to contribute to and lead the development and implementation of comprehensive security architectures, audits, and controls. Committed to ensuring alignment with security standards, enhancing compliance, and achieving operational excellence through effective security policies and procedures.

Overview

10
10
years of professional experience
1
1
Certification

Work History

Cloud infrastructure Security Eng

IBM
Charlotte, North Carolina
02.2021 - Current
  • Evaluated AWS Accounts thoroughly, documenting any security incidents found and determining their priority.
  • Utilized Prisma Cloud for scanning and resolving cloud alerts across various accounts.
  • Guided security architecture review board discussions, ensuring that new releases of product infrastructure in the cloud complied with established security best practices.
  • Facilitated the seamless integration of Synk for source code analysis and Stackhawk for dynamic code analysis in collaboration with product teams.
  • Implemented github actions to automate CICD deployments of security agents onto servers
  • Used Guard Duty for thread detection and protection across the AWS Environment.
  • Used AWS security hub as a centralized place for security findings.
  • Transferred security events from Inspector, Guard Duty, aws config, Macie along with other third party tools to Security hub.
  • Fixed Security incidents by hardening cloud infrastructures through the use of terraform.
  • Crafted terraform modules that followed industry best practices for IAC.
  • Ensured these modules are stored in centralized repositories and can be used when there is need for infrastructure.
  • Created terraform modules by following security standards.
  • These modules served as baselines for provisioning cloud infrastructures.
  • Deployed AWS control tower landing zone for cloud account governance.
  • Created and deployed preventive and detective guardrails through the use of scps and Config rules
  • Deployed customization for control tower for scaling control tower activities.
  • Integrated AWS SSO with active directory for identity federation into our AWS accounts.
  • Led endpoint detection projects in the cloud by deploying crowdstrike agents to our EC2 amd container host for detecting and preventing malicious code executions.
  • Performed vulnerability management through the use of wiz, nexus and tenable virtual machines and container images.
  • Developed hardened AMIS for EC2 host by leveraging EC2 Image Builder.
  • Ensured every VM image had Crowdstrike and AWS SSM agents.
  • Utilized Prisma cloud for security visibility of incidents in our AWS, GCP and Azure accounts.
  • Implemented Azure Security Center to monitor and enhance the security posture of cloud resources.
  • Configured and managed Azure Active Directory for secure identity and access management.
  • Ensured CICD pipelines were secured, by mandating static code analysis with Sonarqube and Dynamic code analysis with stackhawk for all our products.
  • Developed Quality profiles and Quality gates in sonarqube for this ensuring code scanning and passed checks.
  • Led Container security projects by ensuring dockerfile had proper base images, layers with zero and no critical vulnerabilities.
  • Ensured docker images were stored in secured and private image registries.
  • Utilize AWS inspector container image scanning
  • Ensured security on container runtimes for AWS EKS, ECS, AKS.
  • Utilized CrowdStrike to enhance endpoint detection and protection.
  • Performed Authentication and Authorization within EKS (kubernetes) by leveraging AWS IAM roles and Role based access control through roles, cluster roles, role bindings and cluster role bindings.
  • Created VPCs by following cloud security network best practices and ensured subnets were secured with NACLs and instances secured with security groups that had no unsecured ports opened.
  • Setup VPC Peering and Transit gateways for ensuring private communication between cloud VPCs.
  • Following best practices of principles of least privileges by ensuring identities were provided the minimum permission needed to carry out their job function.
  • Ensured security in s3 buckets by keeping buckets private, enabling encryption, versioning etc.
  • Used AWS KMS for creating encryption keys used for encrypting data at rest in EBS volumes, s3, SQS queues, RDS databases etc.
  • Utilized Certificate manager for grabbing certificates used for encrypting traffic in transit.
  • Used Cloudtrail and cloudwatch for auditing and monitoring health of resources respectively.
  • Deployed AWS manages WAF rules to secure our web based applications against layer 7 attacks at the level of cloud front, api gateways and load balancers.
  • Used Splunk cloud for ingesting cloud logs for analysis and aggregation.

Cloud security Engineer

Fox News
Washington DC
02.2017 - 01.2021
  • Collaborated with Security leadership, including Information Security, Security Advisory & Analytics, and IT Risk & Compliance, to define Security Standards and Procedures and integrate security considerations within the software development lifecycle.
  • Served as the subject matter expert for cloud security, providing guidance on Security Information and Event Management (SIEM), access control mechanisms, Intrusion Detection Systems (IDS), and Intrusion Prevention Systems (IPS).
  • Configured, deployed, and managed AWS Security Services such as AWS WAF, AWS Advanced Shield, AWS Security Hub, AWS Macie, AWS Guard Duty, AWS KMS, AWS Secrets Manager, and other essential AWS Security Services.
  • Implemented AWS security best practices, including multi-factor authentication, access key rotation, encryption using KMS, configuring firewalls (security groups and NACLs), S3 bucket policies and ACLs, and mitigating DDoS attacks.
  • Directed vendor risk management, application development, network, cloud-based services, and platform (operating system) efforts, ensuring compliance with enterprise and IT security policies, industry regulations, and best practices.
  • Partnered with CloudOps, DevOps, and IT Engineers on technologies such as firewalls, ACLs, WAFs, IAM roles and permissions, vulnerability management, threat detection, and container security.
  • Conducted daily Splunk Enterprise Security log reviews, monitored IDS alerts from Palo Alto firewall, Web Proxy servers, DNS server, HIPS logs, Syslog for malicious activity, and analyzed Cisco IronPort logs.
  • Investigated daily Splunk Enterprise Security notable events and alerts for malicious activities like SSH scans, network trojans, administrative privilege escalations, privacy violations, code injections, and web application attacks.
  • Monitored Splunk Enterprise Security for local and international VPN user activities, responded to potential cyber incidents, and coordinated response actions according to NIST SP 800-61 incident response procedures.
  • Analyzed Splunk threat intelligence dashboards, investigated web proxy server logs to stay abreast of mail gateway security trends, and modified existing capabilities based on threat assessments to enhance security posture.
  • Collaborated with developers to identify vulnerabilities, produce secure code, broaden developer awareness of secure software development best practices, and acted as an Information/Application Security subject matter expert on product development matters.

Cloud Security Engineer

Western Union
Dallas, Texas
01.2015 - 01.2017
  • Engaged and consulted with Security leadership, including Information Security, Security Advisory & Analytics, and IT Risk & Compliance, to define Security Standards and Procedures, integrating security considerations within the software development lifecycle.
  • Acted as the subject matter expert for cloud security, guiding the use of Security Information and Event Management (SIEM) tools, access control mechanisms, Intrusion Detection Systems (IDS), and Intrusion Prevention Systems (IPS).
  • Configured, deployed, and managed AWS Security Services including AWS WAF, AWS Advanced Shield, AWS Security Hub, AWS Macie, AWS Guard Duty, AWS KMS, AWS Secrets Manager, and other essential AWS Security Services.
  • Implemented security best practices in AWS, such as multi-factor authentication, access key rotation, encryption using KMS, configuring firewalls (security groups and NACLs), S3 bucket policies and ACLs, and mitigating DDoS attacks.
  • Directed vendor risk management, application development, network, cloud-based services, and platform (operating system) efforts, ensuring compliance with enterprise and IT security policies, industry regulations, and best practices.
  • Collaborated closely with CloudOps, DevOps, and IT Engineers on technologies including firewalls, ACLs, WAFs, IAM roles and permissions, vulnerability management, threat detection, and container security.
  • Conducted daily reviews of Splunk Enterprise Security logs, monitored IDS alerts from Palo Alto firewall, Web Proxy servers, DNS server, HIPS logs, Syslog for malicious activity, and analyzed Cisco IronPort logs.
  • Investigated notable events and alerts in Splunk Enterprise Security for malicious activities such as SSH scans, network trojans, administrative privilege escalations, privacy violations, code injections, and web application attacks.
  • Monitored Splunk Enterprise Security for local and international VPN user activities, responded to potential cyber incidents, and coordinated response actions in accordance with NIST SP 800-61 incident response procedures.
  • Analyzed Splunk threat intelligence dashboards, investigated web proxy server logs to stay updated on mail gateway security trends, and modified existing capabilities based on threat assessments to enhance security posture.
  • Collaborated with developers to identify vulnerabilities, produced secure code, broadened developer awareness of secure software development best practices, and acted as an Information/Application Security subject matter expert on product development matters.

Education

BA Computer Science -

Presbyterian university of Cameroon, Bamenda
Bamenda
01.2013

Skills

  • Information Security
  • Cyber Security Frameworks
  • IACS
  • XACTA 360
  • XACTA Continuum
  • RMF
  • FISMA
  • FIPS 199
  • FIPS 200
  • NIST SP 800 54(A) Rev 4
  • NIST SP 800 37
  • NIST SP 800 137
  • NIST SP 800 171
  • NIST SP 800 60 Vol 2
  • ISO 27001
  • ISO 27002
  • DHS 4300 A Compliance
  • HIPAA
  • FedRAMP
  • PCI DSS
  • CJIS
  • SOX
  • POAM management
  • DoD Cybersecurity Maturity Model Certification (CMMC)
  • Cloud Control Matrix (CSA)
  • Center for Information Security (CIS)
  • CLoud Services
  • IAM
  • S3
  • EC2
  • VPC
  • AWS CloudFormation
  • CloudFront
  • AWS Lambda
  • VPC Flow Logs
  • ELB
  • RDS
  • SNS
  • SQS
  • SES
  • Route53
  • AWS Auto Scaling
  • Trusted Advisor
  • CloudWatch
  • CloudTrail
  • AWS Config
  • AWS Shield
  • AWS Cloud
  • GuardDuty
  • AWS Organization
  • AWS AD Connector
  • Active Directory
  • IGW
  • AWS System Manager
  • CSPM TOOLS
  • WIZ
  • Prisma Cloud
  • DEVSECOPS
  • CONTAINER SECURITY
  • Git
  • Github
  • Github actions
  • Code commit
  • ECS
  • SNYK
  • Stackhawk
  • SSM (systems manager)
  • PROGRAMMING
  • SCRIPTING
  • Bash Shell
  • Python
  • ENDPOINT DETECTION AND RESPONSE
  • Crowdstrike
  • CONTAINERISATION
  • Docker
  • Kubernetes
  • EKS
  • CYBER SECURITY TOOLS
  • DarkTrace
  • Symantec
  • FireEye
  • HX
  • NX
  • HX Tool Nessus
  • Qualys
  • Wireshark
  • RSA Net witness
  • RSA Archer Platform
  • McAfee ePolicy Orchestrator
  • Check Point
  • Palo Alto Firewalls
  • Splunk CLOUD
  • Terraform Vault(SIEM)
  • Footprint
  • Service Now
  • Risk Vision
  • Jira
  • Linux
  • Kali Linux
  • Windows
  • Project Management
  • Confluence
  • Asana
  • Microsoft Tools
  • Active directory
  • Azure key vault
  • Azure landing zone
  • Azure front door
  • Azure defender for cloud
  • Azure virtual machines
  • Azure function app
  • Azure Vnet
  • Azure kubernetes service

Certification

  • CISSP
  • Certified AWS security specialist
  • Certified Comptia security +
  • Certified Comptia Network +
  • Certified AWS solutions architect Professional
  • Certified Scrum master
  • Certified Terraform Professional

State

State

City

City

Number

Number

Timeline

Cloud infrastructure Security Eng

IBM
02.2021 - Current

Cloud security Engineer

Fox News
02.2017 - 01.2021

Cloud Security Engineer

Western Union
01.2015 - 01.2017

BA Computer Science -

Presbyterian university of Cameroon, Bamenda

Similar Profiles

CREATE PROFILE
Esther Chefoin