Favour Egbuka
Cloud Security Engineer
Plano,TX
Summary
Highly skilled and motivated Cloud Security Engineer with a strong focus on securing cloud and network infrastructure. Equipped with a detailed understanding of cloud security principles, extensive experience in deploying and customizing security tools, and the ability to collaborate with cross-functional teams to achieve complex objectives. Seeking a challenging position to leverage my skills and expertise in cloud security and contribute to the success of an organization.
Overview
7
7
years of professional experience
5
5
Certifications
Work History
Sr. Cloud Security Engineer
Amazon Web Services
08.2021 - Current
- Deep understanding of cloud and network security, including best practices, threat mitigation, and risk management.
- Led container security initiative: implemented EKS best practices, admission controllers, and runtime threat detection with Falco; reduced high-risk vulnerabilities in container images by 80% through automated scanning and remediation workflows.
- Build security controls that detect, prevent, and correct cloud vulnerabilities in our very complex and challenging environment.
- Worked collaboratively with application and infrastructure teams to define standards for secure development pipelines.
- Built admission controller policies (OPA/Gatekeeper ) to enforce image signing, block non-compliant manifests, and prevent privilege escalation at deploy time.
- Collaborated with development and operations teams to integrate security practices into CI/CD pipelines, enabling automated security testing and change management.
- Utilized programming , python to automate security tasks and develop tools to enhance efficiency and effectiveness.
- Partnered closely with engineering teams to define and enforce security standards and develop secure-by-design features and enhancements
- Integrated Kubernetes audit logs with SIEM pipelines, creating custom detections for anomalous API calls, pod privilege changes, and lateral movement attempts.
- Created and maintained dashboards, metrics, and reports to track and communicate security-related data and drive informed decision-making.
- Built and tuned SIEM pipelines (Splunk and AWS OpenSearch) ingesting CloudTrail, VPC Flow Logs, GuardDuty findings and Kubernetes audit logs; developed correlation rules and dashboards to detect lateral movement and privilege escalation.
- Identified, triaged and drove the remediation of vulnerabilities and misconfigurations for cloud resources
- Supported continuous monitoring, incident response, threat intelligence, and other SOC/“Blue Team” responsibilities
Sr. Cloud Security Engineer
JumpCloud
07.2019 - 08.2021
- Deploy infrastructure as code and contribute changes to production security infrastructure
- Utilized Wiz to Analyze Your Entire Cloud Infrastructure And Identify Critical Risks Across All Platforms.
- Configured multi-account architecture, identity and access management, governance, data security, network design, and logging within AWS landing zones.
- Developed and automated security workflows, playbooks, and tools to enhance efficiency and effectiveness in security operations
- Conducted regular audits of existing security infrastructure, identifying areas for improvement and recommending solutions accordingly.
- Supported the regulatory compliance initiatives, processes, and documentation for ISO, NIST, CSA, PCI, SOC2, etc.
- Partnered with Engineering teams to troubleshoot security vulnerabilities.
- Designed, developed, and implemented new cloud security technologies to support business and technology solutions.
- Assisted in the prompt investigation of security incidents with preparedness to isolate and remediate incidents pursuant to established procedures.
- Worked with platform team to implement DevSecOps tooling and processes
- Worked closely with all teams to define technology requirements and sue cases for enabling technologies like SIEM, SOAR and case management.
- Led the migration of critical systems to the cloud while ensuring minimal disruption to business operations and maintaining high levels of security throughout the process.
- Established monitoring systems to proactively identify potential weaknesses in cloud infrastructure, enabling early detection of vulnerabilities or breaches.
- Implemented enterprise SIEM using the ELK stack; parsed logs with Filebeat/Logstash and wrote detections for unauthorized API calls and anomalous authentication; responded to alerts during on-call rotations.
- Collaborated with application developers to integrate SAST/DAST tools (Bandit, SonarQube) into pipelines
DevSecOps Engineer
Rackspace Techenology
04.2018 - 07.2019
- Used of Wiz/Megalinter/snyk for vulnerability scan and remediation
- Ability to perform Continuous Integration and Continuous Delivery (CI/CD) via modern systems, such as GitHub Actions and/or Jenkins
- Established and maintained continuous security monitoring of systems and applications.
- Ability to define and deploy monitoring, metrics, and logging systems on AWS & Azure
- Familiar with using application security validations tools for pentesting, component analysis, static analysis, and/or dynamic analysis
- Experienced in developing, testing, and maintaining containerized applications in Kubernetes
- Conducted regular risk assessments and collaborate with stakeholders to address security vulnerabilities.
- Maintained clear and comprehensive documentation of security policies, procedures, and configurations.
Education
Bachelor of Science - University Studies - Information Systems
Texas Tech University
Skills
AWS Cloud Security: IAM, VPC, KMS, Security Hub, Control Tower, GuardDuty, Config, CloudTrail
- Container & Kubernetes Security: EKS, ECS, Istio/Envoy, runtime hardening, image scanning (Trivy, Clair), OPA & admission controllers, Wiz, Crowdstrike Web3
Infrastructure as Code & Automation: Terraform, CloudFormation, Ansible, Python scripting
- Security Operations & SIEM: Splunk, Sumo Logic, ELK stack, AWS Security Lake; log aggregation, alert tuning and response workflows
Incident Response & Threat Hunting: playbook development, root-cause analysis, malware analysis, forensic triage
Identity & Access Management: IAM roles and policies, SSO integration, JumpCloud directory and MFA, Secrets Management (HashiCorp Vault, AWS Secrets Manager)
- Compliance & Risk Management: SOC 2, HIPAA, NIST 800-53, CIS Benchmarks; audit readiness and evidence collection
DevSecOps & CI/CD: integrating security into pipelines (GitLab/GitHub Actions), static/dynamic code analysis, container registry scanning - Programming & Scripting: Python (automation, data parsing, API integration), Bash, Go basics
Certification
AWS Solutions Architect - Associate
Timeline
AWS Sysops Admin
08-2022
AWS Security Speciatly
05-2022
Sr. Cloud Security Engineer
Amazon Web Services
08.2021 - Current
Comptia Security plus
03-2021
AWS Solutions Architect - Associate
05-2020
Python
12-2019
Sr. Cloud Security Engineer
JumpCloud
07.2019 - 08.2021
DevSecOps Engineer
Rackspace Techenology
04.2018 - 07.2019
Bachelor of Science - University Studies - Information Systems
Texas Tech University
Similar Profiles
Francisco Javier Chavero, Jr.Francisco Javier Chavero, Jr.
Environmental Program Manager (EPM) at Amazon Web Services (AWS), Amazon Data Services, Inc.Environmental Program Manager (EPM) at Amazon Web Services (AWS), Amazon Data Services, Inc.
Manish KulshreshthaManish Kulshreshtha
Head - Enterprise Support (Mid and Large Enterprise Business) at Amazon Web Services (Amazon Internet Services Pvt. Ltd.)Head - Enterprise Support (Mid and Large Enterprise Business) at Amazon Web Services (Amazon Internet Services Pvt. Ltd.)
Joe BehrensJoe Behrens
Senior DevOps Consultant at Amazon Web Services (AWS) Professional ServicesSenior DevOps Consultant at Amazon Web Services (AWS) Professional Services
DEEPA KARUNAKARANDEEPA KARUNAKARAN
Customer Solutions Manager (Customer facing Program Manager) at Amazon Inc. (Strategic Accounts, Amazon Web Services)Customer Solutions Manager (Customer facing Program Manager) at Amazon Inc. (Strategic Accounts, Amazon Web Services)
Joud AshourJoud Ashour
Barista at Haraz Coffee HouseBarista at Haraz Coffee House