Gbabo Peter Okirika

currently supporting Target's network security posture in Google Cloud.

• Enforced granular IAM policies, and utilized Private Google Access for secure internal service access.
• Automated Cloud Armor policy deployment across multiple projects/environments using Terraform and Spinnaker.
• Enabled Cloud Audit Logs for tracking key usage, and integrated with Cloud Security Command Center for proactive threat monitoring.
• Deployed Cloud IDS endpoints strategically across subnets to monitor ingress and egress traffic for VMs, providing real-time detection of malicious activities, like C2 communication, malware distribution, and lateral movement.
• Implemented packet mirroring in Google Cloud to replicate traffic between VMs, directing mirrored packets to analysis instances for deep inspection to detect.
• Deployed Cloud IDS and Packet Mirroring for deep traffic inspection, detecting encrypted C2 channels, and covert exfiltration attempts.
• Implemented AI-driven threat mitigation using Vertex AI and AutoML for proactive anomaly detection.
• Integrated Cloud IDS with Palo Alto Networks firewalls to detect and mitigate advanced threats, such as C2 attacks, using signature-based and anomaly detection for unauthorized traffic and suspicious domains.
• Integrated VPC Service Controls with Access Context Manager to deliver a comprehensive security framework, blending identity-based, context-aware, and network-centric access controls to safeguard hybrid cloud infrastructures effectively.
• Utilized cloud logging and monitoring to track and analyze VPC activity, network latency, and security events.
• Utilized VPC Service Controls as a robust method for segmenting and safeguarding resources within Google Cloud, including in shared VPC environments.
• Used VPC Service Controls (VPC-SC) to support private IP addresses, allowing for more precise access controls over Google Cloud resources.
• Used the Dry Run mode in VPC Service Controls to simulate perimeter configurations and monitor service usage without enforcing any access restrictions.
• Configured Cloud NAT with firewall rules, and Private Google Access to secure private workloads and prevent unauthorized outbound traffic.
• Enforced role-based access control (RBAC) for encryption key usage by integrating Cloud IAM with Cloud KMS.
• Automated key rotation and management workflows with Terraform and Google Cloud CLI, improving security and compliance.
• Created, rotated, and deleted Key Rings and Crypto Keys in Cloud KMS, enforcing encryption policies for sensitive data.
• Implemented Customer-Supplied Encryption Keys (CSEK) in Google Cloud Storage for data-at-rest encryption, ensuring compliance with GDPR, HIPAA, and PCI-DSS.
• Automated key rotation and management using Terraform, Cloud CLI, and HashiCorp Vault, aligning with FIPS 140-2 and NIST SP 800-57.
• Configured default encryption keys for GCS buckets, automating server-side encryption using CMEK and Cloud KMS for secure data storage.
• Leveraged Terraform to centrally manage Cloud Armor policies across multi-tenant environments for consistent security enforcement.
• Applied service-specific security policies to load balancers in commerce environments for tailored protection.
• Automated IAM security best practices using Google Cloud Identity-Aware Proxy (IAP), enforcing OAuth 2.0, and BeyondCorp principles to enable secure, context-aware access to internal applications and APIs.
• Automated compliance enforcement using Forseti Security, ensuring real-time remediation of misconfigurations.
• Utilized VPC Service Controls and Access Context Manager to enforce zero-trust security and prevent data exfiltration.
• Defined service perimeters with VPC Service Controls to restrict API calls and data exchanges.
• Utilized VPC Service Controls as a robust method for segmenting and safeguarding resources within Google Cloud, including in shared VPC environments.
• Used VPC Service Controls (VPC-SC) to support private IP addresses, allowing for more precise access controls over Google Cloud resources.
• Used the Dry Run mode in VPC Service Controls to simulate perimeter configurations and monitor service usage without enforcing any access restrictions.
• Implemented Spinnaker to create and manage load balancers, while establishing an out-of-band process to apply security policies to load balancers, ensuring seamless integration and enhanced security.
• Use IAM roles, like roles/storage.admin and roles/bigquery.dataOwner, to control resource-level access.
• Configured VPC Flow Logs in Google Cloud, enabling logs on selected subnets and adjusting parameters like flow sampling (0-100%), aggregation intervals (e.g., 5s, 30s), and metadata (custom vs. default).
• Developed Cloud Armor WAF (Web Application Firewall) rules to mitigate Layer 7 DDoS attacks and OWASP Top 10 vulnerabilities for applications hosted on Google Kubernetes Engine (GKE) and Cloud Run.
• Established CI/CD pipeline security controls by integrating Google Cloud Build with Binary Authorization, ensuring that only signed and verified container images are deployed into production environments.
• Guided secure coding practices when developing new applications for the cloud environment.
• Configured load balancers and auto-scaling groups to ensure high availability and fault tolerance.
• Implemented and managed Kubernetes clusters for container orchestration, enhancing application scalability.
• Conducted regular security assessments of cloud infrastructure to identify potential vulnerabilities.

• Designed and implemented cloud security architectures across AWS, GCP, and Azure, ensuring compliance with industry standards and best practices.
• Utilized VPC Service Controls and Access Context Manager to enforce zero-trust security models, and prevent unauthorized data access and exfiltration.
• Defined and implemented service perimeters using VPC Service Controls to restrict API calls and data exchanges, enhancing security for cloud workloads.
• Developed and deployed Cloud Armor AI rules for mitigating DDoS attacks and ensuring protection against OWASP Top 10 threats, including SQL injection and cross-site scripting (XSS).
• Configured cloud storage encryption for AWS S3, Google Cloud Storage, and Azure Blob, ensuring all data at rest and in transit is securely handled.
• Built real-time network telemetry pipelines with Cloud Pub/Sub, BigQuery, and Looker to provide enhanced visibility into threats and anomalies in the cloud environment.
• I automated the export of security logs to BigQuery for real-time correlation with IDS findings, enabling faster detection of security incidents.
• Integrated Binary Authorization into CI/CD pipelines to enforce security policies, ensuring that only verified containers and images are deployed to production environments.
• Configured and secured AWS Connect to ensure a robust, secure cloud-based contact center solution, integrating it with AWS Lambda and Amazon Lex for automation, and enhanced customer experience, while maintaining strict data security controls.
• Integrated machine learning (ML) models into cloud security workflows to detect anomalies and patterns in real-time traffic data, improving the accuracy of threat detection, and reducing false positives.
• Leveraged AI-powered security tools to enhance predictive threat intelligence, enabling proactive mitigation of emerging threats in the cloud environment.
• Collaborated with development teams to implement security automation tools, reducing the manual effort required to maintain a secure cloud environment.