Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Hammed Nureni

Richmond

Summary

Experienced Cloud Security Engineer and DevSecOps with over 7+ years of experience securing and automating cloud infrastructure across AWS and Azure in highly regulated environments. Specialized in implementing DevSecOps practices, hardening Kubernetes and Docker workloads, and enforcing compliance with NIST 800-53, CIS benchmarks, ISO 27001, and PCI-DSS. Proficient in IaC (Terraform, HELM), CI/CD security (GitHub Actions, Trivy, Checkov, Snyk), and cloud-native security services including AWS Security Hub, GuardDuty, Macie, and Azure Defender. Skilled in IAM, secrets management, secure networking, and incident response. Known for driving cloud security posture improvements and delivering scalable, resilient, and compliant cloud solutions through cross-functional collaboration.

Overview

8
8
years of professional experience
1
1
Certification

Work History

DevOps/Cloud Security Engineer (DevSecOps)

Navitus Health Solution
09.2022 - Current
  • Designed and implemented secure, scalable cloud infrastructure on AWS and Azure, applying NIST 800-53, CIS benchmarks, and Zero Trust principles to enhance cloud security posture.
  • Built and maintained secure CI/CD pipelines using GitHub Actions, integrating tools like Trivy, Snyk, Checkov, Terrascan, and SonarQube for vulnerability scanning and code analysis.
  • Automated infrastructure provisioning using Terraform and HELM; contributed to reusable modules to support secure, standardized deployments across teams.
  • Managed IAM policies, network access controls (NACLs, Security Groups), and token-based authentication using GitHub OpenID Connect to enforce least privilege and secure access.
  • Monitored and responded to security incidents using AWS Security Hub, GuardDuty, CloudTrail, Config, Macie, Sentinel, Defender for Cloud, and Datadog, ensuring compliance and threat visibility.
  • Deployed and secured containerized applications on Docker and Kubernetes with emphasis on cluster hardening, image scanning, encryption, RBAC, network policies, and disaster recovery.
  • Conducted regular security assessments, audits, and penetration testing to identify and mitigate risks, while guiding teams on secure infrastructure-as-code practices.
  • Collaborated with cross-functional teams to implement DevSecOps and SRE best practices, enhancing CI/CD pipeline reliability, system uptime, and cloud environment resilience.

Cloud Security Engineer (DevSecOps)

Dell Technologies
02.2018 - 09.2022
  • Designed and implemented secure, scalable cloud architectures across AWS and Azure, ensuring compliance with standards such as ISO 27001, NIST 800-53, CAS-T, PSN, ND1643, CESG, and PCI-DSS.
  • Built secure, automated CI/CD pipelines using GitHub Actions and OpenID Connect, integrating security tools like Trivy, Kubesec, SonarQube, Checkov, and Cloud Custodian to enforce compliance and prevent vulnerabilities.
  • Authored reusable Infrastructure-as-Code (IaC) modules using Terraform and Terragrunt to provision AWS and Azure resources, including EC2, VPCs, subnets, Route 53, NLBs, S3, RDS, Azure App Services, and AKS clusters.
  • Hardened Kubernetes and Docker environments by deploying admission controllers, pod security policies, RBAC, image scanning, encryption, and secure networking; configured HAProxy as a load balancer and reverse proxy.
  • Enhanced security monitoring and observability using tools such as AWS CloudWatch, GuardDuty, Security Hub, Config, Macie, and integrated Prometheus and Datadog for deep infrastructure and application visibility.
  • Automated operational tasks and incident response using Bash, PowerShell, and Python scripts in AWS Lambda; performed cloud migrations including IIS to AWS and configured VPC flow logs and SSM automation.
  • Developed and enforced IAM policies, encryption controls (AWS KMS, TLS), and access management across Ubuntu, RHEL, SUSE, Windows, and MacOS, integrating Okta and Azure AD for identity governance.
  • Applied DevSecOps and Site Reliability Engineering (SRE) principles by reviewing pull requests, implementing user-driven improvements to CI/CD workflows, and ensuring resilient, secure, and scalable system performance.

DevOps Engineer

FedEx
11.2017 - 02.2018
  • Developed and maintained reusable Terraform and Terragrunt modules to provision AWS infrastructure including EC2, VPCs, subnets, RDS, S3, API Gateway, Lambda, and Route 53, enabling consistent and automated deployments.
  • Built CI/CD pipelines using GitHub Actions for both infrastructure and application workflows, integrating tools such as SonarQube for static code analysis and Lint plugins for syntax validation.
  • Deployed and managed containerized applications using Kubernetes (self-managed and managed via Rancher), with Helm charts for service orchestration and centralized release management across QA, UAT, and Prod environments.
  • Automated infrastructure and server configuration using Ansible playbooks and AWS CLI, enhancing deployment consistency and reducing manual provisioning errors.
  • Implemented secure secrets management using AWS Systems Manager Parameter Store and Azure Key Vault, ensuring the protection of sensitive data across environments.
  • Migrated legacy IIS applications to AWS, setting up VPC Flow Logs for monitoring, and used SSM documents to automate application installation on target VMs.
  • Integrated identity and access management using Okta and IAM, ensuring secure authentication and access control across pipelines and application layers.
  • Designed centralized logging architecture with CloudWatch, S3, Kinesis, and Firehose, enabling real-time observability and log aggregation from distributed services.

Education

Bachelor Of Science - Computer Science

National Open University
Lagos
01-2016

Associate of Applied Science - Cloud Computing

University of Texas At Austin
Austin, TX
07-2023

Skills

  • Cloud Platforms: Amazon Web Services (AWS) – EC2, S3, VPC, IAM, CloudWatch, CloudTrail, GuardDuty, Security Hub, KMS, Route 53; Microsoft Azure: Azure DevOps, Zero Trust Security Architecture, Azure Landing Zone Implementation, Azure Sentinel,
  • Infrastructure as Code & Automation: Terraform, Terragrunt, AWS CloudFormation, AWS CDK, Ansible, Packer, GitHubActions, GitLab CI, Jenkins, AWS CodePipeline, AWS Systems Manager
  • Security & Identity Management: IAM Policies, Role-Based Access Control (RBAC), Identity Federation (Okta, Azure AD),
  • Multi-Factor Authentication (MFA), Single Sign-On (SSO), Security Groups, NACLs, Service Control Policies (SCPs), CrowdStrike, Azure Sentinel, Microsoft Defender for Cloud
  • DevOps & CI/CD: Jenkins, GitHub, GitLab CI/CD, Maven, Gradle, NPM, Docker, Kubernetes (EKS, AKS, GKE), Helm;
  • CI/CD Security Tools: Trivy, Snyk, Checkov, Terrascan, SonarQube; Artifact Repositories: Artifactory, Nexus; Container
  • Registries: Amazon ECR, Azure Container Registry (ACR)
  • Programming & Scripting: Python, PowerShell, Bash, Java, C#; YAML, JSON, HCL (Terraform), Shell Scripting
  • Monitoring, Logging & Compliance: Datadog, Splunk, New Relic, Prometheus, Grafana, AWS Config;
  • Compliance Frameworks: CIS Benchmarks, NIST 800-53, ISO 27001, PCI-DSS, HIPAA
  • Operating Systems: Ubuntu, Red Hat Enterprise Linux (RHEL), Amazon Linux, Windows Server (2016/2019/2022), macOS
  • Networking & Hybrid Infrastructure: VPC Peering, Transit Gateway, AWS Direct Connect, Route 53, NAT Gateway, VPN
  • Configuration, Load Balancers (ALB/NLB), AWS CloudFront, AWS WAF, DNS Management, Hybrid Networking (On-Premises to Cloud)
  • Database & Application Technologies: Amazon RDS (PostgreSQL, MySQL, MariaDB), DynamoDB, MongoDB (Self-Hosted & Managed), Microsoft SQL Server; S3 Lifecycle Policies, Amazon EBS Snapshots, Elastic File System (EFS); Apache, NGINX, Tomcat
  • Project Management & Collaboration: Agile, Scrum, Kanban, DevOps Culture Integration, Cross-Functional Team Collaboration; Tools: Jira, Confluence, Microsoft Teams, Slack

Certification

  • AWS Solutions Architect Associate
  • AWS Certified Developer Associate
  • AWS Security Specialty
  • CompTIA Security+
  • Splunk Certified Admin
  • Certified Kubernetes Administrator (CKA)
  • Azure DevOps Expert
  • Azure Administrator
  • Terraform Certified Associate
  • Okta Certified Associate
  • Kubernetes Certified Security Associate
  • Splunk Power User
  • Splunk Enterprise Security Admin
  • Linux Professional Institute Certification (LPIC-1)

Timeline

DevOps/Cloud Security Engineer (DevSecOps)

Navitus Health Solution
09.2022 - Current

Cloud Security Engineer (DevSecOps)

Dell Technologies
02.2018 - 09.2022

DevOps Engineer

FedEx
11.2017 - 02.2018

Bachelor Of Science - Computer Science

National Open University

Associate of Applied Science - Cloud Computing

University of Texas At Austin

Similar Profiles

  • John Saakoe Jr.

    John Saakoe Jr.John Saakoe Jr.

    SAFe Agile Scrum Master at Navitus Health SolutionSAFe Agile Scrum Master at Navitus Health Solution

  • CHRISTINE M. ROBERTS

    CHRISTINE M. ROBERTSCHRISTINE M. ROBERTS

    Certified Pharmacy Technician at Navitus Health Solutions/Lumicera Health ServicesCertified Pharmacy Technician at Navitus Health Solutions/Lumicera Health Services

  • Amy Cook

    Amy CookAmy Cook

    Prior Authorization Supervisor at Navitus Health SolutionsPrior Authorization Supervisor at Navitus Health Solutions

  • Bradley Hall

    Bradley HallBradley Hall

    Independant Filmmaker at Thanks Dad ProductionsIndependant Filmmaker at Thanks Dad Productions

  • Aaron Payne

    Aaron PayneAaron Payne

    Associate Lease Comp Researcher at Costar GroupAssociate Lease Comp Researcher at Costar Group

CREATE PROFILE
Hammed Nureni