Ngouegni Bertine Zognou
Cloud Engineer / Cloud Security Engineer / Information Security Engineer
Upper Marlboro,Maryland
Summary
Experienced AWS Cloud Security Engineer offering over 8 years of proven expertise in implementing robust security solutions tailored to cloud environments. Possessing an in-depth understanding of industry-leading cloud security protocols and best practices, I excel in safeguarding critical infrastructure and data assets while ensuring alignment with regulatory standards. Proficient in conducting meticulous security assessments, I adeptly identify vulnerabilities and devise strategic solutions to fortify the security posture of cloud environments, mitigating potential risks effectively.
Overview
9
9
years of professional experience
1
1
- CompTIA | CompTIA Sec+
1
1
- AWS Certified Solutions Architect – Associate
1
1
- CISSP
1
1
- Azure Security Engineer Associate
1
1
- Professional Scrum Master I
1
1
- CISA
Work History
Cloud Security Engineer
Maxim Healthcare Staffing Services
2021.04 - Current
- Utilize infrastructure as code (IaC) principles to automate the provisioning and configuration of various environments, reducing manual effort and ensuring environment consistency
- Implement and manage highly available and scalable architecture using AWS services like Auto Scaling, Elastic Load Balancing, and Route 53
- Conduct regular security audits and implemented necessary measures to safeguard cloud environments, such as encryption, access controls, and vulnerability assessments
- Implement secure network communication using SSL/TLS certificates and AWS Certificate Manager, ensuring encrypted data transmission between clients and applications
- Leverag AWS Identity and Access Management (IAM) to enforce least privilege access control and implement fine-grained permissions for users and applications
- Facilitate effective cross-team coordination, ensuring that cloud infrastructure considerations were aligned with the overall project timeline and milestones
- Analyze cloud resource usage patterns and identified opportunities for cost savings, leveraging services like AWS Cost Explorer and AWS Budgets
- Implement disaster recovery and business continuity plans for cloud infrastructure, including backup and restore procedures and failover mechanism
AWS Cloud Engineer
Capital One Bank
2019.05 - 2021.04
- Established incident response and forensics readiness capabilities within CI/CD pipelines, including logging, monitoring, and auditing mechanisms, to facilitate rapid detection, analysis, and response to security incidents.
- Professional experience in Software Configuration Management (release and Built Engineering configuration0 on both Linux/Unix and Windows environments.
- Extensive experience in using MAVEN and ANT as built tools for building applications or source code and deploying the artifacts (JAR, WAR and EAR) into Nexus, Tomcat, Artifactory, etc.
- Experience in infrastructure development on AWS Cloud services including VPC, CloudFormation templates, EC2, S3 Route53, SNS, SQS, AWS CLI, SES, IAM, etc
- Leveraged API gateway and SQS to built architecture models with synchronous and asynchronous patters to decouple, integrate and scale services.
- Setup and configured systems for real time monitoring and alerts for log files, API calls and other events of importance.
- Analyzed and made recommendations in areas of costs optimization, performance, security, fault tolerance and service limits.
SOC / AWS Security Specialist
MoneyGram
2015.09 - 2019.05
- I Investigate network, application and endpoint alerts using different SIEM application such as SPLUNK ES, Cisco Sourcefire, FireEye NX, Google Admin, FireEye HX, CrowdStrike, McAfee DLP manager and Google DLP, Palo Alto firewall, F5……
- Provide incident response support, leading Threat, Detection and Response analysts during technical investigations, effectively communicating results, analytical analysis, and mitigations to different operational teams and management.
- · Providing guidance and recommendations regarding prioritization of investments and projects that mitigate information security risks, strengthen defenses, and reduce vulnerabilities.
- Configure, deploy, and manage AWS Security Services such as AWS WAF, AWS Advanced Shield, AWS Security Hub, AWS Macie, AWS Guard Duty, AWS KMS, AWS Secrets Manager, and any other necessary AWS Security Services.
- Implemented security best practices in AWS, including multi-factor authentication, access key rotation, encryption using KMS, firewalls- security groups and NACLs, S3 bucket policies and ACLs, mitigating DDOS attacks, etc.
- Implemented automated deployment pipelines using AWS Code Pipeline and CloudFormation templates, reducing deployment times by 50% and improving consistency across environments.
- Work closely with Cloud DevOps, and IT Engineers on technologies like FWs, ACLs, WAFs, IAM roles and permissions, Vulnerability management and hardening, threat, Intrusion detection, and Container Security.
- Perform daily Splunk Enterprise Security log review, monitor, and investigate IDS alerts from Palo Alto firewall, Web Proxy servers, DNS server, HIPS logs, Syslog for malicious activity, and Cisco IronPort logs.
- Led the implementation of AWS security best practices, including IAM roles, VPC isolation, and encryption mechanisms, to ensure data protection and compliance with industry standards.
- Monitor and respond to Endpoint Detection and Response (EDR), Antivirus/Anti Malware alerts.
- Follow the Intrusion Kill chain, and MITTRE ATT&CK to determine tactics, techniques, and procedures (TTPs) for intrusion sets.
- Leverage technology (commercial and open source) to enrich, triage, and characterize internal insights on malware and Indicators of Compromise (IOCs).
- Protect Critical Data using McAfee DLP Manager or Google Data Loss Prevention (DLP)
Education
Bachelor of Science - Cybersecurity
Presbyterian University
Cameroon06.2009
High School Diploma -
Technical High School
Mbouda, Cameroon06.2004
Skills
- CI/CD (AWS code build)
- IaC (Terraform, Ansible, Cloudformation )
- Palo Alto firewall, Check Point Next-Generation Firewall, WAF, ACLs, Sophos XG Firewall and Fortinet FortiGate.
- Project Management
- Analytical Thinking and Problem Solving
- Linux Environments
- Monitoring (Splunk, AWS Cloudwatch, CloudTrail, Prometheus)
- Scripting- BASH, JSON, Python
- Cloud Providers AWS, Azure
- Ticketing & Documentation: Service Now, Jira, & Confluence
- Program Execution
- AWS Config, AWS Security Hub, AWS Shield, Nessus Tenable, CrowdStrike, AWS Guard duty, Inspector, Macies
- NIST, CIS, FIPS, FEDRAMP, HIPPA and GDPR
Certification
- CompTIA | CompTIA Sec+
- Professional Scrum Master I
- AWS Certified Solutions Architect - Associate
Timeline
Cloud Security Engineer
Maxim Healthcare Staffing Services
2021.04 - Current
AWS Cloud Engineer
Capital One Bank
2019.05 - 2021.04
SOC / AWS Security Specialist
MoneyGram
2015.09 - 2019.05
Bachelor of Science - Cybersecurity
Presbyterian University
High School Diploma -
Technical High School
- CompTIA | CompTIA Sec+
- Professional Scrum Master I
- AWS Certified Solutions Architect - Associate
Similar Profiles
Derek EdwardsDerek Edwards
Business Development & Recruiting Manager at Maxim Healthcare Staffing ServicesBusiness Development & Recruiting Manager at Maxim Healthcare Staffing Services
Jazmine BlasJazmine Blas
Business Development Manager at Amergis Healthcare Staffing (formerly Maxim Healthcare Staffing)Business Development Manager at Amergis Healthcare Staffing (formerly Maxim Healthcare Staffing)
Benjamin RotenbergBenjamin Rotenberg
School Health Aide at Maxim Healthcare (Amergis Healthcare Staffing)School Health Aide at Maxim Healthcare (Amergis Healthcare Staffing)