Nicole Denoo

1. Design and implement security architectures for AWS environments, with a focus on IAM, VPC security, encryption (KMS), and secure S3 bucket policies.
2. Automate security monitoring using AWS CloudFormation and Terraform to ensure consistent deployment of IAM roles, security groups, and encryption configurations.
3. Conduct regular security assessments using AWS Security Hub, GuardDuty, and AWS Config to detect and remediate potential vulnerabilities.
4. Integrate AWS CloudTrail with SIEM (Splunk) for enhanced threat monitoring and real-time incident response.
5. Develop and enforce policies for data encryption (S3, RDS, EBS) using KMS and managed keys for regulatory compliance.
6. Reduce the attack surface by implementing AWS WAF, Shield, and VPC endpoint security, minimizing exposure to external threats.

7. Improved overall security posture by reducing misconfigurations by 40% through automated audits with AWS Config and CloudFormation.
8. Spearheaded an initiative that reduced the risk of data exposure by 50%, by enforcing secure S3 bucket configurations, and IAM least privilege policies.

1. Assisted senior engineers in deploying secure AWS infrastructures, focusing on IAM, Security Groups, and VPC architecture.
2. Configured and maintained security monitoring and logging tools like AWS CloudTrail and CloudWatch for continuous auditing and monitoring.

3. Supported vulnerability management efforts using AWS Security Hub and AWS Config to identify misconfigurations and compliance gaps.
4. Assisted with automation of routine security tasks through AWS Lambda and Python scripts, improving response times and reducing manual workloads.

5. Implemented security policies and encryption measures using KMS, reducing data exposure risks across all AWS services by 25%.
6. Played a key role in securing AWS workloads for a multi-cloud client, achieving ISO 27001 certification within 6 months.