Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

ACHERE SOLANGE

Cincinnati

Summary

I am a results-driven Cloud Security Engineer with 8+ years of progressive experience securing enterprise cloud environments at scale. I specialize in AWS, Azure, and GCP security architecture, Zero Trust frameworks, DevSecOps, and identity and access management and I have a track record that speaks for itself: 75% reduction in security vulnerabilities, 98% automated remediation rate, and SOC 2 Type II compliance achieved across 200+ AWS accounts. I don't just advise on security, I build it. From architecting enterprise-wide Zero Trust frameworks to embedding security gates directly into CI/CD pipelines, I bring deep technical expertise paired with the strategic thinking to align security outcomes with business goals. I am equally comfortable leading cross-functional incident response teams and engineering Python-based automation frameworks that save hundreds of engineering hours monthly. If you need someone who can transform cloud security from a bottleneck into a competitive advantage, that's exactly what I do.

Overview

9
9
years of professional experience
1
1
Certification

Work History

Senior Cloud Security Engineer

IBM
Cincinnati
07.2024 - Current
  • Architected and deployed enterprise-wide Zero Trust security framework across AWS, Azure, and GCP environments, implementing identity-based access controls, micro-segmentation, and continuous verification principles that reduced unauthorized access attempts by 82% and achieved SOC 2 Type II compliance certification
  • Led cloud security transformation initiative for 200+ AWS accounts using AWS Control Tower and Account Factory for Terraform (AFT), establishing automated account provisioning, SCPs, and guardrails that reduced account setup time from 5 days to 2 hours while enforcing security baseline configurations across the organization
  • Engineered automated security compliance pipeline using Terraform, AWS Config, and custom Python scripts to continuously monitor and remediate 150+ security controls across NIST 800-53, PCI-DSS, and CIS Benchmarks, reducing compliance gaps by 75% and achieving 98% automated remediation rate
  • Implemented comprehensive Cloud Security Posture Management (CSPM) solution using Wiz and Prisma Cloud, discovering and remediating 3,200+ misconfigurations, exposed secrets, and vulnerabilities across multi-cloud infrastructure, reducing critical security findings by 68% within 90 days
  • Designed and deployed centralized logging and SIEM architecture using Splunk Enterprise Security, AWS CloudTrail, VPC Flow Logs, and GuardDuty, ingesting 15TB of security telemetry daily and creating 40+ custom detection rules that identified and blocked 250+ security incidents before impact
  • Established DevSecOps practices by integrating Snyk, Checkov, and SonarQube into CI/CD pipelines (Jenkins, GitLab CI), enabling automated security scanning of Infrastructure as Code, container images, and application code, catching 95% of vulnerabilities pre-deployment and reducing production security incidents by 60%.

Cloud Security Engineer

IBM
Cincinnati
12.2022 - 06.2024
  • Architected enterprise Kubernetes security strategy for 50+ EKS and AKS clusters, implementing pod security standards, OPA Gatekeeper policies, network segmentation, and runtime threat detection with Falco, securing containerized workloads processing $500M+ in annual transaction volume
  • Developed custom Python-based security automation framework using boto3 and Azure SDK to orchestrate security operations across 300+ cloud resources, automating incident response, vulnerability remediation, and compliance reporting, saving 120 engineering hours monthly
  • Implemented AWS IAM Identity Center (SSO) integrated with Microsoft Entra ID using SCIM provisioning, establishing centralized identity governance for 2,500+ users across 200+ AWS accounts with permission sets aligned to least privilege principles, reducing access-related security incidents by 45%
  • Led incident response for critical security events including ransomware attempts, data exfiltration, and insider threats, coordinating cross-functional teams, conducting forensic analysis using CrowdStrike Falcon EDR and AWS Detective, and implementing preventive controls that reduced MTTD from 72 hours to 15 minutes
  • Architected data protection strategy implementing encryption at rest and in transit across all cloud environments using AWS KMS, Azure Key Vault, and HashiCorp Vault, achieving 100% encryption coverage for sensitive data and establishing automated key rotation policies aligned with compliance requirements

Cloud Engineer

TeamDynamix
Cincinnati
02.2019 - 12.2022
  • Designed and implemented secure multi-tier AWS infrastructure supporting SaaS application serving 500,000+ users, architecting VPCs with public/private subnets, security groups, NACLs, and NAT Gateways aligned with AWS Well-Architected Framework security pillar
  • Developed and maintained 100+ reusable Terraform modules for standardized cloud resource provisioning (VPC, EC2, RDS, S3, CloudFront), establishing infrastructure as code best practices that reduced deployment errors by 85% and accelerated environment provisioning from weeks to hours
  • Implemented AWS Security Hub as centralized security and compliance dashboard, aggregating findings from GuardDuty, Macie, Inspector, and Config across 50+ AWS accounts, establishing automated remediation workflows that reduced security finding resolution time by 70%
  • Established comprehensive vulnerability management program using Qualys and Tenable.io, conducting continuous scanning of cloud infrastructure and applications, reducing critical vulnerabilities from 450 to 45 within 6 months
  • Architected and deployed disaster recovery solution across AWS regions using automated AMI creation, cross-region replication, and Infrastructure as Code, achieving RPO of 1 hour and RTO of 4 hours.
  • Implemented AWS Organizations with consolidated billing and Service Control Policies (SCPs) for 30+ development, staging, and production accounts, enforcing security boundaries and preventing privilege escalation

Security Analyst

HCA Healthcare
Cincinnati
12.2017 - 12.2019
  • Monitored security events and alerts from SIEM platform (Splunk), firewall logs, IDS/IPS, and endpoint detection tools, investigating 200+ security incidents monthly, reducing average incident resolution time by 40%
  • Conducted security assessments and vulnerability scanning using Nessus and Qualys, producing detailed risk reports that improved overall security posture by 55%
  • Developed and maintained security automation scripts in Python and PowerShell, reducing manual analysis time by 30 hours weekly
  • Collaborated with IT teams to implement security best practices for Windows and Linux servers, Active Directory hardening, and network segmentation, supporting PCI-DSS compliance and passing external audits with zero critical findings

Help Desk Support Specialist

HCA Healthcare
Cincinnati
12.2016 - 12.2017
  • Provided tier 1/2 technical support for 2,000+ end users with 95% first-call resolution rate
  • Assisted with user access provisioning and de-provisioning in Active Directory, enforcing least privilege access principles and maintaining documentation that improved team efficiency by 25%
  • Configured and deployed workstations, laptops, and peripheral devices for new hires across the organization, streamlining the onboarding process and reducing setup time by 35% through standardized imaging procedures and deployment checklists
  • Escalated and tracked complex technical issues through ticketing system (ServiceNow), maintaining detailed documentation of recurring issues and resolutions that reduced repeat incidents by 20% and improved knowledge base accuracy across the support team
  • Supported network connectivity troubleshooting including VPN access, wireless configurations, and remote desktop issues for clinical and administrative staff, ensuring minimal downtime for patient-facing systems in a HIPAA-regulated healthcare environment.

Education

Bachelor of Science - Computer Engineering

Baptist University of Cameroon
01.2016

Skills

  • Cloud Platforms
  • Cloud Governance
  • Identity & Access Management
  • Security Tools & Platforms
  • Infrastructure as Code (IaC)
  • Container & Kubernetes Security
  • DevSecOps & CI/CD
  • AI/ML Security
  • Cloud FinOps
  • Programming & Scripting
  • Network Security
  • Compliance & Frameworks
  • Data Protection

Certification

  • AWS Certified Security – Specialty
  • AWS Certified Solutions Architect – Professional
  • Certified Cloud Security Professional (CCSP)
  • Microsoft Certified: Azure Security Engineer Associate
  • Certified Information Systems Security Professional (CISSP)
  • CompTIA Security+

Timeline

Senior Cloud Security Engineer

IBM
07.2024 - Current

Cloud Security Engineer

IBM
12.2022 - 06.2024

Cloud Engineer

TeamDynamix
02.2019 - 12.2022

Security Analyst

HCA Healthcare
12.2017 - 12.2019

Help Desk Support Specialist

HCA Healthcare
12.2016 - 12.2017

Bachelor of Science - Computer Engineering

Baptist University of Cameroon

Similar Profiles

CREATE PROFILE
ACHERE SOLANGE