ZAINAB ADEN
McLean,VA
Summary
Dedicated and accomplished Senior DevSecOps Engineer with a focus on Cyber Security in Azure and AWS. Skilled in designing, implementing, and deploying secure network architectures, zero trust models, and multi-account frameworks supporting commercial public sectors and GovCloud environments. Proficient in troubleshooting complex scenarios to ensure the continuous delivery of secure and reliable software solutions. Seeking an opportunity to contribute my expertise in DevSecOps to drive innovation and enhance security and improve system reliability for an organization.
Overview
7
7
years of professional experience
1
1
Certification
Work History
Senior DevSecops Enginner
CFONE
12.2023 - Current
- Configured Splunk Universal Forwarder (UF) to forward critical logs, enhancing monitoring and security analysis capabilities.
- Supported log management, troubleshooting, and analysis to assist in incident response and maintain security compliance.
- Developed and continuously updated documentation to ensure alignment with best practices and evolving requirements.
- Applied expertise in NIST SP 800-53 controls, Security Technical Implementation Guides (STIGs), and DoD standards for secure configuration and hardening.
- Collaborated with cross-functional teams to design and implement robust cloud security architectures, including secure networking, access controls, and data encryption.
- Ensured compliance of cloud services and applications with regulations such as GDPR, HIPAA, and ISO 27001 through regular audits and assessments.
- Automated security processes using scripts and tools to streamline security operations, improving efficiency and consistency.
- Conducted regular vulnerability and compliance assessments to identify weaknesses in cloud infrastructure and applications, coordinating remediation efforts to address CVEs.
- Established and maintained security policies, procedures, and documentation related to cloud security and configuration best practices.
AWS Cloud Engineer
SMX
11.2023 - 11.2024
- Sole AWS Cloud Engineer for deploying and managing Canvas LMS on EKS clusters, compliant with FedRAMP IL2 Moderate standards.
- Architected and deployed secure, high-availability EKS clusters in AWS GovCloud, optimizing for performance and compliance.
- Designed AWS infrastructure, including VPCs, Security Groups, Subnets, NAT Gateways, and Bastion Hosts for secure networking.
- Automated infrastructure deployment for EKS, EC2, and Jenkins using Terraform and user data scripts.
- Developed CI/CD pipelines in Jenkins, automating Docker builds, tests, and Kubernetes deployments.
- Managed Bottlerocket AMI on EKS worker nodes across dev, test, and staging environments.
- Set up AWS ECR for secure Docker image storage and managed Jenkins on ECS Fargate for scalable build automation.
- Implemented FedRAMP-compliant security controls in collaboration with security engineers.
- Coordinated with customers and teams to address project needs, ensuring smooth execution.
- Maintained comprehensive documentation of cloud infrastructure changes for transparency.
Senior DevSecOps Engineer
HYPORI, LLC
09.2021 - 09.2023
- Configured Terragrunt HCL and leveraged Terraform modules to deploy IaC stacks in AWS GovCloud.
- Enforced DoD tagging standards using OPA and Conftest, performing compliance scans on Terraform code commits.
- Configured and deployed a Zero Trust Architecture in AWS GovCloud.
- Conducted regular scans and audits per DoD policies, documenting and resolving high, medium, and low-priority incidents (CAT 1, CAT 2, CAT 3).
- Provisioned and managed Kubernetes clusters on AWS using Terraform.
- Refactored RHEL8 base AMIs and configured Bastion, Palo Alto, rsyslog, Nessus, Tenable, and Burp Suite deployments with Terragrunt and Terraform.
- Implemented logging and SIEM solutions for enhanced monitoring, using IaC, Bash scripts, CloudWatch Agent, and SSM in AWS Commercial and GovCloud.
- Automated Tenable/Nessus vulnerability scanning for STIG-compliant RHEL8 base AMIs with Terraform and cloud-init.
- Configured Point-to-Site VPN with SAML authentication via Okta and private certs through AWS ACM.
- Reduced compute costs by automating scheduling for 250 EC2 instances using Terraform and AWS Instance Scheduler.
- Conducted demos to showcase security solutions and best practices, promoting team-wide knowledge sharing.
- Trained junior security engineers on cloud security configurations, compliance standards, and IaC deployment methods.
Senior DevOps Engineer/Consultant
NSightLabs LLC
03.2019 - 08.2021
- Set up and managed various AWS services, including NAT Gateway, S3, EC2, Security Groups, ACLs, IAM, and VPCs across multiple environments.
- Designed and deployed AWS infrastructure solutions using EC2, S3, Elastic Load Balancer (ELB), and Auto Scaling Groups to support scalable applications.
- Integrated application performance monitoring for containerized applications using ELK stack for real-time insights.
- Managed high-availability Kubernetes clusters to ensure resilient and fault-tolerant applications.
- Established secure connections by creating VPN tunnels through AWS Site-to-Site VPN.
- Debugged networking, system, and application issues, ensuring minimal downtime and optimized performance for cloud infrastructure and services.
DevOps Engineer
SAIC
10.2017 - 02.2019
- Developed and maintained documentation, processes, and reports to enhance SOC operations’ quality and efficiency.
- Collaborated with cross-functional teams to analyze and implement system solutions based on client requirements.
- Assisted in designing and maintaining CI/CD pipelines for streamlined deployments.
- Automated data disk creation and transfer across environments using custom scripts.
- Built Docker images to support Development and Testing teams.
- Provided production and development support for bug fixes and service pack releases.
- Maintained Infrastructure as Code (IaC) with AWS CloudFormation and Azure ARM templates.
- Provisioned and managed Kubernetes clusters in AKS using Terraform.
- Developed tools and integrations to meet cross-platform user needs.
- Researched and recommended new technologies for agile development.
Education
Bachelor of Science - Biology/Medical Technology
George Mason University
Fairfax, VA01.2015
Skills
- Cloud Platforms: AWS, AWS GovCloud, and Azure
- IaC Tools: Terraform, Terragrunt, and Cloudformation
- CI/CD Tools: AWS Codebuild CodePipeline, Jenkins, Atlantis
- Containers: Docker, Kubernetes
- Security Scanning tools: Tenable-sc, Tenableio, Nessus Manager, Burp Suite, Contrast, and Fortify
- Operating System: Linux, MacOS
- Databases: Oracle, SQL-Server, PostgreSQL, MySQL, CosmosDB, MongoDB
- Monitoring Tools: Prometheus, Grafana, AWS Guard Duty, Inspector, AWS Config, and Splunk
- IT delivery methods: Agile, Scrum
Certification
- AWS Solutions Architect —Associate
- CompTIA SECURITY+(SY0-701)
TRAINING AND DEVELOPMENT:
Cyber Security Training Program
Clearances
• Public Trust - Department of Homeland Security (DHS)
Timeline
Senior DevSecops Enginner
CFONE
12.2023 - Current
AWS Cloud Engineer
SMX
11.2023 - 11.2024
Senior DevSecOps Engineer
HYPORI, LLC
09.2021 - 09.2023
Senior DevOps Engineer/Consultant
NSightLabs LLC
03.2019 - 08.2021
DevOps Engineer
SAIC
10.2017 - 02.2019
Bachelor of Science - Biology/Medical Technology
George Mason University
Similar Profiles
Anthony McBrideAnthony McBride
Stocker at US FoodsStocker at US Foods
Ashley O'ConnorAshley O'Connor
Event Caterer at Orleans Country ClubEvent Caterer at Orleans Country Club
Anne CAO (@ac.choom)Anne CAO (@ac.choom)
President & Dance Instructor at Moli Dance TroupePresident & Dance Instructor at Moli Dance Troupe
Velee Patel, DNPVelee Patel, DNP
Advanced Heart Failure/Heart Transplant Nurse Practitioner at Inova Fairfax Medical CampusAdvanced Heart Failure/Heart Transplant Nurse Practitioner at Inova Fairfax Medical Campus
NAGAKISHORE PANDINAGAKISHORE PANDI
Senior DevSecOps Engineer at AIS India Pvt LtdSenior DevSecOps Engineer at AIS India Pvt Ltd