Summary
Overview
Work History
Education
Skills
AWS Services
Certification
Configuration Management
Source Code Management
Migration Tools
AWS Organizations User Management
Databases
Security Tools
Virtualization
Platforms
Ticketing Tools
Programming Languages
Devops Tools CICD-Pipelines
Scripting
Azure Services
Timeline
Generic

Zainabou Labaran

AWS Cloud/ Devops Engineer
Pikesville,MD

Summary

Critical thinking AWS Cloud/ DevOps Engineer with a rich experience spanning over 5 years, I have extensive expertise in the design, deployment, and management of applications across diverse cloud platforms. My skills encompass robust security measures for cloud infrastructures, implementing Infrastructure as Code for streamlined management, and excelling in the development of CI/CD pipelines using GitHub Actions. My strengths also include proficiency in DevOps, adeptness in optimizing system functionalities and cost-effective cloud resource management,innovation and enhancing efficiency in project executions.

Overview

6
6
years of professional experience
1
1
year of post-secondary education
1
1
Certification

Work History

Cloud DevOps Engineer

IBM
Baltimore, Ohio
2 2022 - Current
  • Engineered and implemented robust Virtual Private Cloud (VPC) solutions, including bastion hosts, public and private subnets, to create resilient and well-segregated network environments
  • Crafted and launched Terraform modules for cloud infrastructure on AWS, using Terragrunt for managing Terraform projects
  • Established and maintained CI/CD pipelines using GitHub Actions for building and deploying Terraform code
  • Configured AWS Lambda to host applications and automate cloud operations
  • Diagnosed and resolved issues within pipelines to address infrastructure as code errors
  • Contributed to cloud architecture and security review boards to assess architectures and cloud processes
  • Carryout Scrum ceremonies and manage project Jira board with the rest of engineering team members to ensure collaboration and transparency
  • Set up CloudFront distributions for edge caching of application content, ensuring security with WAF and TLS certificates
  • Created and managed REST APIs using AWS API Gateway, establishing resources and methods to link frontends with backends
  • Deployed Lambda Authorizers and AWS Cognito for securing backend APIs with authentication and authorization
  • Utilized AWS Trusted Advisor and AWS Cost Optimization Hub insights to implement cost-saving strategies for RDS, EC2, S3, and Lambda functions across multiple AWS accounts, achieving significant cost reductions
  • Continuously refined Terraform modules based on feedback, evolving requirements, and technological advancements
  • Streamlined organizational unit structures and enhanced governance by optimizing AWS Organizations and Control Tower, ensuring efficient resource management and compliance
  • Managed CI/CD pipeline deployment using AWS CodePipeline for front-end applications hosted on Amazon S3
  • Worked with cross-functional teams to establish and enforce policies and procedures, ensuring HIPAA regulatory compliance
  • Proactively monitored and optimized workloads to align with the AWS Well-Architected Framework, ensuring the ongoing health and efficiency of cloud environments
  • Reduced operational costs by 30% through effective management of AWS EC2 and RDS instances
  • Automated cloud operations using AWS Systems Manager, Lambda, and EventBridge
  • Ensured consistent resource provisioning by encapsulating infrastructure configurations into reusable Terraform modules
  • Collaborated with community and internal teams to troubleshoot, identify root causes, and implement solutions for seamless platform transitions
  • Streamlined the build, test, and deployment processes by orchestrating GitHub Actions workflows for Java-based containerized applications
  • Implemented best practices for environment-specific configurations, ensuring consistent and reliable deployments between QA and production environments
  • Developed Terraform modules for building and deploying EKS clusters, integrating monitoring with Datadog
  • Enhanced development efficiency by integrating Terraform deployment into the CI/CD workflow on GitHub Actions
  • Orchestrated application containerization using Docker and AWS ECS, managing images in Amazon Elastic Container Registry (ECR)
  • Conducted regular audits using AWS Trusted Advisor to ensure compliance with AWS best practices
  • Adjusted resource allocations based on Trusted Advisor insights for optimal cost efficiency
  • Reviewed and implemented AWS security recommendations to maintain adherence to security best practices
  • Embedded security best practices into Terraform modules to ensure secure infrastructure deployment.

Cloud DevSecops

Bedashing LLC
Dubai, Duabi
02.2021 - 01.2022
  • Set up and managed the organization's AWS environment using Control Tower, implementing security guardrails
  • Developed and managed AWS Single Sign-On (SSO) for access control
  • Built scalable cloud infrastructures with Terraform, integrating services like VPC, ECS, EC2, Load Balancer, CloudFront, and Route 53
  • Configured CloudFront distributions with security features like AWS WAF and TLS certificates
  • Created self-healing infrastructure using EC2 Auto Scaling groups for high availability
  • Regularly updated Terraform modules to meet the latest security standards and fix vulnerabilities
  • Used Route 53 for various routing strategies, including weighted and failover methods
  • Collaborated with network teams to develop and implement cloud network standards using AWS VPC, Transit Gateway, and site-to-site VPNs
  • Used AWS Secrets Manager for storing sensitive information
  • Monitored and maintained a secure AWS environment using AWS Trusted Advisor's security recommendations
  • Addressed potential issues identified by Trusted Advisor to keep the AWS environment optimized
  • Improved efficiency by aligning resource allocations with workload requirements based on Trusted Advisor's recommendations
  • Streamlined the deployment process with Terraform, ensuring consistent and repeatable infrastructure provisioning
  • Reduced development time by providing teams with pre-built Terraform modules for common infrastructure patterns
  • Implemented robust monitoring and logging solutions using CloudWatch and CloudTrail for real-time performance analysis, proactive issue identification, and compliance adherence.

Cloud Security Engineer

Western Union
Dubai, Duabi
01.2019 - 01.2021
  • Collaborated with Security leadership, including Information Security, Security Advisory & Analytics, and IT Risk & Compliance, to establish security standards and integrate security into the software development lifecycle
  • Served as the subject matter expert for cloud security, specializing in tools like Security Information and Event Management (SIEM), access control mechanisms, Intrusion Detection, and Intrusion Prevention Systems (IDS/IPS)
  • Configured, deployed, and managed AWS Security Services, including AWS WAF, AWS Advanced Shield, AWS Security Hub, AWS Macie, AWS GuardDuty, AWS KMS, and AWS Secrets Manager
  • Implemented AWS security best practices, such as multi-factor authentication, access key rotation, encryption using KMS, firewalls, security groups, NACLs, S3 bucket policies, ACLs, and DDoS mitigation
  • Managed vendor risk, application development, network, cloud-based services, and platform efforts to comply with enterprise security policies, industry regulations, and best practices
  • Collaborated with CloudOps, DevOps, and IT Engineers on technologies like firewalls, ACLs, WAFs, IAM roles and permissions, vulnerability management, threat detection, and container security
  • Conducted daily reviews of Splunk Enterprise Security logs, monitored and investigated IDS alerts from Palo Alto firewall, Web Proxy servers, DNS server, HIPS logs, Syslog, and Cisco IronPort logs for malicious activity
  • Analyzed Splunk Enterprise Security logs for notable events, such as SSH scans, network trojans, administrative privilege escalations, privacy violations, code injection, and web application attacks
  • Monitored local and international VPN users via Splunk, responded to potential cyber incidents, and coordinated response actions according to incident response procedures (NIST SP 800-61)
  • Analyzed threat intelligence dashboards in Splunk, investigated web proxy server logs, and adjusted security measures based on threat assessments to improve security posture
  • Worked with developers to identify vulnerabilities, secure products/software, promote secure development practices, and acted as an Information/Application Security expert on product development.

Education

Bachelor’s Degree in Computer Science -

Presbyterian University of Cameroon
Buea
09.2013 - 05.2014

Skills

Linux Operating System

Scripting Languages

System Administration

Infrastructure Automation

Containerization Technologies

Configuration Management

Security best practices

Monitoring and Logging

Performance Optimization

Microservices Architecture

Virtualization Technologies

AWS Services

  • EC2
  • Elastic Beanstalk
  • EFS
  • VPC
  • RDS
  • S3
  • Glacier
  • IAM
  • Kinesis
  • CloudFront
  • CloudWatch
  • CloudTrail
  • CloudFormation
  • DynamoDB
  • Lambda
  • Route53
  • SNS
  • SQS
  • API Gateway
  • CodePipeline
  • CodeBuild
  • Elastic Cache
  • CodeDeploy
  • Control Tower

Certification

Certified AWS solutions architect Professional

Configuration Management

  • Ansible
  • AWS Systems Manager
  • Terraform

Source Code Management

  • GitHub
  • AWS CodeCommit

Migration Tools

  • AWS DataSync
  • Application Migration Service

AWS Organizations User Management

  • AWS Organizations
  • AWS SSO
  • Cognito
  • STS
  • AWS Managed AD
  • Control Tower

Databases

  • MySQL
  • Aurora
  • DynamoDB
  • Redshift

Security Tools

  • AWS Inspector
  • Wiz
  • AWS Systems Manager
  • SonarQube

Virtualization

  • EC2
  • Google Virtual Machine

Platforms

  • Windows
  • Linux
  • Ubuntu
  • CentOS

Ticketing Tools

Jira (Agile/Scrum methodology)

SNOW (Service Now)

Programming Languages

  • Python
  • JSON
  • Yml

Devops Tools CICD-Pipelines

  • GitHub Actions
  • AWS CodePipeline
  • Git
  • GitHub
  • Docker
  • SonarQube
  • Maven
  • NPM
  • GitHub Packages
  • ECR
  • EKS

Scripting

  • Terraform
  • AWS CloudFormation

Azure Services

  • Azure virtual machines
  • Azure vnet
  • Azure Webapp
  • Azure Function
  • Azure Cloud Defender
  • Azure key vault
  • Microsoft Entra ID

Timeline

Cloud DevSecops

Bedashing LLC
02.2021 - 01.2022

Cloud Security Engineer

Western Union
01.2019 - 01.2021

Bachelor’s Degree in Computer Science -

Presbyterian University of Cameroon
09.2013 - 05.2014

Cloud DevOps Engineer

IBM
2 2022 - Current
Certified AWS solutions architect Professional

Similar Profiles

  • Vamsi Peddinti

    Vamsi PeddintiVamsi Peddinti

    Team Lead (SAP ABAP) at IBMTeam Lead (SAP ABAP) at IBM

    View Profile
  • Chandra Sekhar Gowd Sidaral

    Chandra Sekhar Gowd SidaralChandra Sekhar Gowd Sidaral

    Senior Advisory Technical Services at IBMSenior Advisory Technical Services at IBM

    View Profile
  • Vimmi Gupta

    Vimmi GuptaVimmi Gupta

    Director Partner Ecosystem, APAC at IBMDirector Partner Ecosystem, APAC at IBM

    View Profile
Zainabou LabaranAWS Cloud/ Devops Engineer