Download PDF

Cloud Security Engineer with 8+ years of experience across AWS, Azure, and GCP. Proven ability to enhance security posture across 1,000+ cloud accounts through automation, Infrastructure as Code (Terraform, CloudFormation), and policy-driven guardrails. Deep experience with Wiz (CSPM/CNAPP), AWS IAM Identity Center, SCPs, and automated account lifecycle management. Strong background in network security, vulnerability management, incident response, and compliance (PCI DSS). Passionate about building secure, scalable cloud environments and collaborating with engineering teams to embed security early.

Professional Experience

July 2020April 2026

Cloud Security Engineer II

Sony Interactive Entertainment, LLC
  • Collaborated with InfoSec teams across North America, Europe, Oceania, and Asia, including regular coordination with partners on the JP Security Engineering team, to align security standards and practices globally.
  • Drove cloud security initiatives across cross-cultural, distributed teams, ensuring consistent policy application across regions while accommodating local compliance and operational requirements.
  • Enhanced cloud security posture across 1,000+ AWS, Azure, and GCP accounts; led the transition from PrismaCloud to Wiz as the primary CNAPP tool and managed Wiz configuration, custom RBAC roles, projects, and policy frameworks entirely in Terraform.
  • Partnered with multiple first-party studios and internal organizations to advance shift-left security adoption by deploying Wiz brokers to connect Wiz Code with studio development environments, enabling earlier identification and remediation of vulnerabilities in the SDLC.
  • Implemented and tuned Wiz Code policies aligned to Sony Security Standards.
  • Automated IAM role and other infrastructure deployments, as well as cloud account tagging across the entire AWS footprint, ensuring consistent metadata for governance, cost allocation, and policy enforcement.
  • Helped build a source-of-truth repository for AWS account CloudFormation template configurations and account-level tags, enabling centralized infrastructure-as-code management and auditability.
  • Built automation to deploy security-managed IAM roles across SIE’s entire AWS environment and automated the AWS cloud account lifecycle end to end.
  • Partnered with Global Security Architecture and Governance, Risk, and Compliance teams to develop a fully automated account provisioning process using CloudFormation, later migrating to Terraform.
  • Created and maintained Service Control Policies for multiple OUs across PSN and enterprise accounts.
  • Contributed significantly to AWS Identity Center adoption for cloud account access across multiple first-party studios.
  • Deployed and managed Wiz Sensor across SIE’s entire Kubernetes infrastructure, including EKS, AKS, and GKE.
  • Collaborated with SOC and Incident Response teams to fine-tune Wiz Defend threat detections, improving MTTD/MTTR.
  • Supported PCI DSS auditing and compliance.
Sept 2018July 2020

Security Operations Administrator

Sony Interactive Entertainment, LLC
  • Created secure AWS environments using VPCs, Security Groups, hardened EC2 instances aligned with CIS benchmarks, IAM Roles/Policies, and Auto Scaling to support high availability.
  • Automated deployments through Jenkins, Ansible, and CloudFormation to improve consistency and efficiency across infrastructure delivery processes.
  • Managed secrets using HashiCorp Vault, CyberArk, and AWS Secrets Manager to strengthen credential security and access control.
  • Administered WAF policies in Akamai Kona and Imperva to block DDoS, XSS, SQLi, and brute force attacks.
  • Monitored security posture and threats using PrismaCloud, GuardDuty, McAfee DAM, and CloudPassage across cloud and application environments.
  • Implemented layered cloud security controls and operational practices to support resilient, scalable, and secure infrastructure management.
Aug 2017Sept 2018

Systems Administrator

QuadraNet, Inc.
  • Deployed and maintained servers in a 24/7/365, multi-platform data center environment, primarily supporting CentOS/RHEL systems serving live websites and customers.
  • Configured and troubleshot LAMP server environments to support reliable hosting operations and service continuity.
  • Implemented server security controls, including firewall configuration with iptables, firewalld, CSF, and Windows Firewall; mitigated DDoS and brute-force attacks; and applied best practices such as RSA key authentication and remote access over non-standard ports.
  • Executed server migrations with little-to-no downtime and configured both hardware and software RAID to strengthen availability and resilience.
  • Maintained QuadraNet's in-house cloud platform, InfraCloud, and managed core networking functions including VLAN management, switch configuration on Cisco and Juniper equipment, static routing, server network configuration, and troubleshooting in a highly complex environment with multiple upstream network partners.
  • Produced run books documenting policies, procedures, and common to complex issue resolutions; performed proactive server monitoring and management; and supported Root-Cause Analysis with clients following downtime to resolve issues before client awareness.
Nov 2016August 2017

Systems Administrator

DIRECTV (AT&T Entertainment Group)
  • Provided technical support to QA testers and Software Engineers, ensuring reliable day-to-day systems availability and issue resolution.
  • Administered LDAP environments by creating and removing accounts and managing user and group permissions.
  • Configured and managed network infrastructure, including VLANs, wired and wireless routers, Cisco switches, NTP servers, NFS storage servers, DHCP servers, and DNS servers.
  • Managed servers across a multi-platform environment spanning CentOS/RHEL and Windows Server systems.
  • Implemented Linux system installations and configurations using iPXE and Kickstart to support consistent provisioning processes.
  • Deployed and troubleshot virtualization environments using VMware vSphere and ESXi, while supporting automation with CFEngine, basic Bash scripting, repository package management, proprietary equipment installation, and comprehensive documentation maintenance.
JAN 2015May 2016

Systems Administrator

Groupt, Inc.
  • Collaborated directly with the CTO to design and deploy Linux servers from the ground up.
  • Administered LAN, WAN, and VPN environments, including the installation and configuration of wireless access points.
  • Implemented and configured MySQL and PostgreSQL databases for Ubuntu Server environments.
  • Improved system redundancy by introducing high-availability and disaster recovery solutions, including RAID configurations and internal cloud backup.
  • Troubleshot and resolved system and network issues using TCP/dump and Wireshark to verify proper network paths and restore functionality.
  • Secured company data through the implementation of SSL/TLS, server-side encryption, and the creation of SSL certificates and private keys.
  • Installed and configured Atlassian JIRA for issue and project tracking, and administered the JIRA ticketing system.
  • Provided technical leadership in the adoption and use of JIRA, Mattermost, and ownCloud across the team.
  • Managed multiple projects simultaneously, maintained current project updates, and participated in weekly SCRUM meetings with team members.
AUG 2014JAN 2016

Assistant Computer and Information Systems Manager

Sodexo, Inc.
  • Determined organizational information technology goals and implemented computer systems aligned with those objectives.
  • Designed and deployed a Microsoft Access database to manage payroll, inventory, and customer orders.
  • Handled technical troubleshooting within an enterprise environment, including system crashes, slowdowns, and data recovery.
  • Trained managers and employees on database usage to support accurate and efficient system adoption.
  • Taught basic technical skills to employees to strengthen day-to-day operational effectiveness.
  • Supported business operations by aligning technology solutions with organizational and user needs.
Jan 2016Jan 2016

Social Media Specialist

Hollywood Foreign Press Association
  • Collaborated with Dick Clark Productions to create and prepare content for the 73rd Annual Golden Globes across various social media accounts.
  • Managed Instagram and Twitter accounts before and during the show to support real-time audience engagement and event coverage.
  • Posted images, videos, and text to the official @GoldenGlobes Twitter account throughout the entirety of the event.
  • Delivered live social media coverage during the event by publishing timely content across multiple official Golden Globes platforms.
  • Maintained active posting on GoldenGlobes Snapchat and Live Story to extend digital reach during the show.
  • Supported execution of multi-platform social media operations for a high-profile live event, ensuring consistent and timely content distribution.
Jun 2012Aug 2013

Assistant Computer Systems Manager and Audio Technician

Studio NoHo
  • Troubleshot issues across multiple platforms, including Mac Pro, MacBook Pro, iMac, and PC systems.
  • Edited and refined audio for multiple music videos using Final Cut, Logic Pro, and Pro Tools.
  • Set up and maintained the studio LAN network, personal computer systems, and recording equipment.
  • Researched and recommended network enhancements to management to improve system reliability and performance.
  • Implemented approved system improvements and trained employees in their use and administration.
  • Resolved file storage and backup challenges by installing and configuring a NAS system.

Education

Jan 2013May 2016

Bachelor of Science (B.S.) in Applied Information Management Systems

Loyola Marymount University

Skills

Cloud security
  • AWS, Azure, and GCP security best practices.
  • Secure deployments via CI/CD pipelines
Programming and scripting Languages
  • Bash
  • Python
Computer Security
  • Knowledgeable of computer security concepts and best practices.
  • Research and deployment
  • Endpoint Security
  • Container Security
  • SSL/TLS
  • RSA and SHA encryption
  • DDoS Mitigation
Computer Hardware and networking
  • LAN/WAN Administration, VPN, TCP/IP, Routers and Switches, Apache and Nginx Webservers
  • Systems Installation, Configuration & Upgrading
  • RAID configurations
  • Virtualization: VMWare vSphere, ESXi, OpenVZ, SolusVM, and XenServer.
  • Media Streaming Technologies
  • Audio/Visual Technologies
Mac, PC, and Linux Computer Platforms
  • Linux (CentOS/RHEL/Amazon Linux, Fedora, Ubuntu)
  • Kubernetes
  • Windows and Windows Server
  • MacOS
  • Android, iOS
Database Design, Management and Big Data Applications
  • AWS DynamoDB
  • MySQL/MariaDB
  • MongoDB
  • Relational Databases (RDBMS)
  • Data Integrity and Disaster Recovery