Work Accomplishments

Infrastructure & Security Engineering

Major healthcare company | 2022–Present

Security Leadership

  • Remediated 90+ security vulnerabilities across AWS infrastructure, including numerous high-priority threats affecting critical healthcare systems
  • Resolved 90+ Prisma Cloud violations ensuring SOC 2 compliance and hardening cloud security posture
  • Enforced HTTPS-only policies across 100+ S3 buckets, preventing potential data exposure in production environments

Infrastructure Modernization

  • Executed 340+ zero-downtime configuration changes maintaining 99.9%+ uptime across production infrastructure
  • Decommissioned multiple deprecated Lambda functions and optimized serverless architecture, reducing operational overhead
  • Managed 140+ S3 initiatives including bucket security hardening, encryption implementation, and cross-account access configuration

Cost Optimization & Efficiency

  • Saved thousands in annual costs through S3 lifecycle policies, intelligent tiering, and automated resource cleanup
  • Researched and documented RDS reserved instance opportunities projecting significant multi-year savings
  • Implemented automated snapshot management reducing storage costs while maintaining compliance requirements

Access & Identity Management

  • Administered 60+ IAM policy updates implementing least-privilege access control across development and production
  • Managed 90+ access requests and conducted regular security audits ensuring compliance with healthcare data regulations
  • Implemented automated access key rotation reducing credential exposure risk and meeting security best practices

Automation & Tooling

  • Built EventBridge + Lambda solution for automated RDS snapshot lifecycle management, eliminating manual operations
  • Created Python scripts for S3 bucket security auditing and automated public access blocking across entire infrastructure
  • Designed AWS CDK templates for repeatable Aurora Serverless database deployment with built-in security controls

Cloud Architecture

  • Configured 35+ CloudFront distribution updates with enhanced security headers improving application security posture
  • Upgraded AWS WAF Classic to WAF v2, strengthening DDoS protection and threat detection capabilities
  • Implemented VPC Flow Logs and network monitoring infrastructure for enhanced security compliance and incident response

Database Infrastructure

  • Upgraded RDS clusters to latest versions for improved performance, security patches, and new feature support
  • Created isolated dev/staging RDS environments enabling safe SaaS pricing API development and testing
  • Managed database performance optimization and query tuning for production workloads

Impact at Scale

574 completed technical initiatives since Jan. 1, 2024, demonstrating breadth across cloud infrastructure, security hardening, automation development, and operational excellence. Consistent track record of securing critical healthcare infrastructure while maintaining high availability and reducing operational overhead through intelligent automation.

Technical Stack: AWS (Lambda, S3, EC2, RDS, CloudFront, CloudFormation, CDK, IAM, KMS, Security Hub, EventBridge), Python, PostgreSQL, Prisma Cloud, infrastructure as code, security automation