Professional Summary
AWS Solutions Architect Professional and Cloud Security Engineer bringing 7+ years of law enforcement experience in identity management, access control, and federal compliance (CJIS/CODIS) to cloud infrastructure. Holds CISSP, CCSP, and AWS certifications with hands-on experience designing secure AWS environments using Terraform, containers, and serverless architectures.
Certifications
Security: CISSP | CCSP | Security+ | ISC² CC
Cloud: AWS Solutions Architect Professional | AWS Solutions Architect Associate | AWS Cloud Practitioner | Microsoft AZ-900
Infrastructure: Linux+ | CCNA
Technical Skills
Cloud Platforms: AWS (EC2, S3, Lambda, VPC, IAM, GuardDuty, Security Hub, Detective, CloudTrail, CloudWatch, DynamoDB, API Gateway, ECS, Fargate) | Azure (Entra ID, Cognitive Search, App Service)
Security & Compliance: IAM, MFA, RBAC, NIST 800-53, CIS Benchmarks, CJIS Security Policy, CODIS compliance
Infrastructure as Code: Terraform, CloudFormation, AWS CDK
Containers & CI/CD: Docker, ECS Fargate, ECR, GitHub Actions, blue/green deployments
Identity & Law Enforcement Systems: e-Agent (NCIC), NJCourts (ATS/ACS), QED, IDEMIA (biometrics), FastTrac (SBI), CODIS
Professional Experience
Systems Engineer II
Epitome LLC | Baltimore, MD March 2025 – Present
- Design and deploy AWS cloud infrastructure using Terraform and CloudFormation, implementing CI/CD pipelines with GitHub Actions for automated provisioning and deployment.
- Build cloud security monitoring solutions integrating GuardDuty, Security Hub, Detective, and CloudTrail for centralized threat detection and logging.
- Develop serverless applications using Lambda, API Gateway, S3, and DynamoDB, implementing IAM least-privilege policies and automated security controls.
- Containerize applications with Docker and deploy to ECS Fargate behind Application Load Balancer using blue/green deployment strategies.
- Engineer compliance tooling including an Azure-based NIST 800-53 chatbot using Cognitive Search, OpenAI, and Entra ID for secure access.
Sheriff's Officer
Cumberland County Sheriff's Office | NJ December 2017 – Present
Identity & Access Management:
- Provision and manage employee access credentials including assigning appropriate access levels for ID badges based on role and clearance, printing badges for new hires, and deactivating credentials upon termination or resignation.
- Administer biometric identity systems using IDEMIA to capture fingerprints, link prints to complaint records via PCN numbers, and verify identity records match across state databases.
- Verify individual identities through FastTrac SBI number lookups and cross-reference records across multiple state and federal databases (e-Agent/NCIC, NJCourts, QED).
Compliance & Data Integrity:
- Collect DNA specimens (buccal swabs) in accordance with CODIS federal standards and court orders, completing DNA Specimen Submission Forms with full chain-of-custody documentation.
- Research protected health information (PHI) in QED and execute warrant lookups across NJCourts (ATS/ACS warrants), e-Agent (NCIC warrants), and in-house warrant systems while maintaining CJIS compliance.
- Execute warrants and update system records to reflect status changes, ensuring database accuracy across interconnected state and federal law enforcement systems.
Security Monitoring & Operations:
- Monitor CCTV surveillance systems to identify potential security threats and breaches, responding to incidents and documenting events for investigation.
- Coordinate secure inmate transfers with correctional facilities and law enforcement agencies throughout New Jersey, managing logistics and documentation.
Technical Projects
Full project documentation and source code available on GitHub
Nimbus SOC - AWS Security Operations Center
Designed and deployed an AWS home-lab Security Operations Center integrating GuardDuty, Security Hub, and Detective for automated threat detection. Centralized logs from across the lab environment using Kinesis Firehose into an S3 data lake, with analytics via AWS Glue/Athena and visualizations in QuickSight dashboards. Incorporated AI-powered triage by integrating an Amazon Bedrock Titan chatbot to assist with incident analysis. Simulated enterprise network elements (WireGuard VPN, Active Directory domain controllers, VPC Flow Logs) and enabled resilience with automated backups and SES email notifications.
Silent Scalper - AWS Serverless Automation
Developed a serverless pipeline to automatically validate and route incoming files. Utilized AWS S3, Lambda, and DynamoDB to quarantine invalid files to a secure bucket and log events for auditability. Rebuilt infrastructure as code using Terraform modules and implemented a GitHub Actions CI/CD workflow for automated build and deployment. Added CloudWatch monitoring and alerts to ensure scalability and resilience.
Containerized Microservices - AWS ECS Fargate
Engineered a containerized microservices architecture using Docker and AWS ECS Fargate. Deployed multiple services behind an Application Load Balancer to enable on-demand scaling and isolation of tasks. Implemented CI/CD pipelines with GitHub Actions for automated container build, test, and deployment, utilizing blue/green deployments to achieve zero-downtime releases. Configured CloudWatch dashboards and alarms for proactive monitoring.
AWS Systems Manager Governance Lab
Built a governance-focused lab using AWS Systems Manager to centralize management, patching, and compliance for Linux and Windows EC2 instances. Onboarded instances into Fleet Manager with Default Host Management Configuration for automatic registration. Combined AWS Config managed rules with Systems Manager Automation runbooks to automatically remediate security group violations, enforcing least-privilege network access. Used Automation runbooks and Patch Manager for standardized EC2 operations.
Serverless Product Visits Web App
Built a full-stack serverless web application on AWS to capture and process product visit form submissions. Leveraged S3 (static website hosting), API Gateway, Lambda (Node.js), SQS, and DynamoDB. Streamlined data ingestion by streaming DynamoDB change events to an S3-based data lake via DynamoDB Streams and Lambda. Implemented cloud governance with CloudTrail and EventBridge rules to trigger SNS email alerts on configuration changes, enforcing strict IAM least-privilege roles.
Azure NIST 800-53 Compliance Chatbot
Built an Azure-based chatbot to provide on-demand answers to NIST 800-53 security control queries. Integrated Azure Cognitive Search with OpenAI embeddings to implement a retrieval-augmented generation approach, enabling precise, context-aware responses from compliance documents. Secured the application with Azure Entra ID using MFA and RBAC. Deployed to Azure App Service with full monitoring and logging.
Smart Static Website - AWS
Implemented a highly available static website using S3 for hosting and CloudFront as a global CDN. Secured the site with AWS WAF to filter attacks and Amazon Certificate Manager for TLS, served via a custom domain on Route 53. Configured CloudWatch health checks and Route 53 failover routing for high availability.
Education
- Master of Science, Criminal Justice - GPA: 3.9
Southern University and A&M College, Baton Rouge, LA | December 2022 - Bachelor of Science, Criminal Justice - GPA: 3.77, Magna Cum Laude
Wilmington University | August 2021
Alpha Phi Sigma National Criminal Justice Honor Society | Dean's List (3 semesters)