Cloud Security & Detection Engineer
Secure by Design Β· Detect at Runtime Β· Respond with Precision
Former U.S. Government Top Secret Cleared Professional
Cloud Security Engineer specializing in secure infrastructure design, policy enforcement, and runtime threat detection within cloud-native environments.
I build platforms that:
- Enforce Infrastructure Security (Terraform + Policy-as-Code)
- Secure Kubernetes Workloads (AKS Hardening & Network Controls)
- Detect Runtime Threats (Prometheus, Loki, Falco)
- Engineer Alerts with Context (Behavioral Detection > Basic Metrics)
- Document Incident Response Workflows
My work bridges Cloud Engineering and Detection Engineering β delivering full lifecycle security.
Zero-trust Azure infrastructure with CI/CD enforcement and security validation
Terraform β’ AKS β’ Jenkins β’ OPA β’ Microsoft Sentinel
https://github.com/codewithbrandon/secure-cloud-platform
Runtime anomaly detection & incident simulation for Kubernetes workloads
Prometheus β’ Alertmanager β’ Loki β’ Falco β’ Incident Playbooks
https://github.com/codewithbrandon/cloud-threat-detection
Security-first web application demonstrating hardened authentication and secure design patterns
https://github.com/codewithbrandon/secure-vault
Security automation tool for repeatable scanning & reporting workflows
https://github.com/codewithbrandon/vuln-scanner
Adversary telemetry collection and behavior analysis platform
https://github.com/codewithbrandon/honeypot
SOC-style email investigation with IOC extraction and mitigation strategy
https://github.com/codewithbrandon/Phishing-Incident-Analysis
CompTIA Security+
Google Cybersecurity Professional
LetsDefend SOC Analyst Path
Qualys VMDR
Microsoft Azure Security Engineer (In Progress)
- Detection Engineering & Alert Tuning
- Azure Cloud Governance & Drift Detection
- Linux Hardening & Automation
- Infrastructure Security Validation
- Security Automation with Python
