Open to opportunities

Milt User

@miltuser

Cloud Security Engineer who hardens AWS/Azure environments with IaC, DevSecOps automation, and resilient backend systems.

United States

Message

What I'm looking for

I’m looking for a cloud-first security role where I can build IaC security controls, automate threat detection and incident response (Sentinel/Splunk), and deliver secure CI/CD while improving resilience across AWS/Azure environments.

I’m a seasoned Cloud Security Engineer and Cloud Developer with 9+ years of experience strengthening cloud security postures and building resilient backend systems across AWS, Azure, and hybrid environments. I’m especially effective at translating security requirements into scalable architectures, secure operations, and automation that teams can rely on.

In my current role as a Senior Security Engineer at FS-ISAC, I implement and maintain AWS security monitoring with Security Hub, IAM, GuardDuty, AWS Config, CloudTrail, Lambda, and CloudWatch. I also integrate and operate Microsoft Sentinel to establish UEBA and security operations for AWS, Akamai, and Microsoft Defender, using AI-driven automation for alert triage and incident response.

At Mutual of Omaha, I delivered Infrastructure as Code using AWS CloudFormation and AWS CDK to automate secure deployments and strengthen cloud security controls. I built secure CI/CD pipelines with GitHub Actions and Jenkins, integrated automated security checks, and created custom AWS Config rules to expand compliance detection—while developing systems with Python, TypeScript, and JavaScript.

Earlier in my career at Amazon Web Services (AWS) and as a Security Analyst/Apprentice, I focused on event-driven backend engineering, real-time data processing, and security engineering for cloud migration initiatives. I carry that mindset into everything I do: secure-by-design development, practical automation, and measurable improvements to detection, response, and compliance.

Experience

Work history, roles, and key accomplishments

Current

Senior Security Engineer

Current

FS-ISAC

Jul 2025 - Present (11 months)

Implemented and maintained AWS security monitoring using Security Hub, IAM, GuardDuty, AWS Config, CloudTrail, Lambda, and CloudWatch to investigate findings and strengthen the cloud security posture. Built and tuned Microsoft Sentinel (UEBA) workflows using AI-based automation and KQL queries to improve alert triage and incident response.

AWS Security AWS IAM GuardDuty AWS Config AWS CloudTrail UEBA Cloud Monitoring

Cloud Security Engineer

Mutual of Omaha

May 2022 - Jul 2025 (3 years 2 months)

Developed Infrastructure as Code using AWS CloudFormation and AWS CDK to automate secure cloud deployments and strengthen cloud security controls. Built secure CI/CD pipelines with GitHub Actions and Jenkins and integrated automated security checks, including custom AWS Config rules for compliance detection.

AWS CloudFormation AWS CDK AWS Config CI CD Pipelines Jenkins Python TypeScript JavaScript Static Code Analysis AWS KMS WAF

System Development Engineer

Amazon Web Services (AWS)

Mar 2019 - May 2022 (3 years 2 months)

Built event-driven backend systems using Kinesis Streams, AWS Lambda, and DynamoDB to improve security, scalability, and reliability. Integrated IoT/camera data into backend microservices for real-time processing and supported automated deployments in a Linux enterprise environment.

Amazon Kinesis AWS Lambda DynamoDB Event Driven Architecture Linux Administration CI CD Java Python

Security Analyst

Sirius Computer Solutions

Feb 2018 - May 2019 (1 year 3 months)

Performed security analyst and security engineering work supporting Allstate’s AWS cloud migration, including automated incident response workflows. Conducted SOC monitoring in Splunk and implemented Splunk security use cases/correlation searches, supporting serverless incident-response patterns and penetration testing.

Splunk AWS Security Engineering Python JavaScript BASH PowerShell Serverless Architecture Correlation Searches Penetration Testing

Security Apprentice

Evolve Security Academy

Feb 2018 - Jul 2018 (5 months)

Completed intensive cybersecurity training covering security fundamentals, networking, penetration testing, Linux administration, and enterprise security program implementation. Performed penetration testing and vulnerability scanning using tools like Burp Suite, Snort, Scapy, Nessus, Nmap, and Kali Linux, and produced an external penetration assessment report aligned to ISO 27001/27002.

Burp suite Snort Scapy Nessus Nmap Kali Linux Splunk Linux Forensics Penetration Testing ISO 27001 27002

Information Operations Technician

Defense Logistics Agency (DLA)

Dec 2016 - Feb 2018 (1 year 2 months)

Provided administrative support for Windows servers and performed entry-level security administration tasks, including system configuration, troubleshooting, and handling confidential data. Managed access control in Active Directory and supported secure authentication by validating DSN numbers and administering digital certificates for PKI use, alongside configuring Juniper VPN for remote access.

Active Directory Windows Server Administration PKI Certificate Management Risk Management Framework (RMF)Access Control DSN