Tobi Aluko

Cloud Engineer | Security-Focused Infrastructure | AWS, Azure, GCP

About

Cloud Engineer with 10+ years delivering secure infrastructure across AWS, Azure, and GCP. I build detection-as-code pipelines, automate compliance workflows, and design identity systems that scale.

My current work includes cloud security posture management, zero-trust architecture implementation, and building automation with tools like Gemini CLI and Claude API for operational workflows. I've led remediation programs that significantly reduced security gaps and improved incident response times.

Looking for Cloud Engineer or DevSecOps roles where I can own infrastructure delivery with security built in from the start.

10+ Years in Infrastructure
3 Cloud Platforms
200+ Detection Rules Deployed
5 Industry Certifications

Core Skills

Cloud Platforms

  • AWS (GuardDuty, Security Hub, IAM)
  • Azure (Sentinel, Defender for Cloud)
  • GCP Security
  • Multi-cloud architecture

Infrastructure & Containers

  • Kubernetes (CKA certified)
  • Container security & runtime protection
  • Network segmentation
  • Secrets management

Security Automation

  • SIEM (Splunk, Sentinel, Panther)
  • SOAR (Tines, N8N, Phantom)
  • EDR (CrowdStrike, SentinelOne)
  • Detection-as-code / CI/CD

Identity & Compliance

  • Okta, SCIM, OIDC/OAuth2, SAML
  • Zero Trust implementation
  • SOC 2, ISO 27001, GDPR
  • Vanta, OneTrust

Experience

Security Engineer

Agio

Aug 2023 to Present

  • Architected detection-as-code framework in Panther SIEM with 200+ correlation rules and CI/CD automation for validation and staged deployments.
  • Led cloud security posture assessment across AWS/Azure infrastructure, identifying 150+ security gaps and reducing critical findings by 78% within 6 months using risk-based prioritization.
  • Designed enterprise identity architecture with Okta (SCIM, OIDC, SAML, FIDO2/WebAuthn), enforcing zero-trust policies across 15+ applications and reducing unauthorized access incidents.
  • Built security automation workflows using Tines/N8N and AI tooling (Gemini CLI, Claude API) for alert triage and incident classification, significantly reducing manual SOC workload.
  • Implemented zero-trust architecture across AWS and Azure with IAM hardening, network segmentation, container runtime protection, and automated policy enforcement.
  • Led compliance implementation for SOC 2 Type II, ISO 27001, and GDPR, including evidence collection automation and continuous monitoring systems.
  • Deployed Netskope DLP platform with content inspection across SaaS and cloud storage, reducing data exfiltration incidents through contextual policy enforcement.

Security Analyst

Green Shield Canada

May 2022 to Aug 2023

  • Optimized centralized SIEM platform with improved log correlation rules, reducing incident detection time by 60%.
  • Implemented risk-based vulnerability management program, cutting time-to-remediate for critical vulnerabilities by 50%.
  • Supported technical implementation for ISO 27001 certification through security control analysis.
  • Developed targeted security awareness program based on phishing trends, reducing user-reported incidents by 80%.

IT Security Specialist

WatServ

Apr 2021 to May 2022

  • Led multi-cloud security projects including Microsoft Defender for Cloud deployment.
  • Managed remediation of 600+ vulnerabilities, coordinating with system owners for efficient resolution.

SOC Analyst

eSentire

Jul 2019 to Apr 2021

  • Managed security incidents for global clients from alert to resolution.
  • Developed incident response playbooks improving SOC consistency and threat-handling effectiveness.
  • Conducted proactive threat hunting using MITRE ATT&CK framework.

Information Security Analyst

Stanbic IBTC

Dec 2015 to May 2019

  • Implemented foundational security controls enhancing infrastructure security posture.
  • Managed risk assessment and treatment with practical mitigation controls.

Security Analyst

Union Bank

Sep 2012 to Nov 2015

  • Maintained security infrastructure (firewalls, IDS/IPS, antivirus) for operational readiness.
  • Conducted vulnerability assessments and supported penetration testing.

Certifications

CISSP Certified Information Systems Security Professional
CISM Certified Information Security Manager
CISA Certified Information Systems Auditor
AWS SAA AWS Solutions Architect, Associate
CKA Certified Kubernetes Administrator

Education

BSc Computer Science

Babcock University

Contact

Open to Cloud Engineer, DevSecOps, and Infrastructure roles.

career@thealuko.com