Tobi Aluko

Cloud Engineer — Security Engineering Focus

About

Security-focused Cloud Engineer with 10+ years building and securing infrastructure across AWS, Azure, and GCP. My work spans detection engineering, cloud security posture management, and identity architecture.

Currently building detection-as-code pipelines, implementing zero-trust controls, and developing automation using Gemini CLI and Claude API for security operations. I focus on making security practical: risk-based prioritization, measurable remediation, and controls that integrate into existing workflows.

Open to Cloud Engineer, Security Engineer, and DevSecOps roles where security is integral to infrastructure delivery.

10+ Years in Infrastructure
3 Cloud Platforms
200+ Detection Rules Deployed
5 Industry Certifications

Core Skills

Cloud Platforms

  • AWS (GuardDuty, Security Hub, IAM)
  • Azure (Sentinel, Defender for Cloud)
  • GCP Security
  • Multi-cloud architecture

Infrastructure & Containers

  • Kubernetes (CKA certified)
  • Container security & runtime protection
  • Network segmentation
  • Secrets management

Security Automation

  • SIEM (Splunk, Sentinel, Panther)
  • SOAR (Tines, N8N, Phantom)
  • EDR (CrowdStrike, SentinelOne)
  • Detection-as-code / CI/CD

Identity & Compliance

  • Okta, SCIM, OIDC/OAuth2, SAML
  • Zero Trust implementation
  • SOC 2, ISO 27001, GDPR
  • Vanta, OneTrust

Experience

Security Engineer

Agio

Aug 2023 to Present

  • Built detection-as-code framework in Panther SIEM with 200+ correlation rules and CI/CD automation for validation and staged deployments.
  • Led cloud security posture assessment across AWS/Azure infrastructure, identifying 150+ security gaps and driving remediation through risk-based prioritization.
  • Designed enterprise identity architecture with Okta (SCIM, OIDC, SAML, FIDO2/WebAuthn), implementing zero-trust policies across 15+ applications.
  • Built security automation workflows using Tines/N8N and AI tooling (Gemini CLI, Claude API) for alert triage and incident classification.
  • Implemented zero-trust controls across AWS and Azure with IAM hardening, network segmentation, and container runtime protection.
  • Supported compliance programs for SOC 2 Type II, ISO 27001, and GDPR, including evidence collection automation and monitoring.
  • Deployed Netskope DLP platform with content inspection across SaaS and cloud storage for data protection.

Security Analyst

Green Shield Canada

May 2022 to Aug 2023

  • Optimized centralized SIEM platform with improved log correlation rules, reducing incident detection time by 60%.
  • Implemented risk-based vulnerability management program, cutting time-to-remediate for critical vulnerabilities by 50%.
  • Supported technical implementation for ISO 27001 certification through security control analysis.
  • Developed targeted security awareness program based on phishing trends, reducing user-reported incidents by 80%.

IT Security Specialist

WatServ

Apr 2021 to May 2022

  • Led multi-cloud security projects including Microsoft Defender for Cloud deployment.
  • Managed remediation of 600+ vulnerabilities, coordinating with system owners for efficient resolution.

SOC Analyst

eSentire

Jul 2019 to Apr 2021

  • Managed security incidents for global clients from alert to resolution.
  • Developed incident response playbooks improving SOC consistency and threat-handling effectiveness.
  • Conducted proactive threat hunting using MITRE ATT&CK framework.

Information Security Analyst

Stanbic IBTC

Dec 2015 to May 2019

  • Implemented foundational security controls enhancing infrastructure security posture.
  • Managed risk assessment and treatment with practical mitigation controls.

Security Analyst

Union Bank

Sep 2012 to Nov 2015

  • Maintained security infrastructure (firewalls, IDS/IPS, antivirus) for operational readiness.
  • Conducted vulnerability assessments and supported penetration testing.

Certifications

CISSP Certified Information Systems Security Professional
CISM Certified Information Security Manager
CISA Certified Information Systems Auditor
AWS SAA AWS Solutions Architect, Associate
CKA Certified Kubernetes Administrator

Education

BSc Computer Science

Babcock University

Contact

Open to Cloud Engineer, Security Engineer, and DevSecOps roles.

career@thealuko.com