2020-10
2023-03
2022-07
2022-12
Evaluated current and alternative solutions for SAST, DAST, IAST, SCA and container security by comparing tools such as SonarQube, NetSparker, NexusIQ and Aqua, against Veracode, Checkmarx, Synopsys, and Synk.
Conducted workshops for application teams to assess their implementation of container security and worked with them to reduce the overall organizational container security vulnerabilities by 28%.
Reviewed Dockerfiles and Azure DevOps build pipelines for the implementation of container security best practices.
Scanned container images for vulnerabilities in applications and third-party libraries with Aqua.
Provided recommendations for updating base images to minor releases of less vulnerable ones based on CVSS scores.
Investigated application security standards such as OWASP Application Security Verification Standard (ASVS), SANS Security Web Application Technologies (SWAT) Checklist, and the NIST Secure Software Development Framework (SSDF) for mapping against DevSecOps security tools.
2021-10
2022-01
Performed security audits on EKS clusters to identify issues relating
to cluster, node and application security.
Reviewed AWS IRSA authentication, Kubernetes cluster RBAC
Roles, RoleBindings, Service Accounts, Signed Certificate holders
and ConfigMaps.
Investigated container runtime security, mutating and validating
webhooks, admission controllers, network policies, privileged access
and security contexts.
Evaluated security of the DevOps lifecycle, CI/CD deployment
pipelines, Helm charts and supply chain security.
Proposed an implementation of OPA Gatekeeper Admission
Controller and OPA agents for whitelisting of container registries
Performed automated cluster security assessments with Falco,
Kubescape, and Kube-bench tools against CIS Benchmarks.
Proposed an implementation of security best practises in
Kubernetes for cluster access control, image and container
vulnerability scanning, and audit logging.
Deployed Conftest for static analysis of Dockerfiles and Kubernetes
YAML manifests, and writing rules using rego commands
Proposed an implementation of hardened docker images for Debian
and Alpine.
2019-05
2020-12
2016-12
2019-05
2014-04
2016-11
2013-05
2014-04
Customer: Nokia Solutions & Networks
Tasks:
Nokia WING IoT Project
Customer: Nokia Solutions & Networks, Amsterdam & Frankfurt
Tasks:
Nokia G-Cloud GCEP | ANPTIC, Government of Burkina Faso
Customer: Nokia Solutions & Networks
Tasks:
National Information Technology Agency | NITA e-Gov Project
Customer: Alcatel-Lucent (Nokia)
Tasks:
PCI DSS Compliance Project | CalBank Limited
Customer: Security Architectural Consult
Tasks:
2007-08
2011-06
2020-08 - 2020-08
2020-07 - 2020-07
Microsoft Certified Azure Solutions Architect - Expert
2020-06 - 2020-06
Microsoft Certified Azure Security Engineer - Associate
2020-04 - 2020-04
AWS Certified Advanced Networking - Specialty
2019-06 - 2019-06
AWS Certified Security - Specialty
2019-05 - 2019-05
AWS Certified Developer - Associate
2019-04 - 2019-04
AWS Certified Solutions Architect - Associate
2016-09 - 2016-09
Certified Ethical Hacker (CEH)
2016-08 - 2016-08
Certified Information Systems Auditor (CISA)
2016-07 - 2016-07
Certified Information Systems Security Professional (CISSP)
2013-04 - 2013-04
ITIL Foundation
Languages German
A Hybrid and Multi-Cloud (AWS/Azure/GCP) Solutions Architect with expertise in DevSecOps, container security, CI/CD pipelines, Kubernetes and cloud automation using Terraform. I have experience providing innovative Managed Security and Cloud-based solutions for Start-Up, Government and Enterprise.
Internship
2013-02 - 2013-03
Role: Intern
Customer: EY Ghana, Accra, Ghana
Tasks:
Skills:
Personality