Cloud Infrastructure & Security Engineer
AWS · GCP · Terraform · DevSecOps · IAM · Private Networking
Portfolio · LinkedIn · Repositories
I design, automate, and secure cloud infrastructure across AWS and Google Cloud.
My work focuses on:
- Terraform-based infrastructure delivery
- Private and hybrid cloud networking
- Least-privilege identity and temporary access
- Multi-region and multi-cloud architecture
- Edge security, encryption, logging, and monitoring
- Deployment validation, evidence collection, and operational documentation
I build complete systems—not isolated service demos. Each flagship project includes architecture decisions, infrastructure code, security controls, deployment instructions, and validation evidence.
| Project | Architecture | What It Demonstrates |
|---|---|---|
| Secure Multi-Cloud Medical Platform | AWS Tokyo, AWS São Paulo, and GCP Iowa connected with Transit Gateway, HA VPN, and BGP | Data residency, private multi-cloud routing, WAF, RDS, observability, and Terraform automation |
| Zero-Trust Vendor Access Control Plane | API Gateway, Lambda, DynamoDB, STS, S3, KMS, and CloudTrail | Approval-based access, short-lived credentials, least privilege, automatic expiration, and audit evidence |
| Secure Multi-Tier AWS Application Platform | ALB, ECS on EC2, private RDS MySQL, VPC networking, and Terraform | Network segmentation, controlled application entry, and private application-to-database connectivity |
| Enterprise Serverless API Security Platform | API Gateway, Lambda, WAF, CloudWatch, SNS, and EventBridge | API protection, usage controls, alerting, event automation, and serverless operations |
| Secure GCP Global Web Platform | Global HTTPS load balancing, Cloud CDN, Cloud Armor, private Compute Engine, and Cloud NAT | Secure global delivery, private backends, managed TLS, encryption, monitoring, and Terraform |
| AWS–GCP Private VPN Connectivity Bridge | AWS VPN, GCP HA VPN, Cloud Router, and BGP | Cross-cloud private connectivity, dynamic routing, route validation, and troubleshooting |
Cloud: AWS, Google Cloud
Infrastructure as Code: Terraform, HCL
AWS: VPC, IAM, EC2, ECS, RDS, Lambda, API Gateway, CloudFront, WAF, Transit Gateway, Route 53, CloudWatch, KMS, S3, DynamoDB, STS, CloudTrail
Google Cloud: VPC, Compute Engine, Cloud Load Balancing, Cloud Armor, Cloud CDN, Cloud NAT, Cloud Router, HA VPN, Cloud DNS, Cloud Monitoring, Cloud KMS
Delivery and Automation: GitHub Actions, GitLab CI/CD, Jenkins, Bash, Python
Security: Least privilege, temporary access, network segmentation, encryption, audit logging, edge protection, secrets management
- AWS Certified Security – Specialty
- AWS Certified Solutions Architect – Associate
- AWS Certified AI Practitioner
- HashiCorp Certified: Terraform Associate
- CompTIA CySA+
- CompTIA Security+
- ISC2 Certified in Cybersecurity
I am continuing to deepen my skills in Kubernetes, Helm, GitOps, Argo CD, container security, and production-grade CI/CD while expanding the operational depth of my cloud projects.
- Portfolio: gavinfogwe.win
- LinkedIn: linkedin.com/in/sama-engineer
