- Professional Summary
- Cloud Security Competencies
- Tools and Frameworks
- Certifications and Development
- What I Bring to a Team
- Community and Industry Engagement
- Early Career Advice (Cyber and Cloud)
- Recommended Videos
- Recommended Starter Certifications
- Concepts and Tools Worth Learning Early
- Conferences to Explore
- Beyond the Keyboard
Cloud security professional focused on helping teams design, secure, and scale cloud environments with strong security fundamentals, automation, and operational discipline.
I transitioned from HR and Recruiting into cybersecurity engineering, where I now focus on defending cloud environments.
- 🎯 Target Role: Cloud Security Engineer
- 🔐 Core Focus: Cloud security posture, IAM, DevSecOps, and secure infrastructure practices
- 🌱 Current Learning: Terraform and cloud security automation
- 🔄 Career Transition: HR/Recruiting to Cybersecurity Engineering
- 🎓 Education: Completed a Bachelor's in Cybersecurity and a Master's in Cybersecurity over the last 4 years
- 🤝 Collaboration: Open to security-focused projects and community initiatives with fellow POC technologists
- Cloud Platforms: AWS, Azure, GCP (foundational knowledge)
- Identity and Access: IAM principles, least privilege, role-based access control
- Security Operations: Blue Team mindset, incident response fundamentals, security monitoring concepts
- DevSecOps: Infrastructure as Code, secure deployment workflows, policy-aware engineering practices
- Security Governance: Risk awareness, controls, and governance-aligned security thinking
- Terraform
- Kubernetes
- Splunk
- MITRE ATT&CK
- OWASP
- ISACA-aligned governance concepts
- GCP Associate Cloud Engineer
- Microsoft Azure (AZ-900)
- AWS Solutions Architect
- GCP Generative AI Leader
- ISC2 Certified in Cybersecurity
- CompTIA Security+
- AWS Cloud Practitioner
- AWS Certified AI Practitioner
Current path:
- Strengthen cloud fundamentals across AWS, Azure, and GCP
- Deepen specialization in one cloud ecosystem for security engineering depth
- 🛡️ Security-first approach to cloud and infrastructure decisions
- 🗣️ Ability to translate security concepts for technical and non-technical stakeholders
- 🌉 Unique blend of recruiting and security experience that strengthens communication, stakeholder alignment, and cross-functional collaboration
- 📚 Commitment to continuous learning in cloud and cybersecurity
- 🤲 Community-minded perspective with interest in mentoring and knowledge sharing
- BSides
- DEF CON
- WiCyS (Women in Cybersecurity)
If you are exploring cybersecurity or cloud security, there are many paths to enter the field. I usually describe cybersecurity in four broad buckets:
- Blue Team: SOC operations and incident response
- Red Team: offensive security and ethical hacking
- Purple Team: threat intelligence, risk and audit, controls, and governance
- Technical Security: engineering-heavy roles like DevOps, Security Engineering, and IAM
If you are starting from zero, CompTIA Security+ is a great first certification for building a strong foundation.
- Day Johnson on breaking into cybersecurity: Cyberwox
- Lucy on cloud concepts and learning paths: Tech With Lucy
- Damien Burks on DevOps and security: DevSecBlueprint
- CompTIA Security+
- CompTIA Network+
- Google Cybersecurity Professional Certificate
- MITRE
- Terraform
- ISACA
- OWASP
- Kubernetes
- Splunk
- BSides (affordable and community-driven)
- DEF CON
- WiCyS (Women in Cybersecurity)
- Marvel fan
- Theme park enthusiast
- Proudly Peruvian and always ready to talk cuisine
