Samuel Berhe | Cybersecurity Engineer

// 01 — Experience

Career Timeline

Humana Jul 2023 — Present Current

Cloud Security Engineer II

🔎 Reviewed and analyzed Humana enterprise cloud blueprints (Azure/GCP) to identify configuration gaps and translate requirements into enforceable security controls.
🛡️ Implemented and maintained 150+ custom IaC security policy checks (Checkov/Prisma) and integrated Prisma Cloud with Terraform Cloud to scan 4,000+ workspaces during plan runs, blocking misconfigurations before deployment.
🔐 Built and enabled 100+ custom CSPM policies using RQL queries to detect cloud misconfigurations, strengthen compliance monitoring, and trigger CLI-based auto-remediation.
🛠️ Authored Terraform IaC and built Azure DevOps CI/CD pipelines to provision and deploy Prisma Cloud resources and policy-as-code changes with controlled promotion across environments.
🛡️ Developed Azure and GCP cloud-native security policies to enforce provisioning-time standards for cloud services.
🔐 Managed Prisma Cloud IAM configurations, account grouping, integrations, alert rules, and day-to-day platform administration to optimize posture and streamline operations.
🛡️ Implemented Prisma Cloud Compute runtime, vulnerability, and compliance policies for containers to establish consistent container security baselines across environments.
🛠️ Developed Python scripts to detect Kubernetes clusters missing Prisma Cloud Defender; scheduled Splunk reports to track and remediate unprotected clusters.
🛠️ Built shell scripts leveraging Prisma APIs to identify 5,000+ Defenders and 200+ clusters, automatically organizing them into Collections by cloud and environment for precise policy scoping.
🛡️ Collaborated with a cross-functional team to deliver the Humana Certified Registry (HCR) solution: CI/CD pull request scanning for Dockerfiles, Helm charts, and Kubernetes manifests to validate approved images and block non-compliant usage.
📊 Integrated Splunk Cloud for centralized logging of Prisma Cloud alerts; authored SPL reports to track IaC policy-violation trends.
🔨 Built a containerized exporter and shell automation to transform and forward image-scan results to Splunk and Azure Cosmos DB for analytics, trending, and reporting.
👨🏽‍🏫 Mentored college interns and onboarded new engineers to cloud-security standards, practices, and tooling.
🏆 Earned 2× STAR (Special Thanks & Recognition) Awards for efforts safeguarding Humana's multi-cloud environment.
🏆 Received the 2026 Q1 CISO Award as a key contributor to building the Container Security & HCR Image Validation solution, securing 200+ enterprise applications, standardizing HCR-certified image governance, proactively blocking unvalidated third-party images in CI/CD pipelines, and helping drive $7.5M in annual savings with zero production outages during rollout.

Prisma Cloud Terraform DevSecOps Splunk IaC Kubernetes Docker CI/CD Azure GCP Shell Scripting

Humana Sep 2022 — Jun 2023 Internship

Cloud Security Engineering Intern

🛡️ Designed, implemented, and tested Azure security policies aligned to Humana Enterprise Standards to improve compliance posture.
🏷️ Contributed to the Enterprise Azure Tagging Standards initiative — enforced required tags via Azure Policy with remediation tasks, increasing tag coverage to 93% across Humana's Azure tenant.
📝 Authored use-case documentation to ensure effective policy enforcement and operational readiness.
🔨 Streamlined pipelines by converting inline scripts into reusable PowerShell modules with standardized paths.
📋 Standardized the team’s DevOps process by establishing a comprehensive guidebook covering branching strategy, commit hygiene, PR reviews, code ownership, and source-control workflow.

Azure Policy Azure DevOps Cloud Governance Technical Documentation PowerShell Policy as Code Git

Humana May 2022 — Aug 2022 Internship

Site Reliability Engineering Intern

📊 Standardized observability across approved Azure cloud capabilities for Humana’s Cloud 3.0 environment.
📝 Authored SRE knowledge-base guidance article detailing monitoring/logging requirements and provided prescriptive Day-2 OpEx steps for DevOps/AppDev teams.
⚙️ Reduced time spent locating accurate monitoring/logging requirements by an estimated 5–6 hours per week.
🥇 Earned 1st place for both the 2022 Humana IT Intern Hackathon & Olympics.
🏆 Received the 2022 Humana IT "Best Team Player" Intern Award.

Microsoft Azure SRE Agile Project Management Monitoring & Logging Technical Documentation Cloud Computing

Enterprise Hall May 2021 — Aug 2021 Internship

Data Analyst Intern

🧹 Performed data normalization to minimize redundancy and align datasets with organizational standards for accurate querying and analysis.
📊 Analyzed operational data with pivot tables and charts and communicated those insights to decision-makers.
💻 Designed and developed a web-based intake form and landing page to improve data capture quality.
🏆 Received Distinguished recognition for unique achievement and excellent performance throughout the program.

SQL Data Analysis HTML Reporting

Target July 2019 — Jan 2023 Part-Time

Tech Consultant & Fulfillment Operations Expert

💬 Assisted guests with consumer tech (phones, laptops, accessories), providing recommendations, setup/activation, data transfers, troubleshooting, firmware updates, and returns/warranty support in POS/CRM to maximize first-contact resolution and minimize returns.
📦 Used handheld scanners and the store warehouse management system (WMS) to coordinate inventory flow and same-day fulfillment. Reduced INF exceptions through slotting and label checks, backroom audits, and real-time substitution triage.
🚀 Trained 3–8 new team members per quarter using clear SOP handoffs and on-floor coaching to accelerate ramp-up and improve team performance.
🎯 Led day-to-day logistics for Pick, Pack, and OPU to meet service levels and metric goals during peak windows.
📊 Raised store-wide fulfillment performance; consistently ranked on the Top 5 Weekly Leaderboard for Pick, Pack, INF, and OPU in a 70+ person department. Averages: 75–80 UPH (pick), 300–350 UPH (pack), 4–5% INF.
🏆 Processed 40,000+ units in 2021 as a part-time employee, the most store-wide, and ranked in the top 10 for throughput across the district.
🏆 Recognized with 2 Performance Awards and earned top evaluation ratings of Delivered Exceptional Outcomes.

Systems Troubleshooting Team Leadership Inventory Management Process Optimization Fulfillment Operations

// 02 — Skills

Technical Arsenal

🛡️

Cloud Security

Prisma Cloud Cloud Security Posture Management (CSPM) IaC Security Checkov Policy-as-Code Container Security Azure Policy GCP Org Constraints

☁️

Cloud Platforms

Microsoft Azure Google Cloud Platform (GCP) Amazon Web Services (AWS) Oracle Cloud Infrastructure (OCI)

⚙️

DevSecOps & IaC

Terraform Cloud CI/CD Pipelines Docker Kubernetes Pull Request Security Scanning Azure DevOps GitHub

💻

Programming & Scripting

Python Shell Scripting SQL HTML REST APIs SPL YAML JSON

📊

Monitoring & Logging

Splunk Cloud Splunk Reporting Security Metrics Trend Analysis Observability SRE

🔧

Other Tools & Platforms

ServiceNow Postman Git Kali Linux VS Code TwistCLI Conda

// Certifications

11 industry certifications across cloud, security, and infrastructure.

🟠

Prisma Certified Cloud Security Engineer

PCCSE

🟣

HashiCorp Terraform Associate (003)

TA-003

🔵

Microsoft Azure Administrator Associate

AZ-104

🔴

CompTIA CySA+

CySA+

🟢

Splunk Core Certified User

SPLK-1001

🔴

CompTIA Security+

Sec+

⚪

ISC2 Certified in Cybersecurity

🔵

Microsoft Azure Fundamentals

AZ-900

🔵

Microsoft Security, Compliance & Identity

SC-900

🔵

Microsoft Azure Data Fundamentals

DP-900

🟠

AWS Certified Cloud Practitioner

AWS CCP

🏛️

NSA/DHS CAE in Cyber Defense

National Center of Academic Excellence

🔴

CompTIA Security Analytics Professional

CSAP

// 03 — Beyond the Code

Education & Extras

Washington Commanders · NFL

Marching Band — Trumpet 🎺

Jun 2022 — Present

One of 70 selected performers for Commanders home games at Northwest Stadium.
Collaborate with ensemble to execute show music and field sets under live-game pressure.
Nominated for the 2025 Combined Leagues All-Star Band (Upper Brass).

Word of Life International Church

Marching Band Director & Composer 🎵

Apr 2024 — Present

Lead rehearsals and performances for a church-based marching band/drumline.
Mentor young musicians on timing, technique, and ensemble confidence.
Arrange original marching-style music tailored to instrumentation and skill level.

George Mason University

Peer Academic Advisor 📚

Sept 2022 — Present

Advise students on 4-year academic plans, career paths, and certification strategy.
Host resume + LinkedIn sessions focused on clarity, impact, and professional presence.
Support students with practical next steps and accountability toward internships and full-time roles.

Georgia Institute of Technology

Graduate Studies 🎓

Aug 2025 — Present

M.S. in Cybersecurity
Track: Information Security
Current Cumulative GPA: 3.75