AWS Cloud Engineer designing and operating enterprise AWS environments with a focus on network segmentation, Terraform-governed change, and production-grade security controls. I build and run audit-ready, drift-controlled platforms engineered for reliability at scale.

I build AWS platforms that are:

• Segmented by design — multi-VPC architecture with Transit Gateway centralized routing and controlled east-west traffic
• Governed through IaC — Terraform-managed convergence with AWS Config rule validation, no manual drift
• Identity-bounded — least-privilege IAM hierarchies, RBAC enforcement, and blast-radius containment
• Observable — CloudWatch alarm strategy, VPC Flow Logs, EventBridge, and Splunk-integrated alerting across all environments
• Audit-ready — compliance visibility through GuardDuty, Security Hub, and AWS Config
• Highly available — multi-AZ, autoscaling, scaling policy optimization, and controlled change execution by default

VPC · Transit Gateway · Subnets · Route Tables · NAT Gateway · Security Groups · NACLs · Route 53

EC2 · Launch Templates · Auto Scaling · Elastic Load Balancing

IAM · RBAC · Permission Boundaries · KMS · Secrets Manager

RDS (Multi-AZ) · DynamoDB · S3

GuardDuty · Security Hub · AWS Config · AWS WAF · AWS Inspector

Lambda · EventBridge · API Gateway · Step Functions

CloudWatch · VPC Flow Logs · CloudTrail · Datadog · Prometheus · Grafana · Splunk

Terraform (Cloud & Remote State) · CloudFormation · Ansible · Packer GitHub Actions · Jenkins · Python (Boto3) · Bash · PowerShell · Linux

Docker · Docker Swarm · Amazon ECS · Kubernetes

Amazon Bedrock · Rekognition · Transcribe · Translate · Polly

Event-driven AI pipelines integrated into governed AWS infrastructure environments.

• AWS Certified Solutions Architect – Associate
• AWS Certified SysOps Administrator – Associate
• AWS Certified AI Practitioner
• AWS Certified Security – Specialty (Expected)
• CompTIA Security+
• CompTIA Network+
• Linux Essentials (LPI)

Repositories on this profile demonstrate:

• Multi-VPC network architecture with Transit Gateway routing and environment segmentation
• Terraform-governed infrastructure with remote state, AWS Config validation, and controlled environment isolation
• IAM role hierarchy design and least-privilege access enforcement
• CloudWatch alarm strategy, scaling policy design, and operational monitoring patterns
• Event-driven serverless systems and AI-integrated infrastructure pipelines
• Compliance automation and audit-ready evidence generation

Infrastructure built with governance, reliability, and operational ownership.

LinkedIn: https://www.linkedin.com/in/wilmeralberto Technical Writing: https://medium.com/@wilmeralberto Resume: https://willsoto.cloud