Yves Tagne | Cloud Security Engineer / DevSecOps Engineer

About Me

Who I Am

Cloud Security Engineer / DevSecOps Engineer with 8+ years of experience architecting enterprise security solutions across AWS, hybrid cloud, and containerized environments.

My expertise spans vulnerability management, DevSecOps pipeline integration, and infrastructure hardening supporting FedRAMP, NIST 800-53, FISMA, PCI-DSS, and DISA STIG compliance.

I have led cross-functional remediation with global teams in regulated federal and commercial environments, consistently delivering measurable security improvements at scale.

80%

Reduction in critical vulnerabilities across 500+ systems

65%

Reduction in mean time to detection at Medtronic

340+

Vulnerable deployments blocked quarterly via CI/CD gates

99.5%

Patching compliance across hybrid Linux/Windows environments

Career

Work Experience

Senior Cloud Security Engineer / DevSecOps Engineer

Medtronic — Remote (Contract)

May 2023 – Present

Architected enterprise AWS security program for 200+ cloud resources, implementing Security Hub, GuardDuty, and automated incident response reducing mean time to detection by 65%
Led vulnerability management using Qualys VMDR, achieving 80% reduction in critical findings through remediation tracking and executive dashboards
Designed container security for EKS/ECS workloads with Prisma Cloud, achieving 95% automated vulnerability detection before production deployment
Embedded security gates into CI/CD pipelines enforcing SAST, DAST, and SCA standards that blocked 340+ vulnerable deployments quarterly
Established SLA-driven remediation framework reducing MTTR from 45 to 12 days while maintaining 99.5% patching compliance

Senior Security Engineer / Cloud Security Specialist

Deloitte — Washington, DC

June 2022 – May 2023

Led vulnerability management for 300+ federal systems achieving 75% reduction in POA&M findings within 6 months
Architected AWS security controls aligned with FedRAMP Moderate baseline, configuring Security Hub, GuardDuty, CloudTrail, and Config for GovCloud
Implemented Kubernetes security scanning enabling ATO approval for 3 mission-critical federal systems
Managed quarterly PCI-DSS vulnerability scanning with zero critical findings during annual QSA audits
Executed Linux/Unix hardening aligned with DISA STIGs achieving 98% compliance across RHEL and Ubuntu fleets

DevSecOps Engineer / Vulnerability Management Specialist

Cognizant — Various Locations

May 2016 – May 2022

Designed enterprise vulnerability management program using Qualys VMDR and Tenable Nessus for 500+ systems across retail, financial, and healthcare sectors
Pioneered container security for Docker/Kubernetes environments reducing container incidents by 70%
Built CI/CD security integrations achieving 90% automated detection rate
Developed PowerShell and Bash automation reducing admin effort by 50%
Implemented IaC security scanning reducing cloud security incidents by 45%

Technical

Core Competencies

AWS Security

Security Hub GuardDuty Inspector CloudTrail Config IAM VPC Lambda EKS/ECS

Vulnerability Tools

Qualys VMDR Prisma Cloud Tenable Nessus Rapid7 AWS Inspector

Container / DevOps

Kubernetes Docker Jenkins GitHub Actions GitLab CI/CD Terraform Ansible

Compliance

FedRAMP FISMA NIST 800-53 RMF PCI-DSS DISA STIGs CIS Benchmarks

Systems

Linux (RHEL) Ubuntu CentOS Windows Server System Hardening Patch Management

Programming

Python Go Bash PowerShell YAML JSON IaC

Credentials

Certifications

☁️

AWS Certified Security – Specialty

🔐

CompTIA Security+

☁️

AWS Certified Solutions Architect – Professional

☁️

AWS Certified Cloud Practitioner

🔷

Azure Administrator – Microsoft Certified Associate

🔷

Azure Solutions Architect Expert

⚙️

Certified Kubernetes Security Specialist (CKS)

🤖

AI Security & Governance Certified

🏃

SAFe 6 Scrum Master Certified

🏃

Professional Scrum Master I (PSM I)

🏃

Agile Foundations Certified

📋

Project Management Essentials Certified (PMEC)

⚡

Six Sigma Yellow Belt Certified