Omiodjo Donadje
Senior Cloud Security Architect & Consultant · AWS Certified
6+ years at Accenture securing enterprise AWS environments — from NIST 800-53 compliance and RMF to DevSecOps pipelines and AI agent security.
About
I'm a Senior Cloud Security Architect and Consultant at Accenture with 6+ years of experience designing, securing, and defending enterprise cloud environments across AWS, with additional work on Salesforce and Azure.
Consulting means being effective fast: learning new environments, aligning with stakeholders across GRC, engineering, and executive leadership, and delivering work that teams can maintain long after the engagement ends.
What drives me is closing the gap between compliance on paper and security that actually works — real controls implemented in Terraform and CDK, architecture that holds up under scrutiny, and automation that turns one-time remediation into repeatable process.
What I bring
- ▸ AWS depth: Security architecture, IAM, networking, EKS/EC2/RDS hardening, and native AWS security tooling across complex enterprise environments.
- ▸ Compliance that ships: I translate NIST 800-53 and RMF into working controls and SSP artifacts — not just documentation, but implemented and auditable.
- ▸ Automation-first: Terraform and CDK modules, Python scripting, and CI/CD pipeline security to turn manual tasks into repeatable, enforceable guardrails.
Skills
AWS Security
Core AWS security services, architecture, and compliance tooling.
AWS Security
Core AWS security services, architecture, and compliance tooling.
- Identity & access: IAM, roles, permission boundaries, least-privilege enforcement
- Detection & response: GuardDuty, Security Hub, Inspector, CloudTrail
- Networking: VPC design, PrivateLink, CloudWAN, NAT/Internet gateways, routing
- Certificate management: ACM, ACM Private CA — TLS lifecycle for EKS and service-to-service
- Automation: CDK, CloudFormation, Lambda, Config rules, Systems Manager
- Compute & data: EKS, EC2, RDS, S3 security hardening and lifecycle policies
- AI/ML: Bedrock agent security — OWASP LLM Top 10, prompt injection, access governance
Security Architecture
End-to-end security design, threat modeling, and architecture reviews.
Security Architecture
End-to-end security design, threat modeling, and architecture reviews.
- Security requirements definition and control mapping to frameworks
- Threat modeling and attack surface analysis
- Secure SDLC / DevSecOps: security gates, SAST/DAST integration, pipeline design
- Authentication architecture: Okta PKCE flows, API Gateway, OAuth 2.0 patterns
- Architecture reviews: risk tradeoffs, recommendations, stakeholder sign-offs
- Tooling integration: fitting security tools into existing delivery workflows
GRC
Compliance frameworks, audit readiness, and security governance.
GRC
Compliance frameworks, audit readiness, and security governance.
- Control framework implementation: NIST SP 800-53, NIST CSF
- RMF execution: categorize, select, implement, assess, authorize
- Security artifacts: SSP and Security Management Plan creation and maintenance
- Audit readiness: evidence collection, gap analysis, executive reporting
- Security governance: operating cadence, compliance tracking, KPI reporting
Infrastructure & IaC
Secure infrastructure automation and CI/CD pipeline design.
Infrastructure & IaC
Secure infrastructure automation and CI/CD pipeline design.
- Terraform and AWS CDK: reusable modules, secure-by-default patterns
- CI/CD pipeline design: Terraform Enterprise, Jenkins, AWS-native pipelines
- Secure pipeline controls: least-privilege IAM, secrets handling, approval gates
- Multi-environment provisioning: parameterization, environment separation
- Automation scripting: Python and TypeScript for security tasks and reporting
Cloud Platforms
AWS as primary, with Azure and Salesforce experience.
Cloud Platforms
AWS as primary, with Azure and Salesforce experience.
- AWS: primary platform — security architecture, engineering, and automation
- Salesforce: AppOmni, EzProtect, DigitSec for SSPM, scanning, and misconfiguration detection
- Azure: landing zones, VNet design, identity federation, compliance alignment
- Multi-cloud: cross-platform network deployment, consistent security policy enforcement
- Workday, MuleSoft: security integration patterns for enterprise SaaS
Security Operations & Tooling
Vulnerability management, detection, and security operations.
Security Operations & Tooling
Vulnerability management, detection, and security operations.
- CNAPP / CSPM: Wiz — cloud posture and workload protection
- Vulnerability management: Qualys, AWS Inspector — prioritization and remediation tracking
- SAST remediation: code review and closure of high/medium findings pre-production
- Threat detection: GuardDuty, Security Hub — alert triage and response
- Incident response support: triage, evidence collection, forensic data gathering
Projects
What I'm building on the side — security tooling, compliance automation, and open-source work.
AI Agent — AWS Strands + OWASP LLM Top 10
Design phase Building an AI Agent on AWS using AWS Strands with safe deployment guidance: least-privilege tool access, prompt-injection resistance, sensitive-data redaction, and audit logging. Evaluating against the OWASP Top 10 for LLM Applications.
AWS StrandsAI SecurityOWASP LLM Top 10
AI Agent — AWS Strands + OWASP LLM Top 10
Design phaseProgress so far:
- Scoping agent security controls and threat model coverage
- Defining least-privilege tool access and audit logging requirements
AI Security Triage Agent
Done An AI-powered AWS security operations agent that helps analysts investigate and remediate Security Hub findings through conversational interaction. Addresses alert fatigue in multi-account environments — enrich findings from Security Hub, GuardDuty, Config, and CloudTrail, then execute remediation only after explicit human approval.
AWS BedrockSecurity HubCDKReactDynamoDB
AI Security Triage Agent
DoneWhat was built:
- Conversational security analysis via chat UI with natural language queries
- Multi-source enrichment from Security Hub, GuardDuty, Config, and CloudTrail
- Approval-based remediation — agent proposes fixes, analyst approves before execution
- Full audit trail with CloudWatch logging and compliance reporting
Security Control Coverage Analyzer
Done A visibility tool that analyzes an AWS account and produces a Control Coverage Report showing what security capabilities exist, what is missing, and what to prioritize next — without duplicating Security Hub or AWS Config.
AWSPythonSecurity Assessment
Security Control Coverage Analyzer
DoneWhat was built:
- Implemented account analysis and coverage scoring logic
- Generated Control Coverage Report with gaps and priorities
- Documented setup and usage in the repository
Experience
6+ years · Accenture consulting · AWS primary
Jan 2026 – Present
Cloud Architect & Engineer
Accenture · State Agency
Designing and deploying secure AWS infrastructure using Terraform IaC to support a large-scale state agency cloud migration.
Cloud Architect & Engineer
Accenture · State Agency
Designing and deploying secure AWS infrastructure using Terraform IaC to support a large-scale state agency cloud migration.
- Design and deploy secure AWS infrastructure (ACM Private CA, EC2, RDS, EKS) using Terraform IaC
- Architect TLS certificate management for EKS workloads using ACM Private CA with automated lifecycle management
- Design CI/CD pipeline architecture integrating Terraform Enterprise, Jenkins, and AWS services with security gates
- Lead security risk assessments implementing encryption at rest/in transit, IAM least-privilege, and network segmentation
- Develop reusable Terraform modules enforcing consistent security controls across multiple environments
Sep 2025 – Jan 2026
Lead Cloud Security Architect
Accenture · Fortune 500 Retailer
Lead Security Architect for an AWS-based agentic solution integrating with SAP; owned end-to-end security architecture decisions across 3 parallel workstreams.
Lead Cloud Security Architect
Accenture · Fortune 500 Retailer
Lead Security Architect for an AWS-based agentic solution integrating with SAP; owned end-to-end security architecture decisions across 3 parallel workstreams.
- Applied OWASP Top 10 for LLM Applications to secure the production agent — prompt injection, sensitive data handling, model access governance
- Architected the end-to-end Okta PKCE authentication flow on AWS using API Gateway and Lambda
- Built proof-of-concept for LLM-powered agents using AWS Bedrock and AWS Strands framework
- Drove production readiness via code reviews and SAST/Wiz remediation, closing 15 high and 10 medium severity issues
Sep 2024 – Sep 2025
Cloud Security Engineer & GRC Lead
Accenture · State Government Agency
Owned the security compliance strategy for 31 enterprise applications (Salesforce, Workday, MuleSoft, Azure) aligned to NIST 800-53 Moderate and NIST RMF.
Cloud Security Engineer & GRC Lead
Accenture · State Government Agency
Owned the security compliance strategy for 31 enterprise applications (Salesforce, Workday, MuleSoft, Azure) aligned to NIST 800-53 Moderate and NIST RMF.
- Led GRC implementation of 270+ security controls; reported to client executives and audit leadership weekly
- Developed and maintained SSP and Security Management Plan as required NIST 800-53 artifacts
- Integrated AppOmni, EzProtect, and DigitSec to detect Salesforce misconfigurations and policy violations
- Performed vulnerability management and security risk assessments aligned to NIST 800-53
Jun 2023 – Sep 2024
Cloud Security Engineer
Accenture · State Health Department Agency
Led a team of 3 access control specialists managing 500+ users across AWS, Salesforce, and Azure.
Cloud Security Engineer
Accenture · State Health Department Agency
Led a team of 3 access control specialists managing 500+ users across AWS, Salesforce, and Azure.
- Served as AWS SME for security reporting, audits, and automation — reducing manual reporting time by 25%
- Performed comprehensive AWS security audits; implemented lifecycle policies cutting storage costs by 50%
- Led incident triage and response across AWS, Salesforce, and Azure environments
- Leveraged GuardDuty, AWS Inspector, and Qualys for continuous endpoint protection and threat detection
Mar 2022 – Jun 2023
Cloud Infrastructure Architect
Accenture · Insurance Company
Designed and developed an enterprise SaaS platform automating secure multi-cloud network deployment across 10+ domains.
Cloud Infrastructure Architect
Accenture · Insurance Company
Designed and developed an enterprise SaaS platform automating secure multi-cloud network deployment across 10+ domains.
- Built reusable libraries for deployment of AWS spoke networks, routing tables, VPC endpoints, NAT/Internet gateways, and CloudWAN
- Implemented network segmentation, least-privilege IAM, and encrypted transit controls across all provisioned environments
- Reduced provisioning time by 40% and increased library reusability by 20%
Feb 2020 – Mar 2022
Cloud Architect & Engineer
Accenture · Electronics Company
Product owner for a logging aggregation platform; led a team of 5 developers delivering multi-region support and SIEM integration.
Cloud Architect & Engineer
Accenture · Electronics Company
Product owner for a logging aggregation platform; led a team of 5 developers delivering multi-region support and SIEM integration.
- Built modules to aggregate CloudTrail, ELB, NLB, and CloudFront logs with S3 lifecycle policies using CDK and Python
- Led multi-region support, SIEM integration, and S3 bucket encryption to expand security visibility
- Established secure coding standards; reduced monthly infrastructure cost by $10K through refactoring
Certifications
AWS Certified Security – Specialty
Amazon Web Services
AWS security architecture, threat detection, incident response, and compliance.
Microsoft Azure Fundamentals
Microsoft
Cloud fundamentals and core Azure services.