SECUREPATH

Résumé

API & Cloud Security EngineerSecurity ArchitectFull Stack + Security

I build secure systems by designing clear trust boundaries, selecting practical controls, and producing evidence that maps Threats → Controls → Verification. My focus areas include API Security, Cloud Security, Security Architecture, and Web Security.

Download résumé (PDF) →View projects →Interview Q&A →
Contact
Email: wayne@ihowlett.comPhone: 983-217-6195LinkedIn: linkedin.com/in/wayne-howlettGitHub: github.com/WHowlett

Professional summary

  • Architecture-first mindset: define scope, non-goals, and trust boundaries before implementation.
  • Risk-to-controls approach: least privilege, segmentation, secure defaults, auditability, and detection readiness.
  • Evidence-driven delivery: configs, screenshots, scan results, and writeups that show what changed and why it matters.
  • Full-stack background supports secure-by-design implementation, better debugging, and clearer documentation.

Featured security projects

Evidence lives on project detail pages

Current
Home Server Security Architecture + Monitoring

Hybrid edge-to-cloud Zero Trust build. Architecture document available + implementation in progress.

View details →
Current
SecurePath Portfolio (This Site)

Evidence-first portfolio structure connecting architecture thinking to applied work.

View details →

See all work: /projects

Core competencies

Security Architecture

Trust boundaries, segmentation, identity-first access, safe defaults, auditability, and defense in depth.

  • Threats → Controls → Evidence mapping
  • Zero Trust patterns & environment separation
  • Architecture documentation (scope, assumptions, non-goals)
  • Monitoring readiness (logs, signals, investigation support)
API + Cloud Security

Authorization mindset (least privilege), secure API patterns, and cloud controls with audit trails.

  • AuthN/AuthZ concepts (JWT/OAuth patterns)
  • Least privilege IAM concepts (roles/permissions)
  • Encryption concepts (KMS, secure storage patterns)
  • Audit logging (CloudTrail, API traceability)

Full-Stack Engineering + Security

  • Build and secure applications end-to-end (frontend, backend, data, and security layers).
  • Use SQL and JSON-based data modeling to power structured evidence and portfolio-driven content.
  • Comfortable reasoning about real attack surface: inputs, auth flows, sessions/tokens, and misconfigurations.
  • Multimedia background supports clearer UX, documentation, and visual communication for security topics.

Education

  • Associate of Science (AS) — Full Stack Development
  • Associate of Science (AS) — Multimedia / Digital Media
  • Cybersecurity bootcamp — hands-on labs in architecture, monitoring, vulnerability assessment, and reporting

Certifications & training

  • Google certification in Business Intelligence
  • Ongoing learning: secure architecture patterns, detection readiness, and practical cloud/API controls
Focus areas
API SecurityCloud SecuritySecurity ArchitectureWeb SecurityDetection/IR
Security tools (hands-on)
Wazuh (SIEM)NessusLog analysisVulnerability scanningSecurity reporting
Cloud & identity
AWS S3IAMKMSCloudTrailLeast privilege
Networking / edge
VyOSSegmentationDNS-based policy controlsSecure defaults
Engineering + data
Next.jsTypeScriptSQLJSON data modelingDockerGit/GitHubExcel (advanced)

Interview prep

I’m building a growing set of interview questions and answers, mapped to my projects and real evidence.

Interview Q&A →Read writeups →
Contact →Skills map →Security snapshot →Projects →