SUMMARY:

A self - motivated Cloud (AWS) Engineer offering about 8 years of experience in Cloud/Linux environments with proficiency in cloud orchestration, security, identity & access management, monitoring and event management, governance & compliance, application delivery, data protection, image and patch management, self service and ops analytics in AWS platform.

TECHNICAL SKILLS AND TECHNOLOGY STACK:

Cloud Orchestration/Automation: AWS CloudFormation, Terraform AWS Lambda, AWS Systems Manager, AWS SSM Parameter Store, Ansible, Docker

AWS Security: AWS Security Hub, AWS Guard Duty, AWS Shield, AWS Firewall Manager, AWS Inspector, etc.

Monitoring & Event Management: AWS CloudWatch (Events & Logs), AWS SNS, AWS S3

Identity & Access Management: AWS IAM, AWS AD Connector, Active Directory, AWS Workspaces, AWS Secrets Manager, etc.

Governance & Compliance: AWS Organization, AWS Config Rules, AWS Organization, AWS Control Tower, AWS Trusted Advisor, AWS Well Architected Tool, AWS Budgets, AWS License Manager, etc.

Programming Languages: Bash, JSON, YML, Python

Application Delivery: Jira, Confluence, Jenkins, Bitbucket, AWS Code Pipeline, AWS Code Commit.

Data Protection: AWS Certificate Manager, AWS KMS, Snapshot Lifecyle Manager, AWS Cloud HSMSelf Service: Service Catalog

Network: VPC, VGW, TGW, CGW, IGW, NGW etc.

Image & Patch: AWS SSM Patch Manager, AWS Golden AMI Pipeline

Ops Analytics: Splunk exposure.

IAC: CloudFormation, Terraform.

AWS Platform: AWS CloudFormation, AWS Lambda, AWS Systems Manager, S3, VPC, EC2, ELB, RDS, SNS, SQS, SES, Route53, CloudFront, Service Catalog, AWS Auto Scaling, Trusted Advisor, CloudWatch etc.

PROFESSIONAL EXPERIENCE:

AWS Solutions Architect

Confidential, Boston, MA

Responsibilities:

• Developed and leveraged baseline and custom guardrails, policies, centralized policy enforcement, tagging policies and a well architected multi account environment.
• Managed AWS infrastructure provisioning using CloudFormation
• Designed and deployed scalable, highly available, fault tolerant and reliable applications in AWS
• Hands-on experience with AWS CLI including deploying CFTs, managing S3, EC2, IAM on CLI
• Implemented Machine Image Pipeline and integrated Patch Management
• Developed SDDs for various applications including Diagrams (using Lucid Chart) for Current State/End State Architecture and network topology, security architecture, outlining dependencies, constraints and risks in the SDD
• Migrated legacy applications to AWS cloud environment
• Leveraged Docker to build, test and deploy applications in different environments.
• Developed LLDs for migrating various applications including network sizing, Instance types, names, tags etc.
• Developed required and optional tagging reference document for automation, compliance and consolidated billing
• Developed baseline VPC and Network design including leveraging VPN connectivity and Direct Connect
• Leveraged CloudWatch alarms baseline and centralized logging with AWS landing zone
• Developed baseline AWS account security, implemented/integrated end-point protection, vulnerability scanning and intelligent threat detection
• Built serverless architecture with Lambda integrated with SNS, CloudWatch logs and other AWS services.
• Leveraged automated DevOps tools deployment and Blue-green deployment patterns and strategies
• Configured CI/CD Pipelines using Jenkins connected to GitHub and build environments (Dev, stage & Prod)
• Implemented IAM best practices and role-based access control
• Implemented AWS Organization to centrally manage multiple AWS accounts including consolidated billing and policy-based restrictions
• Implemented Control Tower Preventive and Detective guardrails and leveraged Account Factory, integrated with Lambda for new AWS account creation and setup.
• Setup Ansible control and slave nodes and developed playbooks to automation configuration of servers across environments.

AWS Solution Architect and Cloud Support Tech

Confidential, Chicago, IL

Responsibilities:

• Managed AWS infrastructure provisioning using CloudFormation
• Designed and deployed scalable, highly available, fault tolerant and reliable applications in AWS
• Hands-on experience with AWS CLI including deploying CFTs, managing S3, EC2, IAM on CLI
• Monitored infrastructure and applications using CloudWatch and Nagios
• Implemented cost optimization strategies in the AWS infrastructure
• Architected Amazon RDS with Multi-AZ for automatic failover at the database tier
• Recommended and implemented DR strategies for Business Continuity and HA
• Designed EC2 and related architecture to meet HA while incorporating security best practices
• Provided technical perspective on infrastructure design options and configurations
• Developed Solution Definition Documents (SDD) and Low Level Deign Documents for public cloud
• Recommended and implemented security best practices in AWS including MFA, access key rotation, encryption using KMS, firewalls- security groups and NACLs, S3 bucket policies and ACLs, mitigating DDOS attacks etc.
• Managed Ansible for configuration management
• Used AWS system manager documents and run command to automate operational tasks across AWS resources.
• Used Jira to plan, track, support and close requests, tickets and incidents
• Delegated access across AWS accounts using IAM cross account roles
• Implemented STS to provide temporary access

Environment: VMware, Python, JSON, Tomcat, Maven, Nexus, Docker, AWS, Jenkins, Ansible, GIT, JIRA, LINUX

Linux system administrator

Confidential, Grandview, Missouri

Responsibilities:

• Handled projects in monitoring, deploying and applications on LINUX/UNIX servers.
• Installed Debian/red hat/Ubuntu Operating Systems Distributions
• Installation, configuration and administration of Enterprise Linux and Unix Systems
• Configure LVM-based partitions and manage mount points usage as needed Creating, cloning Linux
• Performing capacity analysis, monitoring and controlling disk space usage on systems
• Software installation and management using Yum and RPM
• Configured and Managed NFS and Samba for File Sharing
• Managing user accounts and SUDO permissions
• Created shared drives and folders and personal drives for users
• Provided customer service to resolve Linux Operating system issues
• Red Hat Package Management (RPM) and YUM package installation and maintenance
• Updated and documented helpdesk tickets with Remedy ticket system
• Resolved software and hardware issues
• Scheduled backup of files
• Performed operating system upgrades