Cloud Engineer / Aws / System Admin Resume
SUMMARY
- A self - motivated cloud Engineer offering 6 years of comprehensive experience in Aws, Azure, Linux and Windows, with proficiency in several distributions of Linux ( Red hat, Centos) and AWS services ( VPC, VPN, EC2, S3, RDS, ROUTE53, Redis, cloud watch, AWS Systems Manager etc.)
TECHNICAL SKILLS
Containerization: AWS ECS, AWS EKS, Docker, Kubernetes.
Security: AWS Guard Duty, AWS Shield, AWS Inspector, etc. .
Programming Languages: Bash, Shell, Python .
Identity and Access Management: AWS Organization, AWS IAM, Active Directory, OKTA, AWS Workspaces, Aws Secrets Manager, etc. .
Self Service: Service Catalog
Image and Patching: AWS SSM Patch manager, AWS Golden AMI PIPELINE, jFrog, Update, Yum repo list, Rpm, Quay .
AWS Platform: VPN, VPC, Route53, Route53 Resolver, EC2, ELB, AWS CloudFormation, AWS LAMBDA, AWS System Manager, S3, RDS, SNS, SQS, SES, CloudFront, AWS Auto scaling, CloudWatch.
Governance and Compliance: AWS Config Rules, AWS Organization, AWS Trusted Advisor, AWS Well Architected Tool, AWS Budgets, AWS License Manager, etc. .
Communication: Confluence, jara Atlassian.
Database: DynamoDB, MongoDB MYSQL, Amazon Aurora .
Migration: Database Migration Service, Server Migration Service, Cloud Endure, CART .
Data Protection: AWS Certificate Manager, AWS KMS, Snapshot Lifecycle Manager, AWS Cloud HSM .
Application Delivery: GitHub, Bitbucket, Jenkins, Circles CI, AWS Code Deploy, AWS Code Pipeline, AWS Code Commit.
PROFESSIONAL EXPERIENCE
Confidential
Cloud Engineer / AWS / System Admin
Responsibilities:
- Configured CI/CD Pipelines using Jenkins integrated with Nexus for antifactory and SonarQube for Code quality check. Pipeline was triggered by GitHub webhook.
- Implemented security best practice in AWS and Linux including multi-factor authentication, access key rotation, role-based permission, enforced strong password, S3 Bucket policies and ACLs, configured security groups and NACLs etc. .
- Installation and configuration of LINUX? UNIX servers using kickstart, live upgrade, Ansible. I also build AWS, Azure and Windows from scratch.
- Excellent experience supporting red hat 6,7, and 8 in DEV, TEST and Production environment. I have experience using IAM, AMI, Nat, NET Gateway, S3, Active Directory, Microsoft 365, VNET, Veeam Backup, VPN and proxy server appliance .
- Part of a team that migrated databases and servers from on-prem to the cloud using DMS and Cloud Endure.
- Monitored end-to-end infrastructure using CloudWatch integrated with SNS for notification.
- Used Ansible for configuration.
- Setup new AWS Organization from scratch, with preventive and detective guardrails
- Architect Static website to host a one-time event or in a disaster recovery scenario by leveraging Route53.
- Architect a secure infrastructure with client VPN Endpoint to allow users to access resources in AWS.
- Leverage Kubernetes for docker container orchestration.
- Migrated Docker images from Quay to jFrog.
- Automated the process of monitoring instances by leveraging Lambda that monitors instances that did not compile with company standard with company standard and sending weekly notification for remediation.
- Conducted regular monthly cleanup of unused resources in lower and higher environment.
- Managed provisioning of AWS infrastructures using Terraform, CloudFormation and Ansible.
- Troubleshoot performance, networking connectivity and related issue.
- Migrated and rebuilt the entire server infrastructure from a collocation datacenter to Azure Cloud.
- Responsible for designing and implementing standards around apps and infrastructure built in AZURE cloud.
- Maintain ongoing relationship with technical contacts of Key Enterprise accounts.
- Collaborate with Engineering, Sales, Operations, Marketing and Product Development teams, to manage customer expectations of technical solutions and future service requirement.
- Integrate qualifying and evaluating tools/resources into opportunity lifecycle.
- Configured and Managed Firewall/iptables.
- Configured and managed Apache Web Service.
Confidential
Cloud Engineer/ AWS Engineer / System Admin
Responsibilities:
- Implemented SCP that restricted AwS’s service to a selected list of regions.
- Designed for high availability and business continuity using self -healing-based architectures, fail -over routing policies, multi -AZ deployment of EC2 instances, ELB health checks, Auto Scaling, and other disaster recovery models.
- Conducted regular monthly cleanup of unused resources in a lower and higher environment.
- Optimized cost through reserved instances, selection, and changing of EC2 instance types based on resources need, S3 Storage classes and S3 lifecycle policies, leveraging Autoscaling, etc.
- Provision secured resources in VPC subnets with security groups and NACLs using Terraform.
- Contribute to RFP, RFI and tender requests with engineering/design specifications, product and services descriptions.
- Deliver network architecture drawings/diagrams and equipment CAPEX for qualified sales opportunities.
- Microsoft Visio software proficiency is an asset.
- Maintain ongoing relationships with technical contacts Key Enterprise accounts.
- Owner of Managed services during the implementation phase and post -implementation support.
- Provide coaching with Managed Services products and other products developments.
- Build and configured Linux servers from scratch with type one hypervisors for virtualization and network components.
- Performed package management, system updates using yum and rpm .
- Shell scripting and task automation by creating cron jobs.
- Maintained server integrity by applying updates and patches per our maintenance policies.
- Collaborate with other departments and teams to ensure a smooth delivery.
- Supports the Enterprise sales team by acting as a technology liaison with the customer in a pre-sale support capacity.
- Develop value-add technology solutions with network services for potential customers.
- Leveraged Docker to build, test and deploy applications in different environments.
- Used Jira to plan, track, support and close requests, tickets and incidents.
- Implemented IAM best practices and role-based access control.
- Designed secure, cost-optimized, highly available and fault-tolerant architecture.
- Integrated Git-Leaks scan for all project repositories.
- Tagged AWS resources and developed a methodological standard for tagging of individual resources for audit, tracking, and cost analysis.
Confidential
AWS Engineer/ System Admin
Responsibilities:
- Leveraged EC2 lifecycle Manager to create snapshots of EBS Volumes on scheduled intervals for backup and define a retention period as a cost-saving.
- Setup and configured logs and files for detail monitoring and alerts notification in Splunk.
- Configured lifecycle configuration rules on an S3 bucket to move data between S3 storage classes for easy accessibility, archiving and or cost optimization.
- Automated the process of deleting empty log streams and notifying for log group with never expire tags.
- Used AWS system manager to automate operational tasks across AWS resources.
- Advocate directly for client needs and interest while working to ensure best practice support.
- Identify and define client needs and apply them to technical standards.
- Controlled access to files and directories using ACL permissions.
- Capture conceptual design of access, transport, data, voice and video network architectures that meet customer requirements.
- Various other duties as required.
- Monitoring from end-to-end view of runtime systems CPU, Bandwidth, disk space, and log files using New Relic.