SUMMARY

• Experienced AWS Solution Architect/DevOps Engineer with over 5 years working with AWS services like compute, storage, budgets, Billing, management, network,
• Microservices and security, creating solution proposals in line with an organization’s goals around performance, scalability, elasticity, security, fault tolerant, cost optimization, efficiency; and creating these solutions with democratizing advanced technologies.
• System administrator with over 7 years working with multiplatform Unix/Linux/Windows environment with hands - on experience.
• A good background in technical support, troubleshooting and system maintenance and capable of working independently as well as in a team with little or no supervision.
• IT project management capabilities with the ability to manage teams, drive growth and enhance work environments at all levels.

TECHNICAL SKILLS

Cloud Orchestration/Automation: AWS CloudFormation, AWS Lambda, AWS Systems Manager, Ansible, Docker, Packer, Terraform

AWS Security: AWS Security Hub, AWS Guard Duty, AWS Shield, AWS Firewall Manager, Bashtion Host, Security groups, NACLs.

Monitoring and Event Management: AWS CloudWatch (Events and Logs), AWS SNS, New Relic, VPC Flow Logs, Elasticsearch.

Identity and Access Management: AWS Organization, AWS IAM, AWS Active Directory, SSO, etc

Governance and Compliance: AWS Config Rules, AWS Organization, AWS Control Tower, AWS Trusted Advisor, AWS Well Architected Tool, AWS Budgets.

Programming Languages: Bash shell scripting, Python.

Application Delivery: Jenkins, Maven, Sonaqube, Gits, AWS Code Pipeline, AWS Code Commit, AWS Code Build, AWS Code Deploy, ECR, ECS (EC2 and Fargate), EKS

Data Protection: AWS Manager, AWS KMS, Snapshot, Lifecycle Manager, AWS Cloud HSM.

Infrastructure as Code: Terraform, CloudFormation, Terraform Cloud.

Network: VPC, TGW, IGW, NGW, Subnets, TWG Attachment, Route53.

Image and Patch: AWS SSM Manager, AWS Golden AMI Pipeline, Packer and Win-Chocolatey AMI.

AWS Platform: AWS CloudFormation, AWS Lambda, AWS Systems Manager, S3, VPC, EC2, ELB, RDS, SNS, Route53, CloudFront, AWS Auto Scaling, Trusted Advisor, CloudWatch.

AWS Migration: Phases (Assess, Mobilize, Migrate and Modernize), Tools (CART, CloudEndure, DMS, etc)

Linus/Unix/Windows Platform: DNS, DHCP, TCP/IP, NFS, RBAC, LVM, SVM, NAS, Veritas, Ansible, Apache, User Accounts Management, Process Management, Patch Management, Swap management etc.

PROFESSIONAL EXPERIENCE

AWS DevOps Engineer

Confidential, MA

Responsibilities:

• Integrate infrastructure pipeline to AWS account to have terraform automate and create resource in AWS.
• Create the integration between Azure pipeline and terraform cloud and AWS while making use of backend end configuration, AWS secrete keys, access keys and terraform cloud Tokens.
• Create terraform workspaces and successfully have it to store/save terraform state in appropriate environment through pipeline.
• Create a serverless compute EKS faregate cluster to AWS account, through pipeline, using terraform to deploy applications with unique specification based on application team needs.
• Create cluster overrides plus addons like core dns, alb ingress, EFS/CSI (cluster storage interphase), EBS, new relic etc.
• Make sure that for the EKS cluster, pods in all namespaces will run on fargate and application team can access the cluster via a private domain.
• Edit the config map to grant RBAC to various teams to EKS Fargate cluster.
• Enabled cluster access through the command line by configuring kubectl.
• Successfully create an Elastic Container Registry (ECR) through pipeline, using terraform following company’s naming convention, and making sure images from the registry can be pulled into the EKS cluster by a scheduler.
• Implemented an ingress controller deployed via pipeline and have app teams create private or public endpoints through ingress records and have them browse application dashboards.
• Create K8S alerts and dashboards in new relic for APM, CPU utilization, total memory usage, pods unavailable post 6 hours after creation.

AWS DevOps Engineer

Confidential, Burnie, MD

Responsibilities:

• Design and secure highly available, scalable and fault tolerant AWS web architecture by leveraging VPC, TGW, TGW Attachment, EC2, ELB, and R53, S3, cloudwatch and cloudwatch metric stream etc.
• Create Alerts, Dashboards in New Relic and New Relic Metrics stream and intergration to AWS using terraform.
• Use Terragrunt and Terraform as primary tool for infrastructure as code (IaC) to provision AWS Infrastructure.
• Actively participate in the Migration of on-premise application to cloud using Cloud Endure and Database Migration Services.
• Create AWS Linux and Windows AMIs using Packer and Ansible. Using Packer and ansible to build custom AMIs from web service to linux ami, while making sure the right agents are installed and configure in a “main.yml” file.
• Utilize Git and GitHub for version control and for CICD Github Actions runners.
• Develop pipeline using Github Actions to deploy and manage resources in AWS as well as validate that the infrastructure complies with code quality standards and best practices.
• Wrote python Lambda script to create and restrict access to DocumentDB to named AWS account and have this Lambda triggered by Terraform Lambda Invocation.
• Worked with web and database application deployment technology specifically php/Nginx/Apache/MySQL/Posgress etc.
• Dynamically add and remove servers from AWS environment.
• Worked on several AWS CI/CD pipeline projects using code commit, code build and code deploy to build infrastructure.
• Monitoring the CICD pipeline with the use of AWS Cloudwatch and other third party tools like New-relic.

AWS Solution Architect

Confidential, Columbia, MD

Responsibilities:

• Design and secure highly available, scalable and fault tolerant AWS architecture web application by leveraging VPC, EC2, ELB, and Route 53, RDS, S3, etc.
• Actively participate in the Migration of on-premise application to cloud using Cloud Endure and Database Migration Services by making use of CART.
• Provisioning AWS infrastructure using IoC tools like CloudFormation and other third-party tools like Terraform.
• Design high available and business continuity environment using self-healing architecture models like fail-over routing policies, multi-AZ deployment of compute resources, ELB health checks, auto-scaling and other disaster recovery models.
• Design environment for elasticity and scalability using ElastiCache, CloudFront, RDS.
• Monitor end to end infrastructure using Cloudwatch
• Implementing AWS security best practices using multifactor authentication in IAM, KMS encryption, security groups, firewall and NACLs, S3 bucket policies and roles for heighten security.
• Leverage IAM to manage identities and create custom policies to users and roles that grant access to other AWS services to enforce the principle of least privilege
• Design multiple serverless workflows by using LAMBDA as the main compute mechanism.
• Using AWS System manager to automate operational task across AWS resources.
• Troubleshoot continuous integration and automated deployment and management using Jenkins, Maven, Docker or comparable tools.
• Worked with automation and continuous integration process using Jenkins, Maven, Nexus and Sonarqube.
• Monitoring the CICD pipeline with the use of AWS Cloudwatch

UNIX/Linux/Windows System Administrator

Confidential, Spring, MD

Responsibilities:

• Build, configure and install virtual and physical servers from scratch using ISO images.
• Test and deploy Solaris 10, RHEL6&7 Centos 6&7 servers to the network using standard and advance operations.
• Hardening and patching of RHEL, Centos and Solaris servers. Patching in Linux using the “yum” and in Solaris 10 using the “10 Recommended patches” and “upgrades” release, patching on standalone server using “single user mode” and on production servers (live upgrade) using Alternate Boot Environment (ABE).
• Build yum repositories and patch Linux servers
• Setting-up, configuring and troubleshooting TCP/IP, DNS, and DHCP servers in a multiplatform LAN
• Monitoring and log management in solaris, Linux and Windows servers including process and swap management.
• Create and administer user accounts, manage user security, password recovery aging and complexity.
• Performing multiplatform volume management using LVM and ZFS volume managers
• Installing and configuring a LAN wide NAS (FreeNAS) used for creating LUNs and attaching to Windows 2008 (domain controller) server and to Solaris 10 using “iscsI”.
• Regulating access to system by configuring ACL (Access Control List)
• Create and manage LVM volumes
• Setting-up a domain and active directory in windows2008 servers
• Configuring Apache in solaris 10 and Linux for virtual and web hosting.