SUMMARY:

• Infrastructure as code (Terraform, Ansible, Puppet, Cloudformation and Saltstack)
• Unified Logging infrastructure (Kafka and Kinesis).
• Data driven security. Security visualization dashboards.
• Zero downtime deployment, Canary deployment, Red and blue deploymentsBig Data ingestion systems. NoSQL data modelling (Cassandra,Dynamodb,Hbase and Mongodb)
• Data pipelines for log analysis and ETL processing. Designing devops workflows.
• Architecting big data solutions on Hadoop using Sqoop, Pig, Hive, Hdfs, Spark etc .
• Data driven approaches to IT Operations Analytics.
• Real - time and streaming processing Data pipeline engineering.
• Dashboard design for security, performance and operational visibility
• Application and infrastructure instrumentation.
• IT operational intelligence using Splunk and ELK stack.
• Serverless Microservice on AWS (AWS Step Functions and Lambda)
• Expertise with log shipping and data parsing/enrichment; centralize log management repository and search; data visualizations; reporting; dashboards; alerting; integrations with additional strategic monitoring solutions.
• Experience with REST API design: AWS API Gateway, Swagger and Hapi.js
• Expertise is designing, implementing and optimizing unified logging system or message brokers such as Apache Kafka, Amazon Kinesis and MapR streams .
• Design, Operation and optimization of large elasticsearch clusters for low latency indexing and low latency queries.

TECHNICAL SKILLS:

STACKS: Elasticsearch,Kibana,Beats,Logstash,X-Pack,Security (formerly Shield),Alerting (via Watcher)(ELK),, Grafana,Telegraf and influxdb, FLAKA (kafka and FLUME)

Ingestion: Telegraf,Logstash,flume,opsquery,Heka,fluentd

Data pipelines Egineering Tooling: Apache Nifi or Hortonworks Dataflow, Streamset,Liugi,Airflow,AWS Data Pipeline,Azure data factory.

Columnar Store: Hbase and Cassandra Graph Neo4j

Messaging and brokers: RabbitMQ,Apache kafka,SQS,Kinesis,MapR streams ML and Cognitive services platform IBM Bluemix - Cognitive services, Microsoft Cognitive Services APIs, HPE Haven OnDemand,Monkeylearn, BigML and AWS Rekognition

DevOp | Configuration management |Automation tools: Ansible, Ansible Tower,Puppet,Salt,Powershell, Chef,Terrafrom,Cloudformation, Packer(AMI design )Service Discovery Consul and Zookeeper Version Control Git scripting Python and Shell.

Platforms: Twillio

Cluster Management: Mesosphere, AWS and Kubernetes

Data Visualization: Tableau, Spotfire, QlKVIEW,AWS QuickSight

AWS: Amazon Athena,Amazon API Gateway,Amazon CloudSearch,Amazon CloudWatch,Amazon CloudWatch Events,Amazon CloudWatch Logs,Amazon Cognito,Amazon DynamoDB, ECR,ECS,SAmazon ElastiCache,EBS,EC2,EFS,Amazon Elastic MapReduce,Amazon Elasticsearch Service,Amazon Elastic Transcoder,Amazon Glacier,Amazon Kinesis Analytics,Amazon Kinesis Firehose,,Amazon Kinesis Stream,Amazon Machine Learning,Amazon QuickSight,Amazon Redshift,Amazon Rekognition, (RDS),Amazon SimpleDB, SES,SNS,SQS,S3, SWF,(VPC),Amazon WorkSpaces,Auto Scaling,AWS CloudFormatio, AWS CloudHSM,AWS CloudTrail,AWS Config,AWS Database Migration Service,AWS Data Pipeline,AWS Direct Connect AWS Directory Service, AWS Snowball,AWS Step Functions,AWS IoT,AWS Key Management Service,AWS Lambda, AWS OpsWorks Stacks,Elastic Load Balancing,VM Import/Export

Cloud Monitoring /Alerting/Logging tools: (Splunk, DataDog, New Relic, Nagios, Pager Duty, ELK, Application Performance Monitoring, Elastic Search,Loggly)

Data serialization: Parquet,Csv json,Ocr,Avro

Databases: MySQL, Cassandra, MongoDB, MariaDB, DynamoDB, Postgressql,couchdb, Bigquery, Amazon Redshift, Redis, Memsql,Inlfuxdb.

Big Data: HDFS,Apache Flume,Apache Spark,Hive,Pig,Apache sqoop,Cloudera,Hortonworks

ETL Tools: Informatica Cloud, Pentaho kettle, Talend

Switch: 2960,3560-X 3750-X, 3850, 4500,6500 series

Nexus: Nexus 7010 / 5548 UP / 5020 / 2232 PP / 2248 TP / 1000 V

UCS: Fabric Interconnect 6248/6120, IOM 2208/2204/2104 , B200 M2, HP VC FLEX-10

Routers: 800, 2900,3800,3900,7200 series

Routing protocols: EIGRP, OSPF,IS-IS,RIP, RIPv2,BGP, PfR

Switching: Spanning-tree (STP,RSTP,MST), DTP, VTP Ether channel(PAgP,LACP), QinQ Tunneling, ISL, 802.1Q,UDLD,PortFast, UplinkFast, Backbone Fast, 802.1d, 802.1w, 802.1s, RSPAN SPAN

High availability: HSRP, VRRP, GLBP, SSO/NSF

MPLS Technologies: MP-BGP, LDP, MPLS-TE Fast reroute link and Node protection, L3VPN, L2VPN, MPLS QoS

Quality of service(QOS): SLA,LLQ,CBWFQ,WFQ,WRED,HQF,Shaping,Policing,MPLS VPN Qos, NBAR,RSVP

VOIP: Cisco Unified Communications Manager (6, 7, 8.5, 9,10), Cisco unity connection 8.5, Cisco Unified Meeting Place, Cisco WebEx Server, UCCE/UCCX,RTP,SRTP

Security: IPSec VPN, RADIUS, TACACS+, Kerberos, Cisco Authentication Proxy, IOS Firewall, Cisco VPN Concentrators, Cisco PIX/ASA Firewall, Checkpoint Firewall-1, 802.1x, Digital certificates, PKI, HIPS, SNORT.VLAN Access Maps (VACLs),(uRPF), Implement Control Plane Policing (CoPP),NAT,) Private VLANs

Wireless: Cisco Wireless Lan Controllers 4400, Cisco WLC 5500, Cisco Virtual Wireless Controller HREAP, Guest, PSK, 802.1X, WPA/WPA2 with EAP- TLS, EAP-FAST, PEAP, LEAP,WCS, LWAPP, Aruba 3000 Series Mobility Controllers, Cisco Aironet 1100/1200/1300

WAN/VPN: DMVPN, GETVPN, EASYVPN,SSL VPN, TLS, VPLS, CWDM), dense wavelength- division multiplexing (DWDM), EoMPLS

Virtualization: VMware Infrastructure (vCenter, vSphere, ESXi), VSPHERE 6 Cisco UCS, OpenStack, Cisco UCS, FabricPath, FCoE, FEX, Network Virtualization, Nexus, NIV, NSX, NVP, OpenFlow, OpenStack, TRILL, vPC, VXLAN .

Operating Systems: RHEL 5 & 6, Red Hat Linux 8.0/9.0, CentOS-5/6/7, CoreOs,Sun Solaris 10/11, Oracle Sun Solaris 11, Windows 2003/2008/2012 , Unix

Microsoft Azure: Azure Cloud Services, Microsoft Azure, Azure VMs, Azure Virtual Network, Azure Websites, Windows 2008, 2012, Office 365

Analytics Tools: R Studio, Rapid MinerMisc Apache Kafka Manager

Architectures: Event-Driven Architecture or Message-driven architectures

WORK EXPERIENCE:

Confidential

Solutions Architect

Responsibilities:

• Cloud Architecture and engineering.
• Logging and monitoring infrastructure (splunk and elk stack ).
• Event driven security on AWS.
• Building security data pipeline to feed SIEM infrastructure.
• Adhoc rapid prototyping of solutions.
• Infrastructure as code implementation (Git, Jenkins, Terraform, Ansible, Saltstack and Jira).
• Design and operation of scalable, secure and elastic log ingestion pipelines with Kafka, S3, logstash, elasticsearch, ELB and Dynamodb.
• Automation of security and policy enforcement of AWS .
• Automated infrastructure tasks for NOC using Python, Bash, and Jenkins
• Integrated automation 3rd Party RESTful APIs.
• AutomatingSaltStack Configuration deployment using Jenkins to use GitRepo instead of local files.
• Created standardized naming scheme; utilized Ansible to programmatically implement system configuration settings on Fedora/RHEL systems; multiple discrepancies eliminated across systems in two cloud environment.
• Instituted configuration and systems management via Ansible; inventoried and standardized system configurations and package installations; trained other team members in the use of Git and Ansible.
• Responsible design, deployment Operation of a Security Incident & Event Management (SIEM) solution based on Splunk.
• Research and design of IAM methods that involve SAML 2 for secure authentication management in disparate distributed web-based applications that exist in AWS .
• Configured Ansible to manage AWS environments and automated the build process for core AMIs used by all application deployments including Autoscaling, Packer and Cloudformation scripts.
• Design of infrastructure for consolidating and analyzing infrastructure metrics, call center metrcis, helpdesk tickets, infrastructure logs, application logs and security logs.
• Conducted sophisticated security reviews - from high level infrastructure architecture to OS level parameters in order to meet security goals.
• Built extensive grafana + influxdb+ telegraf infrastructure for monitoring, which enticed our Dev teams to adopt statsd for real-time application performance reporting, allowing quicker identification and resolution of production incidents and better performance profiling of releases.
• Designed, implemented ans automated AWS infrastructure for next-generation cloud application using Terraform Cloudformation and Ansible.

Confidential

Solutions Architect and Data engineering

Responsibilities:

• Cloud Architecture and engineering.
• Logging and monitoring infrastructure (splunk and elk stack ).
• Event driven security on AWS.
• Building security data pipeline to feed SIEM infrastructure.
• Adhoc rapid prototyping of solutions.
• Infrastructure as code implementation (Git, Jenkins, Terraform, Ansible, Saltstack and Jira).
• Design and operation of scalable, secure and elastic log ingestion pipelines with Kafka, S3, logstash, elasticsearch, ELB and Dynamodb.
• Automation of security and policy enforcement of AWS .
• Automated infrastructure tasks for NOC using Python, Bash, and Jenkins
• Integrated automation 3rd Party RESTful APIs.
• AutomatingSaltStack Configuration deployment using Jenkins to use GitRepo instead of local files.
• Created standardized naming scheme; utilized Ansible to programmatically implement system configuration settings on Fedora/RHEL systems; multiple discrepancies eliminated across systems in two cloud environment.
• Instituted configuration and systems management via Ansible; inventoried and standardized system configurations and package installations; trained other team members in the use of Git and Ansible.
• Responsible design, deployment Operation of a Security Incident & Event Management (SIEM) solution based on Splunk.
• Research and design of IAM methods that involve SAML 2 for secure authentication management in disparate distributed web-based applications that exist in AWS .
• Configured Ansible to manage AWS environments and automated the build process for core AMIs used by all application deployments including Autoscaling, Packer and Cloudformation scripts.
• Design of infrastructure for consolidating and analyzing infrastructure metrics, call center metrcis, helpdesk tickets, infrastructure logs, application logs and security logs.
• Conducted sophisticated security reviews - from high level infrastructure architecture to OS level parameters in order to meet security goals.
• Built extensive grafana + influxdb+ telegraf infrastructure for monitoring, which enticed our Dev teams to adopt statsd for real-time application performance reporting, allowing quicker identification and resolution of production incidents and better performance profiling of releases.
• Designed, implemented ans automated AWS infrastructure for next-generation cloud application using Terraform Cloudformation and Ansible.

Confidential

Data Infrastructure Engineer

Responsibilities:

• Dashboard to integrate all audit information across the organization to answer who, what, when, about any system in the enterprise to support near-real time operations and executive reporting.
• Providing a unified single pane dashboard solution to access audit and change data .
• Responsible for design, implementation operation of Kafka cluster.
• Implemented real-time ELT (NIFI and Streamset) infrastructure for enterprise analytics.
• Enriching system logging and security data with external sources such as help desk tickets, location and unstructured data etc
• Impact modelling of IT infrastructure with neo4j.
• Data warehouse migration to AWS redshift using Apache Kafka and mirror maker for data migration.
• Responsible for architecture, installation, operation, and tuning of Hadoop/HBase, ElasticSearch, and Cassandra Bulk loading from from disparate data sets into both HBase and ElasticSearch.
• Pre-processing using Hive and/or Pig. Constructing ElasticSearch and SQL queries.
• Planned, implemented, and managed Splunk for log management and analytics.
• Standardized Splunk agent deployment, configuration and maintenance across a variety of UNIX and Windows platforms using anisble for automation.

Confidential

Network and Security Architect

Responsibilities:

• Implementation of 802.1x implementation for school system to improve security as per security audit recommendations.
• Responsible for providing effective support for over 200 sites interconnected through a complex WAN using various technologies such as Frame Relay and Fiber TLS connection via ISP.
• Lead Aruba Enterprise Wireless LAN design and deployment including 2000 + Access points, Integrated solution with Active Directory Team enabling secure connection via user logins
• Implemented VLANs, routing protocols and network infrastructure standards
• Recommending investments in new networking technologies to senior management where warranted; and providing consultation during the planning and implementation of successfully tested new technologies
• Architected and developed solution for streaming telemetry data from routers, switches to build fault analytics systems in splunk
• Enriching and providing context to machine data from high level data such as user location, remedy ticket information, custom risk scores e.t.c using Splunk DB Connect.
• Responsible for the Design and maintaining production-quality dashboards with splunk
• Designing reliable, efficient queries that will feed custom Alert, Dashboards and Report.

Confidential

Senior Enterprise Network and Data Center Engineer

Responsibilities:

• Responsible for designing, configuring, testing, deploying and supporting technical solutions.
• Manage initial design and evolution of Switch Architecture and Platforms, utilizing VoIP Protocols and standards including SIP, MGCP, H323, and SCCP.
• Responsible for end-to-end implementation of VoIP systems from a call processing perspective, including verification that individual VoIP components are operating in accordance with their respective product specifications, as well as testing of the VoIP System for operational readiness.
• Migrated over 15,000 users Nortel PBX to cisco unified communication cluster.
• Use BAT tool to import/export users and phones.
• Troubleshoot and solve customer ticket requests such as dialing/routing issues, name/extensions changes, voicemail password resets, and CCM user issues.
• Provided level 1 and level 2 technical training on troubleshooting CUCM and ip phones issues for junior engineers.
• Integrated voice gateways with new cluster.
• Created network diagrams for gateways, phones, call flow and network connectivity to other sites.
• Responsible for design, staging, configuration, implementation, and support for VoIP installations as necessary.
• Implemented and troubleshooted T1/E1, PRI,T1/E1 CAS,H.323,MGCP,SIP,H.323, RAS,IP-IP Gateway/CUBE.

Confidential

Unified Communication Engineer

Responsibilities:

• Responsible for global operation for over 700 sites across the globe from a networking angle.
• Providing high level technical support, including identifying and resolving problems on a daily basis.
• Worked on Voice Gateways, Communication Manager, including VMware installations and complete implementation of voice network
• Responsible for technical coverage on communications and associated server platforms such as Cisco TelePresence servers.
• Responsible for site consolidation and migration globally.
• Providing a clear and comprehensive understanding of the networks by authoring and maintaining documentation of the network configuration and training.
• Provided troubleshooting, analysis, and design support for the Global Network Services (GNS) team, including resolving complex large-scale WAN, routing, switching, data center, Quality of Service, and application networking issues.
• Provided network integration services for new acquisitions, to bring acquired companies on the corporate MPLS backbone.
• Managed over 300 routers, 2,000 switches, and 200 WAN accelerators.
• Was responsible for testing, evaluating, and implementing new network products, services, protocols, methods in a lab environment to provide proof of concept for emerging technologies.
• Analyzed network performance and health using NetQOS suite of NetFlow and SNMP products.
• Redesigned entire legacy Internet-based IPsec WAN to a QoS-aware MPLS VPN network with Verizon Business, AT&T, and Telstra International service providers.
• Implemented Layer 3 and Layer 2 QoS on all HQ and branch office sites.
• Extensive experience in resolving difficult routing, switching, application networking, and hardware issues

Confidential

Network And System Engineer

Responsibilities:

• Provided network design, implementation guidelines and strategic advice to clients.
• Worked with large ISP on QoS architecture, business case, risks, and impact statements.
• Produced configuration templates for initial deployments, including support for VoIP and Streaming Video on Demand.
• Led a major initiative to develop a roadmap and standards to oversee all aspects of the Douala Sea Port Authority mission critical network Infrastructure consisting of over 25 routers,100 switches, 100 VLANs, and 5 pairs of Cisco Firewall Switching Modules (FWSM).
• Bootstrapped a small NOC using HP Openview and Solarwinds aimed at providing proactive response to network outages and performance issues before they became evident to network end-users.
• Performed installation, device population, SNMP trap tuning, and other integration with HP-OpenView Network Node Manager and Tivoli Netview for our network operation center.
• Designed enterprise wide QoS architecture which enforced stringent service level agreements, enabling network-wide resilience and increased network availability.
• Produced configuration templates for initial deployment, including support for VoIP and Streaming Video on Demand.

Confidential

Network Engineer

Responsibilities:

• Reviewed design for High Availability, L2 and L3 switching to the access layer, L2 security, QoS, IP multicast, Confidential module deployment, and Cisco controller-based wireless networking.
• Conducted initial configurations for Active Directory, Exchange, DHCP, DNS, WSUS, WDS, Antivirus and backup servers.
• Provided server consolidation with VMware for small and medium size businesses.
• Consult businesses on upgrading, enhancing, and replacing legacy network systems with new LAN/WAN technologies.
• Performed TCP/IP packet-capture analysis for forensics, network troubleshooting, and security.