EXECUTIVE SUMMARY

• A technology oriented professional with 12+ years of rich and extensive experience in IT Infrastructure Solution Architect, On Premises Data Center Solutions, VMware, Public Cloud and Private Cloud of Amazon.
• A Cloud evangelist having strong technical and delivery solution experience on AWS Cloud, application assessment for cloud migration. Proficient in analysis, design, implementation and maintenance of complex computing environments.
• An effective leader with excellent team management, communication, analytical & relationship management skills.

TECHNICAL SKILLS

Firewall: Linux firewall using iptables

Databases: MySQL, Oracle 10G Dynamo DB

Tools: Putty, Mobaxvt, SQLPlus, HP ILO, VNC, AOTS, Netcool, CAMCS

Languages: basic C language, bash shell program, Perl Program

Network Protocol: tcp/ip, nfs, dhcp, http, netbeui, smtp, SNMP, icmp, ftp, telnet, udp, spice, tftp

Operating system: Red Hat RHEL 6/7, Sun Solaris 10/11, Windows 2k8, Windows - 2012, SuSe 10/12, Ubuntu 12/14 etc.

Application: IBM Netcool, Patrol, BMC AOTS ticket system, web telaert, Webmin Linux admin tool

Cloud Technology: Oracle SQL plus, Enterprise management consoleEc2 instance, EBS volume, ELB, Route 53, S3 Storage, RDS database, amazon SQS, IAM and Cloud Security, VPC Peering, Nagios and Cloud Watch Monitoring toolsDocker HUB, Build, Images, Layers, Docker file, AUFS, Volumes, Virtual bridge, Network and Security Firewall

PROFESSIONAL EXPERIENCE

Confidential

Tech Lead (AWS Cloud)

Responsibilities:

• Deployment & configuration of different EC2 instance types like CPU/MEM/ I/O intensive applications. Leverage AWS cloud services such as EC2, auto-scaling and VPC to build secure, highly scalable and flexible systems that handle expected and unexpected load bursts.
• EBS Volume creation, attaching/detaching EBS volumes, taking snapshots and backups, AMI creation, volume encryption, ec2 instance metadata
• EC2 instances configuration for auto scaling group as per application load requirement, application fault tolerance configuration and EFS file system configuration for multi node instances. troubleshooting of EC2 instances and standby mode
• Configuration of web URLs for hosted domain in route 53 and as per required route 53 policies and application health check and fault tolerance.
• Proficiency in AWS command line and S3 CLI, debug and syntax check. Rsync open source data backup to S3 storage.
• S3 object storage bucket management- S3 Standard and S3 IA, Glacier and life cycle management, S3 versioning and cross region replication, migrate recurring jobs by S3 transfer acceleration. delegate access across AWS accounts via switch role and customized JSON Policy, assign Inline policy to cross account User for bucket access. copy two different account objects with recursive copy.
• cloud front origin creation, distribution and edge location. Setting up invalidation for cached object if object not required in cache. Setting up web/rtmp distribution, setting up signed URLs with JSON Policies. Creation of custom origin like on premises web server for cloud front distribution.
• Glacier vault creation and multipart upload and archives retrieval, configuration of MFA delete for S3 bucket.
• Configuration of ELB - Classic and ALB and associated health check. Network bandwidth benchmark check between internal network EC2 Instances by iperf3.
• SAML 2.0 and OPENID Connect, STS Service
• Knowledge on configuration of SQS, SNS application services. Kinesis real time data streaming for analytics.
• Knowledge on exporting VM's from VMware Vcenter server to AWS amazon EC2 and AWS management portal for Vcenter.
• Knowledge on creating Docker containers leveraging existing Linux Containers and AMI's in addition to creating Docker containers from scratch.
• Knowledge on Docker Install and configure docker containers on Ubuntu and Cent OS. DTR docker registry and docker HUB, moving docker container from one node to other, docker AUFS and union mounts FS, docker daemon services, creation of DockerFile Syntax and commands, docker images and layers. Docker run time application process affinity to CPU, Memory or Network I/O.
• Docker container build, install and configure for demos like Node JS, WordPress site applications. Docker containers linking and Docker network security and firewall
• Knowledge of Chef server build install and chef client configuration. Chef command line tool and ohai command. Knife command line tool, cookbooks and recipes, chef client install on nodes. Knowledge of ruby language and syntax.

Confidential

Sr. IMA Associate (System Lead)

Responsibilities:

• Preparation of High level design, Road maps, POC implementations for AWS Cloud technologies
• Writing technical documents of system design, application integration data flow diagrams and operating environment
• Working closely with business, understand and incorporate requirements in Infrastructure Architecture, evaluate risk and mitigation
• Consolidation of system manager inventory to collect OS details, application details, EC2 instance system meta data. Evaluate and implement cost control strategies for AWS cloud environment.
• Identify appropriate use of AWS operational and security best practices, use of AWS architectural best practices

Confidential

Responsibilities:

• On premises hosted application's assessment for cloud migration. Applications were aviation industry domain.
• Detail study about application and its data type, application data flow and its interfaces, application security and compliance.
• Schedule technical discussion with application architect; understand risk and challenges of applications and risk mitigation plan
• Design high level TO-BE architecture of application for AWS cloud and DR region setup.
• Migration of local data center servers to AWS cloud.
• IAM users/group configuration, role configuration, creation of customized JSON policies and IAM roles as per requirement. Creation of EC2 Instances, VPC network and assigned Roles and permissions via IAM key management
• Install and configure RDS MySQL DB creation on EC2 instance via CLI mode, JDBC connect string for application and DB, Build and install Oracle RDS on AWS cloud. RDS deployment in Multi AZ and read replicas for DB performance.
• Build and configure custom VPC of different CIDR block, configuration of Public/Private subnets, IGW, VPG, NAT instance and NAT G/W. Set up and Configuration of OPENVPN client to access AWS private VPC over VPN connection. creation of VPC peering between two custom VPCs.
• Oracle experience and aware of oracle DB architecture and SQL commands, Oracle DB role provision for users, user schema creation and user drop on DB’s.
• Oracle DB installation and configuration of parameter file, SQL basics data dictionary tables, User Schema and role privileges for DB users, OS kernel parameter tuning for better DB performance, Oracle listener configuration etc.
• Creation of generic ID’s through (Control Minder) on Unix platform and its sudoers access to required group membership. Implementation of control minder ACL for file system permission for required group/users/generic id’s etc.
• Monitor service requests in ticketing system; manage resolution and closure of tickets. Coordination with other teams for resolution. Manage service tickets distribution among team.
• Windows AD domain and AD user’s administration, user account management and role/privileges for AD users, NTFS permissions, Device management and device driver’s installation on windows.
• Create Change requests and working on Change requests, implementing changes in production, change deployment plan and monitor its execution during the maintenance window of the application.
• Apache install and configuration, virtual site hosting Web server security, User configuration and authentication on Apache, SSL cert configuration, NGinx reverse proxy server used for load balancing, Caching for better performance
• Experience on tools and utilities using scripting or other programming languages like C, shell script, Perl to automate processes and maintain the application environments.

Confidential

Data Center Operations

Responsibilities:

• Ufsdump and Ufsrestore, fssnap of filesystem, Flash Archives on Solaris 10 OS.
• Solaris volume manager root mirror building and maintenance, RAID mirror creation on boot device, boot device set up Confidential OBP prompt and OBP commands on Solaris. Solaris RBAC, user roles, authorization and profile
• Disk partition on Solaris with prtvtoc and fmthard commands
• Solaris zones creation, configuration, basic experience of ZFS file system and raid device configuration using ZPOOL. Solaris Zone set up on ZFS file system.
• Experience on Sun E10K hardware, SSP (system service processor) and system board replacement.
• Sun fire E2900/V1280, LOM prompt and system board replacement, firmware upgrade
• LUXADM command and disk replacement on fabric sun storage array.
• VXVM 3.5/4 install on Solaris, VXDISKADM utility failed drive replacement, and fiber connected disk/LUN and maintenance. Creation of root mirror on VXVM.
• LUN/File system allocation for different database and applications according to the user requirement and mount point creation

Confidential

System Admin (RHEL 4/5) oracle 10G DB Sr. Support Engineer

Responsibilities:

• Worked as Linux Sys Admin and Oracle DB support engineer on 10g RAC, with Confidential . Ltd., activities include installation / configuration of 10g RAC on SUSE Linux 10 Server consisting of a multi-node cluster database and external storage (from EMC) configuration on Oracle ASM file system, configure ASM file system, NIC Bonding and required Kernel Parameter changes as per database team requirement. Activity involves troubleshooting of database clusterware and Node addition/deletion from the oracle 10g clusterware database.
• Configuration of software mirror RAID, LVM logical volume Manager on Linux, knowledge of different backup mechanism on Linux like rsync, tar, zip, dump and restore Linux partition etc.
• Write small shell scripts and automated it in crontab for job scheduling, configuration of Logrotate daemon to keep file size in control. Experience on compile installable by make and make module configure, make install on Linux.
• Working experience of Linux processes, setting of process priority and forking the process to make it as service daemon, setting of environment variables in Linux for compilation of java objects.
• Working knowledge of file system scanning, troubleshooting software corruption of file system and maintenance of file system.
• Configuration of Linux as router for different subnets, firewall configuration of Linux os using iptables and different chain rules and chain policies.
• Configuration of TCP Wrappers for server security.
• Knowledge of Linux OS performance commands like VMSTAT, IOSTAT, TOP, SAR etc. and tuning of different kernel parameter, setting shell limit parameters for normal users.
• Administering Windows 2003 Active Directory domain environment, managing User Accounts using LDAP Group membership, Permission assignment

Confidential

Asst. System Admin Red Hat Linux (Mail Server Admin)

Responsibilities:

• Implementation and configuration of Squid proxy server (web caching server). Configuration of different authentication schemes like PAM, NCSA, etc. Also configured Squid with DNS and FTP.
• Implementation and configuration of various user access control policies like time-based access, data download limit, blocking of websites and instant messenger apps, Performance tuning by setting caching limits.
• Port routing for http traffic, especially for products like Trend Interscan. Integration of Trend Interscan with Squid for http protocol scanning (to eliminate viruses and trojans).
• Installation and configuration of transparent proxy gateways using iptables.
• Configuration of secure VPN tunnels, based on IPSEC protocol on Red Hat AS 4 Linux, between 2 different WAN networks over the internet.
• Qmail MTA - Installation and source code compilation of Qmail 1.05 / 1.03.
• Installation and integration of McAfee and clam antivirus into the Qmail scanner. Configuring automatic update of antivirus using CRON jobs. Integration of SPAMD daemon with Qmail to filter spam mails.
• Configuration of automatic email forwarding for user wise, group wise and IP wise scenarios.
• Implementing mailbox policies governing mail size, attachment size and other similar restrictions. Blocking of mail relaying by defining allow and deny domains and other similar policies.
• Installation and configuration of Qmail-LDAP patch for LDAP email user database and address book features. Setting up of address books on the server. Installation of SQUIRREL mails with Plugin’s for webmail access.
• Configuration of COURIER-IMAP in standalone mode for IMAP protocol, with support for mailbox quotas, mail size restrictions, and so on. Configuration of Qmail for external SMTP AUTH, in order to allow mail relay for external users.
• Setup and configuration of firewalls.
• Implementing various firewall policies consisting of port blocking, port forwarding and routing (with iptables).
• Network Address Translation (NAT) for IPs using iptables.
• Standard authentication using Pam modules. User access control to allow or deny login using Pam modules.

Confidential

Customer Support Engineer

Responsibilities:

• Working as support engineer for different cliental places in and around Pune.
• Installation of antivirus server client software suits and its configuration Confidential cliental places.
• Installation of Trend Micro, Mcafee server client suite, Trend Micro Interscan messaging system, Norton antivirus suite etc.
• Configuration of antivirus for internet proxy server e.g. Microsoft ISA server & Linux HTTP server for HTTP port and http traffic scanning Confidential gateway level
• Configuration of antivirus for SMTP port for mail scanning and spam mail filter Confidential gateway level for virus free mail delivery system.
• Installation of security patches on servers and desktop for windows 2K, 2K3, servers and Windows XP recommended by Microsoft.
• Resident engineer Confidential R&D (Research & Development) Dighi Pune for corporate level security and virus free network environment.