SUMMARY:

• IT Professional with over 15 years of experience in AWS,Cloud Administration, Systems and Networking
• AWS and Azure Cloud Infrastructure designing - 5+ Years of experience
• Systems, Servers and Network infrastructure designing and administration - 8 Years of experience
• Designed AWS Public cloud infrastructure in three different AWS region - N Virginia,Ireland,Singapore
• Designed and Configured Hybrid Infrastructure - between On-Premises and AWS Cloud
• Configured static VPN configuration between AWS, On-Premises, SunGard and HE data center
• Configured IAM roles for user level access security
• Configured AWS security groups and Network ACLs policies for additional layer of security
• Configured VPC landscape for 4 different environment - Dev,Testing,Prod Test and Production
• As per the requirement configured AWS services - S3, Auto Scaling, Cloud Watch, CloudTrial
• Designing, Migration, Configuration, documentation and administration of Microsoft Office 365
• Configured SVN - Subversion for repositories under AWS with AD authentication
• Configured DUO Mobile software for additional layer of security during instance login
• Installed GoAnywhere on- premises SFTP and its user and security administration
• Participated in Disaster Recovery infrastructure design and executions as per SSAE 16 audit
• Participated in every 6 Months SSAE 16 audit - for production environment
• Initiating and designing Prod System penetration testing with our technology partner Locuz.
• Configured and applied Trend Micro Enterprise edition Anti Virus policies across AWS and on-Premises

SKILL SET AND PRODUCTS:

Cloud Platform Services: AWS and Azure EC2, IAM, RDS, S3, ELB, Simple DB, Auto Scaling, SES, SNS, CloudWatch, Cloud Trial services in Amazon Web Services (AWS)

Virtualization: Hyper-V

Monitoring: Splunk, CloudWatch

Scripting - Python, Ansible, Shell:

Anti - Virus: NOD32, Norton, Trend Micro, CrowdStrike & AVG (Enterprise Editions)

Cisco Switches: 1900, 2940, 2960 Catalyst, Cisco 3560E

Cisco Routers: 800, 2500, 2901, 2951, 3700

3Com Routers: 6000 Series, 3000 DSL Series

3Com Switches: 8800 & 7750 Modular Series

Firewalls: Cisco Pix 515E, Cisco ASA 5510, 5520, Sonic wall Firewall

Operating Systems: Windows server 2k3/2k8/2012, Windows 8.1,8,/7/XP, Linux, Centos.

Database: MS-SQL, MY-SQL and SQL server 2008.

Linux Security/Firewalls: SSH Tunneling, CSR, SSL/TLS s, IPTables.

Mail Servers: Cloud Office 365, Exchange server

Web Servers: Apache and IIS Web Servers.

Infrastructure Services: DNS, DHCP, SAMBA, NFS, DFS, FTPStorage Solution Free NAS, Dell Equallogic, Star Wind, LVM & RAID Level Configuration

Backup tools: Symantec Backup ExE&NTbackup.

Ticketing tools: Bugzilla, Quick Base, Goto assist and CA Nimsoft.

Logs reporting tools: Webalizer, AWSTATS

PROFESSIONAL EXPERIENCE:

Confidential, Detroit, MI

Cloud Architect/CloudOps Lead

Responsibilities:

• Configuration of AWS VPC, EC2, S3, ELB, Route53 and IAM
• Creating AWS IAM Roles, Policies and Groups
• Configuring S3 Storage buckets, Versioning, Bucket Replication
• Deploying Security policies across existing and in new S3 Buckets
• Deployment of application and DB into AWS Dev/QA/Prod Environment
• Documentation of AWS Infra deployment
• Scripting and Automation of AWS IAM Roles
• Automation for Cloud Infrastructure and Services Inventory
• Configured security services - AWS Manager, Macie
• Configured alerts from the CloudTrail, Cloudwatch logs
• Server Builds and Store configuration on Azure Cloud
• Providing solution for Application Infra scalability
• Technical Solution for Autoscaling and Autoscale across AWS and Azure
• Cloud Infra Performance Monitoring and providing solutions
• Managing Infra and Application security across AWS and Azure
• Managing and Configuring Application security using AWS WAF
• Configuring and deploying Cloud SCP Confidential Org level
• Automate deployment of server level security tools - Tennable, Nessus, Crowdstrike
• Patching Cloud Infrastructure Servers
• Deploying EMR,Elasticbeanstack, RDS Scalable Clusters
• Backups - AWS and Azure Infrastructure
• Migrating existing AWS users to new AWS IAM Polices
• Creating new AWS IAM Service User Account
• Creating new AWS Sandboxes Accounts for short term development and testing
• Creating New Security Policies as per approved guidelines
• Troubleshooting existing and new AWS account infrastructure setup

Confidential, Oakland, CA

Cloud Architect

Responsibilities:

• Using Cloudformation for AWS Cloud Infra
• Auto deploying packages using Ansible
• Configured Billing alerts
• Configuring IAM users and assigning respective permissions
• Creating local and cross account IAM Roles
• Deploying and auditing AWS Cloud Governing policies
• Configuration of Network ACL and Routing Tables
• Configuration of AWS Elastic Load balancer and Auto Scaling
• Defining security policies for public storage - S3 and Glacier
• Attending live sessions provided by AWS
• Automating Cloud Infrastructure backup
• Backup and Restore - AWS - AMI, EBS, Snapshots
• Supporting Tier 3 issues and tickets related to AWS Cloud and its Security
• Coordinating with Tier 3 team in creating new Federal application users
• Coordinating with Tier 3 team in assigning correct and minimal secured Roles

Confidential, New York, NY

Cloud Architect/Security

Responsibilities:

• Creating new AWS Linked accounts under the Master Pair
• Applying Comcast Cloud Governance Policies to new accounts
• Configuring existing accounts with Comcast Cloud Governance policies
• Creating Predefined AWS Roles for respective users to assume
• Roles for EC2, ECS, ES, Lambda, S3, IAMPassRole, DynamoDB
• S3 Roles and permissions for Bidirectional replication
• Configured Repokid - This provides details of Roles deployed under an account
• Configuration and administration of Splunk for CloudWatch and Cloud Trail logs
• Configured SSO for Splunk
• Creating users with requested access under Splunk
• Documenting all configuration done on Cloud
• Configured VPC, SG, NACL, ELB, RDS, VPC Peering
• Brought up Hybrid network by configuring IPSEC VPN Tunnel and DirectConnect
• Configured AWS Sandbox account ( shared account ) for short term development and testing
• Configured VPC Isolation policy under AWS Sandbox account for security
• Upgrading EC2 once they are on retiring stage
• Using DevOps model for CI/CD
• Using Cloudformation for AWS Cloud Infra
• Automating regular Infra task using Jenkin
• Auto deploying packages using Ansible
• Configured Billing alerts
• Attending live sessions provided by AWS

Confidential, San Francisco, CA

Cloud Architect

Responsibilities:

• Designing AWS Infrastructure for Dev, Test, Impl 0, Impl 1 and Prod Environment
• Designing AWS VPC Infrastructure as per Federal Information Security Management Act (FISMA)
• Documenting all Infra setup and Application Software Installation
• Attending and Leading CMS Federal TRB - Technical Review Board and DDR - Detail Design Review Presentation and Meetings
• Design Includes Application, Data, Management and Network Layer
• Configuration of AWS Instances and EBS Volumes as per the design
• Configuration of AWS VPN Direct Connect between AWS infrastructure and CMS Data Center for MicrostrategyReporting
• Configuration of AWS VPC Peering between CMS AWS Application and CMS AWS Web Layer ( This is residing in another AWS VPC - CMS Federal Portal )
• Designing and Configuring S3 Storage for all the environments
• Configuration of AWS Security Groups
• Configuration of Network ACL and Routing Tables
• Configuration of AWS Elastic Load balancer and Auto Scaling
• Configuration of AWS RDS PostgreSQL Instances in Multi Availability Zone
• Creating Scripts for Application Services control
• Configuration and designing AWS Cloud Watch and Nagios Monitoring Service
• Administration of EC2 Instances, Creating Login IDs and assigning respective permissions
• Configuration and Administration of Jira and Confluence
• Creating Jira users, Jira Backup and Restore and modifying default field as per CMS request
• Configuration of Jenkins for CI
• Troubleshooting Dev and DB users when accessing AWS environment and its services

Confidential, Dallas, TX

Cloud Architect

Responsibilities:

• Design/Develop/capture/document architectural best practices for building systems on AWS Cloud
• Drive and influence AWS Cloud revenue in EMEA
• Creating the instances on VPC using all the services in AWS.
• Installing and Maintaining DHCP Server
• Installing and Maintaining DNS Server
• Windows Group Policy Implementation
• Troubleshooting Windows and Linux Server application issues
• Configuring SVN Teamforge and integration of multiple SVN servers under one Master Server
• Integrating SVN with Windows Active Directory for authentication
• Restricting and providing SVN users access to a particular SVN path
• Data replication using Allwaysync and ViceVersa software
• Data replication over LAN
• Data replication over WAN
• Designed and configured Hybrid Infra between Physical Data Center and AWS Cloud
• Defined ACL in AWS Cloud for Hybrid application connectivity
• Managing large and significant cross-functional programs and projects on AWS
• Defining and reviewing systems-level technical designs and user models
• Release management of all significant public EC2 launches under AWS
• Working with technical and non-technical teams across Amazon Cloud
• Configured Linux, CentOS and Ubuntu Servers for application teams under AWS Cloud
• Configured Linux and CentOS servers for Big Data setup
• Knowledge of Docker - making containers and helping in deploying especially on Windows environment
• Installed Redis and Cassandra - Big Data Software
• Integrated and configured Linux and CentOS Servers for joining domain
• Successfully completed Disaster Recovery - DRP for production domain under SunGard Data Center
• Successfully all backups - Application and Data base were restored under Disaster Recovery
• Documenting and handing SSAE 16 Audit on AWS Cloud Infrastructure
• Implementing new IT Security Policy on AWS Cloud as per SSAE 16 standards
• Designed, configured and implemented AWS network across three region - US, UK and Singapore
• Creating VPC - Virtual Private Cloud under AWS System as per the requirement
• Creating new Instances under AWS System as per the user requirement
• Created around 580 High performance instances under AWS Cloud
• Integrated AWS Network with our existing production and corporate network
• Extended our Active Directory System to AWS System for high security ADFS
• Implementing Windows Group Policies
• Configured VPN between AWS and Steelwedge Global Network
• Configuration of VPN using ASA 5510 and ASA 5520 Cisco firewalls
• Configuration of Network Access List on Cisco ASA
• Configuration of NAT and No NAT statements when configuring public URls and under VPN respectively
• Creating AMI and its restorations under AWS System
• Configured S3 Bucket - backup storage for AWS System
• Configured Cluster between two AWS Instances
• Migrating AWS Cloud EC2 Instances to AWS Cloud VPC
• Designing AWS VPC Cloud for large Instances
• Creating AWS Cloud AMIs and restoring same successfully
• Managing AWS instances for auto shutdown if not in use
• Configuring VB and Power shell scripts for Disk space, uptime and availability alerts
• Migrating user mail box from on-premises to Microsoft Office 365 Cloud
• Configuration and administration of Microsoft Office 365 - Creating user IDs, Distribution list email IDs and their Mail box size and permissions
• Office 365 mail forwarding setup. applying security policies - IP white list
• Managing Office 365 User licenses and auditing
• Assigning Lync - Skype for business licenses to user under Office 365
• AD federation between on-premises and Office 365 Console
• Configuring 365 ADSync Software for AD Sync
• Raising ticket with Microsoft 365 team in case of critical incident
• Designed Dual authentication during login for our Production and Test Domain Servers - DUO Security
• Designed Dual authentication during login for our AWS Cloud Infrastructure - DUO Security
• Managing and assigning required access levels for authentication under DUO Security
• Installing - SQL Server, WebLogic, Visual Studio Ultimate and all Microsoft Software
• Implementation of FAST, Virtual and Thin Provisioning on VMAX storage array
• Major s - Cloud IT infrastructure Projects
• Designing and successfully implementing SVN in AWS Cloud - Subversion Server with applied access policies
• Designed and Configured AWS System across Global regions - US, UK, Europe and Singapore
• Successfully configured VPN tunnel between AWS regions and SW Global network
• Designed and configured Password Expiry Email Notification system in AWS Cloud
• Configured Cloud Load balancer and NAT Server
• Successfully joined 85 Linux and CentOS Servers to Windows Domain for AD authentication
• Migrated data from old SAN System to New SAN setup
• Configured large Virtual Server -Virtualization (Hyper-V)
• Successfully completed three DRP - Disaster Recovery for Production server under SunGard Data Center
• Documenting all the IT policies and successfully clearing SSAE 16 Audit
• Maintaining all new IT projects and regular IT policies are in compliance with SSAE 16

Confidential

Computer Engineer

Responsibilities:

• Maintaining pool of Desktop, Servers, Storage Devices
• Installing and troubleshooting Internet Usage Control Websense and K9 Software
• Monitoring and Generating report Daily, Weekly basis.
• Maintaining and Troubleshooting Sonic Firewall over the network
• Configuration of 3Com Modular Routers & Switches
• Configuring Red Hat Linux 5.0 ( File Storage Server over Lan )
• Configuring and Working on SAMBA Server
• Creating Samba Server Users, Authentication
• User level Permissions, File level Permissions over Samba Server.
• Installing Webmin on Linux for Remote administration.
• Installing various services and Packages such as rdesktop, NFS.
• Taking backup of Linux using SCP ( Secure Copy Over Network )
• Interacting with IT Vendors for best possible Hardware and Software available
• Installing Projectors, CCTV over the network and its backup
• Maintaining Exchange Server 2007.
• Users Mail Archive backup
• Configuration and Posting information on Public Folders
• Moving user Mailbox
• Assigning Storage, sending, Receiving Emails restriction
• Assigning Multiple Address for a single Mail Box.
• Configuration of Firewalls ( Sonic Firewall )
• Restriction of Users over Internet with the help of Firewall

Confidential

Senior Network Engineer

Responsibilities:

• Installing and Maintaining Exchange Server 2003
• Configuring Cisco Router and Switches
• Upgrading LAN and WAN according to Company requirement
• Maintain pool of desktop PCs and note book computers
• Creating users, giving permission to specified users
• Configuring RIP protocol for point to point connection
• Configuring Vlans, Implementing Dhcp and Natting
• Troubleshooting Exchange Server 2003
• Taking PST ( Mail Archive ) Backup over the network
• Configuring Clients Microsoft Outlook 2003 and 2007
• Splitting Mail Archive ( PST ) for quick viewing
• Integration Exchange Server with Anti Virus and Anti Spam
• Configuration of NAS over the network for Imp Files backup
• Preparing IT Budget for the company
• Scheduled backup of Active Directory.
• Creating User, User profiles, Permission Levels.
• User Logon Policies, Password Policies,
• Files Sharing Permissions over the network
• Configuration of Linksys Print Server
• Maintaining and generating report of 3Com Network Analyzer
• Installing and troubleshooting Network Printers, Network Printer Plotters
• Configuring and maintaining Web Servers
• Working on in and out bound mail content checking software
• Data Base, File server, Exchange Server backup using Backup EXE Software
• Mac Apple PC Connectivity over Microsoft Windows Network.
• Mac PC File sharing over Windows Network
• Mac PC Network Printer configuration
• Configuration of Sonic wall firewall
• Troubleshooting, restriction and authentication in firewall
• Daily Job of Maintaining 123 Clients (Users), 13 Laptops, 2 Windows Servers (Domain Controller), 2 Exchange Servers, 2 Database Servers, 2 File Servers and 1 NAS Server.
• Configuration of Public folders
• Taking All above Servers Backup on HP Ultrium Tape Drives
• External Hard Disk ( 100 GB - 120 GB ) for Confidential files backup for top Executive

Confidential

Network Engineer

Responsibilities:

• Installing and maintaining wireless network, resolving wireless network related problems
• Installing access point, Bridges, wireless routers, providing new wireless network design.
• Implementing third party software such as Netware remote access Server
• Installing VOIP phone for Long Distance call
• Maintaining Wireless LAN and WAN connectivity.
• Installing and Maintaining Network Antivirus ( Nod 32 )
• Configuring and maintaining FTP server
• Installing and working on Centralized Monitoring Capability Software
• Taking Server backups
• Monitoring Internet Traffic over the network