SUMMARY

• A self - motivated AWS Cloud Engineer offering about 6 years of experience in Cloud, Linux and Windows environments wif proficiency in cloud orchestration, security, identity & access management, monitoring and event management, governance & compliance, application delivery, data protection, image and patch management, self- service and ops analytics in AWS platform.
• Used Python for serverless compute Lambda for event driven.
• Use Python for mandatory tagging of resources
• Use Python for deletion of idle EBS volumes, unattached EIP addresses
• Created an event-driven proof of concept serverless architecture dat uses managed services dat are appropriate for teh expected data flow and scaling requirements
• Defined methods for failure management, performance testing, and application auditing wifin teh serverless architecture
• Deployed an update to teh serverless application wifout downtime
• Good Linux administration experience (Trouble shooting, Managing Users, Disk, Directories and Files, setting permissions, installing packages, Managing System Services and Scheduling Cron jobs).
• Configuration of Continuous Integration (CI) and Continuous Delivery (CD) using Code Pipeline and Code Deployments for automation
• Containerization automation wif tools such as Docker, ECR, Fargate and Kubernetes and Docker swam etc.
• Migrating of resources to AWS wif VM import/Export, AWS Database Migration service, Cloud Endure

TECHNICAL SKILLS

Cloud Orchestration/Automation: AWS Cloud Formation, AWS Lambda, AWS Systems Manager, AWS SSM Parameter Store, Ansible, Docker, Terraform

AWS Security: AWS Security Hub, AWS Guard Duty, AWS Shield, AWS Firewall Manager, AWS Inspector, etc.

Monitoring & Event Management: AWS CloudWatch (Events & Logs), AWS SNS, AWS S3

Identity & Access Management: AWS Organization, AWS IAM, AWS AD Connector, Active Directory, AWS Workspaces, AWS Secrets Manager, etc.

Governance & Compliance: AWS Config Rules, AWS Organization, AWS Control Tower, AWS Trusted Advisor, AWS Well Architected Tool, AWS Budgets, AWS License Manager, etc.

Programming Languages: Bash, JSON, YML, Python

Application Delivery: Jira, Confluence, Jenkins, Bitbucket, AWS Code Pipeline, AWS Code Commit, AW

Data Protection: AWS Certificate Manager, AWS KMS, Snapshot Lifecyle Manager, AWS Cloud HSMSelf Service Service Catalog

Network: VPC, VGW, TGW, CGW, IGW, NGW etc.

Image & Patch: AWS SSM Patch Manager, AWS Gloden AMI Pipeline

Ops Analytics: Splunk

AWS Platform: AWS CloudFormation, AWS Lambda, AWS Systems Manager, S3, VPC, EC2, ELB, RDS, SNS, SQS, SES, Route53, CloudFront, Service Catalog, AWS Auto Scaling, Trusted Advisor, CloudWatch etc.

PROFESSIONAL EXPERIENCE

Confidential, Boston, MA

AWS Architect

Responsibilities:

• Developed and leveraged baseline and custom guardrails, policies, centralized policy enforcement, tagging policies and a well architected multi account environment.
• Implemented and automated security controls, governance process and compliance validation.
• Defined and deployed monitoring, metrics and logging systems in AWS
• Designing, planning, and implementing cloud computing systems using Infrastructure as Code tools like Terraform and Cloud formation
• Implemented systems dat are highly available, scalable and self-healing on AWS platform
• Designed and deployed dynamically scalable, highly available, fault tolerant and reliable applications in AWS
• Selected appropriate AWS services to design and deploy an application base on given requirement Implemented and automated security controls, governance process and compliance validation.
• Defined and deployed monitoring, metrics and logging systems in AWS.
• Implemented systems dat are highly available, scalable and self-healing on AWS platform.
• Designed and deployed dynamically scalable, highly available, fault tolerant and reliable applications in AWS
• Selected appropriate AWS services to design and deploy an application base on given requirement Implemented Machine Image Pipeline and integrated Patch Management
• Migrated legacy applications to AWS cloud environment.
• Leveraged Docker to build, test and deploy applications in different environments.
• Developed LLDs for migrating various applications including network sizing, Instance types, names, tags etc.
• Developed required and optional tagging reference document for automation, compliance and consolidated billing
• Developed baseline VPC and Network design including leveraging VPN connectivity and Direct Connect
• Developed baseline AWS account security, implemented/integrated end-point protection, vulnerability scanning and intelligent threat detection
• Built serverless architecture wif Lambda integrated wif SNS, CloudWatch logs and other AWS services.
• Leveraged automated DevOps tools deployment and Blue-green deployment patterns and strategies
• Configured CI/CD Pipelines using Jenkins connected to GitHub and build environments (Dev, stage & Prod)
• Implemented IAM best practices and role-based access control
• Implemented AWS Organization to centrally manage multiple AWS accounts including consolidated billing and policy- based restrictions
• Implemented Control Tower Preventive and Detective guardrails and leveraged Account Factory, integrated wif Lambda for new AWS account creation and setup.
• Setup Ansible control and slave nodes and developed playbooks to automation configuration of servers across environments

Confidential, Baltimore, MD

AWS Infrastructure Engineer

Responsibilities:

• Managed provisioning of AWS infrastructures using CloudFormation
• Design for high availability and business continuity using self-healing-based architectures, fail-over routing policies, multi-AZ deployment of EC2 instances, ELB health checks, Auto Scaling and other disaster recovery models.
• Created patch management using Systems Manager automation for multi-region and multi account execution
• Implemented preventive guardrails using Service Control Policies (SCPs)
• Implemented detective guardrails using Cloud Custodian policies and AWS config.
• Designed and implemented for elasticity and scalability using ElastiCache, CloudFront - Edge locations, RDS (read replicas, instance sizes) etc.
• Implemented security best practices in AWS including multi factor autantication, access key rotation, encryption using KMS, firewalls- security groups and NACLs, S3 bucket policies and ACLs, mitigating DDOS attacks etc.
• Implemented Jenkins, GitHub and Git for version control, code build, testing and release and CI/CD.
• Monitored end-to-end infrastructure using CloudWatch and SNS for notification
• Used AWS system manager to automate operational tasks across AWS resources
• Project Management -AWS Infra design & application migration
• Used System Manager to automate operational tasks across WK AWS infrastructure.
• Setup AWS Single Sign On (SSO) for on premise Active Director (AD)
• Built kinesis dashboards and applications dat react to incoming data using AWS provided SDKs; and exported data from kinesis to other AWS services including EMR for analytics, S3 for storage, Redshift for big data and Lambda for event driven actions
• Developed and documented security guardrails for AWS Cloud environments
• Built custom images though docker server, docker compose wif multiple local containers and created production grade workflows and a continuous application workflow for multiple images
• Implemented multiple container deployments to AWS and maintained sets of containers wif deployments
• Setup, Configured, and used Ad Hoc ansible Commands

Confidential, Baltimore, MD

AWS Infrastructure Engineer

Responsibilities:

• Designed secured, cost optimized, highly available and fault tolerant infrastructure in AWS
• Architected and configured Dev/Stage/QA environments in AWS (VPC, subnets, security groups, EC2 instances, load balancer, RDS, Redis, route53, etc.)
• Implemented security best practices in AWS including multi factor autantication, access key rotation, role-based permissions, enforced strong password policy, configured security groups and NACLs, S3 bucket policies and ACLs, etc.
• Optimized cost through reserved instances, selection and changing of EC2 instance types based on resource need, S3 storage classes and S3 lifecycle policies, leveraging Autoscaling etc.
• Leveraged EC2 Create Snapshot API call to create snapshots of EBS Volumes on scheduled intervals
• Configured CloudWatch alarm rules for operational and performance metrics for our AWS resources and applications
• Setup and configured logs files for detail monitoring and alerts notification when changes are made.
• Monitoring from end-to-end view of runtime systems CPU, bandwidth, disk space and log files using New Relic
• Deployed and configured infrastructure using Terraform and Ansible
• Architected and implemented continuous integration and deployment pipelines using Jenkins.
• Implemented identity federation using FreeIPA to enable users to seamlessly connect to multiple services

Confidential

Jr Linux Administrator (Intern)

Responsibilities:

• Designed, deployed and clustered High Availability servers on VMware using vSphere Client
• Performed applications installation, upgrades/patches, troubleshooting, maintenance, and monitoring Linux servers
• Installation, configuration and administration of Enterprise Linux
• Created, managed and administered user accounts security and SSH password less login
• Network configuration & troubleshoot issues wif respect to network and configuration files
• Configuring Apache, NFS, FTP, SMB and Autofs
• Create users, groups and give permissions on bear metal servers
• SSL setup for Apache and Nginx application couple wif AWS ELB SSL for all http to https theirby maximizing security
• Network, CPU, Disk and connectivity monitoring wif CloudWatch and setup to trigger alarm and notify system administrators
• Aide setup for and configured for logs files detail monitoring and alerts notification when changes are made.
• Performed root - cause analysis of recurring issues, system backup, and security setup
• Security groups configured and locked down to teh various authorized subnet and IP addresses in AWS
• Automated deployment, configuration and security settings using Ansible
• Experienced in GitHub (cloning a Git repository, creating a branch, pushing to Git from local, making a PR, etc.)
• Experienced in GitHub