SUMMARY

• Certified AWS DevOps Engineer with 7+ Years of extensive IT experience, Expertise in Infrastructure and Cloud Engineering & Linux Engineering.
• Exposed to all aspects of Software Development Life Cycle (SDLC) such as Analysis, Planning, Developing, Testing, and implementing and post - production analysis of the projects and methodologies such as Agile, SCRUM and waterfall
• Extensive experience in Amazon Web Services (AWS) Cloud services such as EC2, VPC, S3, Code Commit, Code Build, Code Deploy, Code Pipeline, IAM, EBS, RDS, ELB, VPC, Route53, Dynamo DB, Lambda, Gaur duty, Config, Macie, Service Catalog, Cloud Formation, Auto Scaling, Cloud Front, CloudTrail, CloudWatch, Elastic search, Elastic File system (EFS), Elastic Beanstalk, EKS, SNS, SQS, SES, SWF & AWS Direct Connect etc.
• Worked on various AWS security services like AWS Identity and Access Management (IAM), Amazon Inspector, AWS Key Management Service (KMS), Amazon Macie, AWS Shield, AWS WAF, Amazon Guard Duty, AWS Security Hub
• Firm grasp onAWS CloudSecurity, leveragingLinux, and Windows operating systems, using theAWSconsole andCLI (command line interface). Worked with application development teams for implementation of best security practices within the SDLC. Performed security reviews on new and legacy applications.
• Monitoring resources and Applications using AWS Cloud Watch, including creating alarms to monitor metrics such asEBS, EC2, ELB, RDS, S3, SNSand configured notifications for the alarms generated based on events defined.
• Experience with designing, building, and operating solutions using virtualization using private hybrid/public cloud technologies. “DevSecOps Process & Regulatory” Plan & Execution for Cloud Migration Plan. Knowledge of High Availability (HA) and Disaster Recovery (DR) options in AWS.
• Experience in different migration services like AWS Server Migration Service (SMS) to migrate on-premises workloads to AWS in easier and faster way using Rehost “lift and shift* methodology and AWS Database Migration Service (DMS), Sybase on premise data to RDS SQL Servers.
• Knowledge of High Availability (HA) and Disaster Recovery (DR) options in AWS.
• Experience in Migrating a production infrastructure into an Amazon Web Services utilizing AWS Cloud formation.
• Hands on experience in Architecting Legacy Data Migration projects such as Teradata to AWS Redshift migration and from on-premises to AWS Cloud.
• Experience in configuring Docker Containers for Branching and deployed using Elastic Beanstalk.
• Experience in designing, installing, and implementing Ansible configuration management system for managing Web applications, Environment’s configuration Files, Users, Mount points and Packages.
• Extensively worked on Jenkins and Hudson by installing, configuring, and maintaining the purpose of Continuous Integration (CI) and for End-to-End automation for all build and deployments and in implementing CI/CD for database using Jenkins. Integrate with DevOps teams to help them transform into DevSecOps teams.
• Experience in managing U Deploy configuration, administration, upgrade, security and maintenance of systems, platforms like Web, application. Hands-on experience in deployment automation using Shell/Ruby scripting.
• Experience in setting up Baselines, Branching, Merging and Automation Processes using Shell, Ruby, and PowerShell scripts. Experience in using version controller tools SVN, Git, GitHub, and Bit Bucket.
• Expertise in application builds, deployment, smoke testing and release promotion for complex applications and infrastructure. Performed several types of testing like smoke, functional, system integration, white box, black box, gray box, positive, negative and regression testing.

TECHNICAL SKILLS

Operating System: Windows, Mac OS, RHEL 6/7, Ubuntu, CentOS

Versioning Tools: Subversion, GIT Hub, GIT Lab, Bit Bucket

CI Tools: Jenkins, Bamboo

Bug Tracking Tools: JIRA, ServiceNow

Programming Languages: Python, C

Scripting Languages: Shell scripting, Python, Java Scripting

Web Application servers: Apache Tomcat, Nginx

Databases: MySQL, NOSQL

Monitoring Tools: Amazon CloudWatch, CloudTrail, Nagios, Splunk, nexus, Data Dog

Configuration Management Tool: Ansible

Virtualization Technologies: vSphere, VMware Workstation, Oracle Virtual Box, Hyper-

Containers Tools: Docker, ECS, Kubernetes, EKS

Testing tools: SELENIUM, Junit

Networking/protocols: TCP/IP, REST, API, Routing Protocols, Subnets, VPN, Route53

REPOSITORIES: NEXUS, GIT, ARTIFACTORY

Cloud Technology: AWS (EC2, ELB, VPC, RDS, IAM, CLOUD FORMATION, S3,CloudWatch, CloudTrail, Lambda, Service Catalog, Config, EFSX-Ray, ECS, EKS, Step Functions, SNS, SQS, Dynamo DB).

PROFESSIONAL EXPERIENCE

Aws Cloud Engineer

Confidential - Philadelphia, PA

Responsibilities:

• Set up a new baseline multi - AWS Accounts environments that is secure, well architected, as per the Organization Security Standards using AWS service catalog through AWS Control Tower.
• Built multiple services such as AWS Organizations, AWS Identity and Access Management, AWS Config, AWS CloudTrail and AWS service catalog using AWS Control Tower.
• Implemented a CI/CD pipeline in Dev, UAT, and Pre-Prod to deployed applications using ECS service using AWS deployment tools, when a code check- happens to the Code Commit, Code Build automatically triggers and it will create or update an existing CloudFormation stack. CloudFormation creates/updates AWS resources required to run our application.
• Worked on ECS deployment to an application on a webserver hosted in containers using CloudFormation to create Infrastructure as Code.
• Working on AWS’s Cloud Security Services such as IAM (Identity and Access Management), Identity Federation, Certificate Manager, Key Management Service, CloudTrail, SSO, Guard Duty, Secrets Manager, Config etc.
• Implemented Amazon Macie, Guard Duty, Centralized CloudTrail, Centralized Cloud Config, Redlock integration.
• Built AWS Lambda function with python language to monitor the creation of the new resource without the organization standards and enabled notification and appropriate action to be taken.
• Built CloudFormation templates for SNS, SQS, Elasticsearch, DynamoDB, Lambda, EC2, VPC, RDS, S3, IAM, CloudWatch services implementation and integrated with Service Catalog.
• Worked with AWS Secrets Manager to protect secrets, easily rotate, manage, and retrieve database credentials, API keys, OAuth tokens and used CloudWatch for monitoring AWS cloud resources and the applications that deployed on AWS by creating new alarm, enable notification service and monitored stats from all services in AWS solutions.
• Design, build, secure, and manage clusters/workloads running on self-managed Kubernetes (Kops), Amazon EKS (Amazon Kubernetes Service), Amazon ECS, and AWS Fargate.
• Created CloudFront distributions to serve content from edge locations to users to minimize the load on the frontend.
• Worked on tagging standards for proper identification and ownership of EC2 instances and other AWS Services like Cloud Front, cloud watch, RDS, S3, Route53, SNS, SQS, and Cloud Trail.
• Create read replicas of AWS RDS in multiple Availability Zone using backups and snapshots and scaling out based on requirements. Worked with networking teams in configuring Aws Direct Connect to establish dedicated connection to datacenters and Aws cloud.
• Implemented Config-Aggregator to enhance compliance across the accounts and centralized management.
• Created functions and assigned roles inAWS Lambdato run python scripts, andAWS Lambdausing python to perform event-driven processing. Created Lambda jobs and configured Roles usingAWS CLI.
• Experience in migrating database using AWS Database Migration Service (DMS) homogenous migrations such as oracle to oracle heterogeneous migrations between different database platforms such as Oracle to Amazon Aurora and Confidential SQL to MySQL
• Experienced with the event-driven and scheduled AWS Lambda functions to trigger events in a variety of AWS resources using boto3 modules. Implemented the AWS Cost budget notifications environment-wise by using python with Lambda functions and SNS notification service.
• Experienced in creating multiple VPCs and public, private subnets as per requirement and distributed them as groups into various availability zones of the VPC. Created NAT gateways and instances to allow communication from the private instances to the internet through bastion hosts.
• Used security groups, network ACLs, internet gateways, and route tables to ensure a secure zone for the organization in AWS public cloud.
• Set up the ETL process by reading DDL statements from S3 buckets, validating the queries on the Athena platform, and loading data into DynamoDB tables.
• Configured S3 buckets with various life cycle policies to archive the infrequently accessed data to storage classes based on the requirement.

Environment: /Tools: EC2, Elastic Load Balancing, EKS, Cloud Front, Cloud Formation, Elastic Cache, Cloud Watch, Route 53, Redshift, Lambda, Dynamo DB, Terraform, Jira, Ansible, Bash scripts, Bit bucket, Service Catalog, X-Ray, Guard Duty, Macie, VPC, Cloud Trail, IAM, Redlock, Organizations, WAF, S3, Elastic Search, SNS, SQS and SES.

AWS Cloud Engineer

Confidential - Des Moines, IA

Responsibilities:

• Built CloudFormation templates for SNS, SQS, Elasticsearch, DynamoDB, Lambda, EC2, VPC, RDS, S3, IAM, CloudWatch services implementation and integrated with Service Catalog.
• Created Kubernetes clusters and worked on creating many Pods, Replication controllers, Services deployments, configmaps, secrets, Labels, Health checks and ingress by writing YAML files.
• Used AWS Secrets Manager for securing credentials and lambda function for triggering scripts from EC2 instances.
• Deployed applications using Code Commit, Code Build services and configured auto back of very version in S3.
• Configured multi account architecture, identity and access management, governance, data security, network design and logging within provisioned AWS landing zones using AWS cloud formation.
• Worked on configuring Cross-Account deployments using AWS Code Pipeline, Code Build and Code Deploy by creating Cross-Account Policies & Roles on IAM.
• Worked with AWS Secrets Manager to protect secrets, easily rotate, manage, and retrieve database credentials, API keys, OAuth tokens and used CloudWatch for monitoring AWS cloud resources and the applications that deployed on AWS by creating new alarm, enable notification service and monitored stats from all services in AWS solutions.
• Troubleshooting Linux network, security related issues, capturing packets using tools such as IP tables, firewall. Monitoring resources and Applications using AWS Cloud Watch, including creating alarms to monitor metrics such as EBS, EC2, ELB, RDS, S3, SNS and configured notifications for the alarms generated based on events defined.
• Building servers using AWS, importing volumes, launching EC2, creating security groups, auto-scaling, load balancers, Route 53, SES, and SNS in the defined virtual private connection.
• Used Bash and Python included Boto3 to supplement automation provided by Ansible and Terraform for tasks such as encrypting EBS volumes backing AMIs and scheduling Lambda functions for routine AWS tasks.
• Created and managed Container orchestrators likeAmazon ECSandEKS (Elastic Kubernetes Service)as container management skills to run microservices on a managed cluster of EC2 instances and serverless Fargate.
• Designed and developed automation test scripts using Python and Bash. Create read replicas of AWS RDS in multiple Availability Zone using backups and snapshots and scaling out based on requirements.
• Created tagging standards for proper identification and ownership ofEC2 instancesand other AWS resources.
• Configured alarms inCloudWatchfor monitoring the server's performance, health, CPU utilization, Memory and disk usage of AWS resources using AWSCloudWatch.

Environment: /Tools: Linux, EC2, Elastic Load Balancing, Glue, Athena, EKS, Cloud Formation, CloudWatch, Route53, Redshift, Lambda, Dynamo DB, Terraform, Jenkins, Jira, PowerShell, Bit Bucket, Bamboo, Apache Mesos, X-Ray, VPC, CloudTrail, IAM, S3, Elastic Search, SNS and SQS.

AWS Cloud Engineer

Confidential - Jersey City, NJ

Responsibilities:

• Built CloudFormation templates for SNS, SQS, Elasticsearch, DynamoDB, Lambda, EC2, VPC, RDS, S3, IAM, CloudWatch services implementation and integrated with Service Catalog.
• Built CloudFormation templates for SNS, SQS, Elasticsearch, DynamoDB, Lambda, EC2, VPC, RDS, S3, IAM, CloudWatch services implementation and integrated with Service Catalog.
• We have an app, and it needs to be continuously updated based on user feedback or the addition of new features. For this, we implemented Continuous Integration and Continuous Delivery Pipeline to automate the complete workflow from building, testing, packaging, and deploying, which will be triggered code pipeline there are any changes to an existing application code. For this, we used code commit, code build, code deploy, code pipeline, CloudFormation, ECR, and ECS.
• Implemented Config-Aggregator to enhance compliance across the accounts and centralized management.
• Experienced in creating multiple VPCs and public, private subnets as per requirement and distributed them as groups into various availability zones of the VPC.
• Implement AWS Security Services such as Amazon Guard Duty, Amazon Inspector, AWS Key Management Service, Amazon Macie, AWS Shield, and Security Groups for access control of network subnets, VPC, and AWS resources.
• Lead Identity and Access management services design for SSO with SAML/LDAP -AD for role-based access and policy/user group for Identity management and AWS resource access with Ping Federate.
• Created NAT gateways and instances to allow communication from the private instances to the internet through bastion hosts. Used security groups, network ACLs, internet gateways, and route tables to ensure a secure zone for the organization in AWS public cloud. Integrated ServiceNow with Splunk to generate Incidents from Splunk Administered Apache HTTP Server 2.0.
• Critically evaluate information gathered from multiple sources and worked with customers to assess whether data conformed to data governance approved mappings and standards.
• Implemented a 'server less' architecture using API Gateway, Lambda, and Dynamo DB and deployed AWS Lambda code from Amazon S3 buckets. Created a Lambda Deployment function and configured it to receive events from your S3 bucket.
• Experienced with event-driven and scheduled AWS Lambda functions to trigger various AWS resources.
• Configure the pipeline to start in response to the event. Created and configured elastic load balancers and auto-scaling groups to distribute the traffic and to have a cost-efficient, fault-tolerant, and highly available environment.
• Wrote Ansible playbooks to launch AWS instances and used Ansible to manage web applications, configuration files, used mount points and packages. Developed and maintained Python/Shell PowerShell scripts for build and release tasks and automating tasks.
• Attach a resource policy to the Code Commit repository that denies members of the IAM developer group the actions of pushing commits, merging pull requests, and adding files to the master branch.
• Configured S3 buckets with various life cycle policies to archive the infrequently accessed data to storage classes based on the requirement. Automated regular tasks using Python code and leveraged Lambda function wherever required.
• Configured the application to run on the data center using Terraform. Developed and deployed stacks using AWS Cloud Formation Templates (CFT) and AWS Terraform.
• Implemented domain name service (DNS) through Route53 to have highly available and scalable applications. Created snapshots to take backups of the volumes and images to store launch configurations of the EC2 instances.
• Created EBS volumes for storing application files for use with EC2 instances whenever they are mounted to them.
• Experienced in creating RDS instances to serve data through servers for responding to requests.
• Written Templates for AWS infrastructure as a code using Terraform to build staging and production environments.
• Implemented Amazon Macie, Guard Duty, Centralized CloudTrail, Centralized Cloud Config, Redlock integration.
• Implemented WAF & Shield across all the AWS environments to maintain the environments safe and secured.
• Automated the process of keeping track of succeeded and failed Athena queries, written python code in lambda function.
• Hands-on experience working with AWS services like Lambda function, Athena, DynamoDB, Step functions, SNS, SQS, S3, IAM, etc. Experience in writing SAM templates to deploy serverless applications on AWS cloud.
• Experienced with event-driven and scheduled AWS Lambda functions to trigger various AWS resources.
• Implemented different state machines and used almost all available tasks for step functions like map, parallel, choice, task, etc.

Environment: /Tools: EC2, Elastic Load Balancing, EKS, Cloud Front, Power Shell, Cloud Formation, Elastic Cache, CloudWatch, Route53, Redshift, Lambda, Dynamo DB, RDS, Terraform, Jira, Ansible, Bash scripts, Bit bucket, Service Catalog, X-Ray, Guard Duty, Config, Macie, VPC, CloudTrail, IAM, Redlock, Organizations, WAF, S3, Elastic Search, SNS, SQS and SES.

AWS Cloud Engineer

Confidential - San Jose, CA

Responsibilities:

• Configured and deployed GIT repositories with branching, forks, tagging, merge requests and notifications.
• Experienced in authoring pom.xml files, performing releases with Maven release plugins and managing artifacts in Maven internal repository.
• Involved in installing Jenkins on Linux environment and implemented a Master and Slave configuration to run multiple build operations in parallel.
• Deployed and monitored Micro services using pivotal cloud foundry, also managed domains and routes with the cloud foundry. Worked in using Dockers Swarm and deployed spring boot applications.
• Built enterprise-wide DNS historical data trending analysis tools in Go (Golang), Languages with REST API for user queries as Microservice.
• Monitoring Splunk dashboards, Splunk Alerts and configure scheduled alerts based on the internal customer requirement.
• Implemented newJIRAworkflows for the QA teams and worked on SplittingJIRAand Remedy server’s configuration
• Used SonarQube for continuous inspection of code quality and to perform automatic reviews of code to detect bugs. Managing AWS infrastructure and automation with CLI and API.
• Used Jenkins pipelines to drive all micro services builds out to the Docker registry and then deployed toKubernetes, Created Pods and managed usingKubernetes. Working on Micro services for Continuous Delivery environment using Docker.
• Worked on Ansible for configuration management and infrastructure automation. Also created inventory in Ansible for automating continuous deployment and wrote playbooks using YAML scripting.
• Setup Log Analysis AWS Logs to Elastic Search and Kabana and Manage Searches, Dashboards, custom mapping, and Automation of data. Experience with AtlassianJIRAinstallation, administration, and maintenance.
• Working with Terraform key features such as Infrastructure as code, Execution plans, Resource Graphs, Change Automation.
• Setup JFrog Artifactory on AWS, single copy of any binary is ever stored on this file system.
• Creation of RDS database instances Postgres SQL in AWS cluster making use of EC2 and VPC and launched via Cloud Formation template. Implemented logging solutions with Elastic search, Logstash & Kibana.
• Used Nagios for application and hardware resource monitoring and wrote new plugins in Nagios to monitor resources.
• Installed variousJiraplugins such asJiraclient,Jiraimporter plugin,JiraCharting Plugin, the connector for Microsoft project andJiraMisc and Remedy ticket system.
• Launched Amazon EC2 Cloud Instances using Amazon Web Services (Linux/Ubuntu) and configuring launched instances with respect to specific applications.

Environment: /Tools: EC2, ELB, Power Shell, CloudWatch, Dynamo DB, RDS, Terraform, Docker. Jira, Ansible, Bash scripts, Bit bucket, VPC, CloudTrail, IAM, S3, Elastic Search, SNS, SQS and SES.

Linux Engineer

Confidential

Responsibilities:

• Linux kernel patching and rollback if new kernel failure occurs.
• Installing the packages using rpm, yum & up2date commands. Troubleshooting network connectivity problems, user login problem and server booting problem.
• Creating, resizing, restarting, and removing Logical Volumes (LV’s). Replacing the disks under mirror on event of failure. Creating ext3 file systems and applying quotas per user. Giving File/directory permissions to the users by using ACL’s.
• Configuring anonymous and VSFTP server. Installation, Configuration, and implementation of SAMBA service.
• Configuring and maintaining network services (NFS and NTP). Configuring network interfaces and troubleshooting network problems. Tuning the kernel parameter as per application and database team requirements.
• Troubleshooting of failure OS, login in single user mode, f/s checking by fsck, repair the f/s, clearing the boot-archive etc. Monitoring Virtual memory, adding additional swap space as needed.
• Configuring and troubleshooting various network services such as FTP, SSH, Telnet.