PROFESSIONAL SUMMARY

Azure Solutions Architect DevOps Expert Passionate Problem Solver

Dynamic IT professional with over 8 years of comprehensive experience, specializing in Azure Cloud Architecture along with AWS, implementing Security best practices, DevOps methodologies. Possesses a robust background in Cloud platforms, Configuration Management, Infrastructure automation, and Continuous Integration and Delivery (CI/CD).

Adept at architecting Azure Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) solutions. Proven expertise in crafting Design & Architecture, Strategy & Plan, and target solutions for migrating on-premises legacy and cloud-native applications and databases to Azure cloud and Hybrid environments.

Demonstrated leadership in conducting architecture design sessions, collaborating closely with stakeholders to comprehend business requirements and translate them into technical solutions. Proficient in writing Docker files, building and pushing Docker images onto ACR & ECR Repo, and deploying Helm charts on the AKS/EKS clusters.

Extensive knowledge of Azure Compute Services, configuration, and optimization, including Virtual Machines, Virtual Machine Scale Sets, App Service, App Service Environment (ASE), Azure Functions, Batch, Service Fabric, and cloud services. Proven track record in designing and implementing scalable and highly available Azure solutions for enterprise clients, ensuring optimal performance and security.

Expertise in AWS Compute Services, encompassing EC2 (Elastic Compute Cloud), Auto Scaling, Elastic Beanstalk, Lambda, Batch, ECS (Elastic Container Service), and a range of cloud services. Demonstrated success in crafting and deploying scalable, highly available AWS solutions for enterprise clients, prioritizing performance, and security excellence.

Well-versed in architecting, designing, and securing elastic storage in Azure, encompassing Blob, queue, File, Disk, Azure Backup, and Azure Site Recovery (ASR). Expert in architecting solutions based on Microsoft Azure services, such as Function App, Logic App, Azure Search, API Management, and Notification hubs.

Seasoned in the architecture, design, and implementation of Azure Networking Services, including Virtual Network, Load Balancers, Application Gateway, VPN Gateway, Azure DNS, Traffic Manager, and Express Route. Proficient in designing Azure Database Solutions, covering Azure SQL DB, Azure MySQL, SQL Datawarehouse, Cosmos DB, Azure Databricks, and Data Factory.

Sound knowledge of Azure container services, with proficiency in Docker and Kubernetes. Extensive experience in migrating on-premises applications to Azure, configuring VNETs and subnets, and leveraging PowerShell & Python scripting for automation.

Distinction of completing the following certifications

AWS Certified Cloud Practitioner (2023)

AWS Certified Solution Architect Associate (2023)

Skilled in Azure Monitoring & Management solutions, including Azure Analytics, Application Insights, Automation, Backup, Site Recovery, Azure Monitor, Automation and Control. Well-versed in Operation Management Suite (OMS) Log Analytics.

Demonstrated expertise in configuring Azure AD & AD Connect, MFA, SSO, Identity protection, consolidation of ADs, and ADFS. Hands-on experience in securing Azure Resources and implementing Security in Azure, covering Security Center, Key Vault, Azure Active Directory, Azure Active Directory B2C, and Multi-factor Authentication.

Successfully created DevOps pipelines for various environments in Azure DevOps and Jenkins. Proficient in enabling DevOps Practices with various tools like Terraform, ARM templates, BICEP, PowerShell, Azure CLI, Chef, and Ansible. Skilled in building CI / CD pipelines based on best practices such as GitOps and various DevOps tools.

Demonstrated understanding of the analysis of the security state of all resources in Azure. Adept in configuring & implementing Azure Security Center and controlling cloud security with policy-driven monitoring of security configurations.

Proven experience in disaster recovery and business continuity planning and implementation. Capable of identifying threats through behavioral analysis based on global intelligence and expertise. Quick to respond to incidents with insights into attacks and suggestions for remediation.

TECHNICAL SKILLS

PAAS: Azure App Service, Azure Functions, Web Jobs, Azure Batch, Azure Logic Apps, Azure Container Services, Azure Kubernetes Services, etc.

IAAS: Virtual Machines, Virtual Machine scale set, Azure Bastion Host, Jump Server, Virtual Network Peering, Virtual Private Network, Express Route, Availability Sets, Availability Zones, Virtual Networks, Regions, Traffic Manager, Application Security, Front Door, Load Balancer, Network Security Group, Application Security Groups, Service Bus, Service and Private Endpoints, etc.

Azure Storage Account, Blob, Containers, Queue, Table. Access Keys, Shared Access Signatures.

Identity: Azure Active Directory, Managed Identity, Service Principal, AD B2C, OAuth, IAM, identity center.

Scripting & Programming Language: Python, PowerShell, Bash/Shell, JavaScript, .Net, Java

Infrastructure as Code (IAC): Terraform, ARM, Template, BICEP.

DB: Azure SQL Managed Instance, Azure SQL, Cosmos DB, etc.

Data warehouse: Azure Synapse (SQL Datawarehouse)

DevOps: GitHub, Jenkins, Azure DevOps, YAML, CICD Pipelines, Blue Green Deployment, Canary Deployment,

SDLC: Agile Methodology, Waterfall

Security & Monitoring: Azure Key Vault, Disk Encryption, Azure App insights, Azure Monitor, Azure Log Analytics, Azure

Sentinel, AWS Key Management Service (KMS)etc.

Infrastructure Provisioning Tools: Terraform, Azure Resource Manager, Cloud Formation

Configuration Management Tools: Ansible, Chef, Puppet

Application/Web Servers: Apache Tomcat, NGINX, IIS, JBoss4.1, WebSphere, Web Logic 9.x/10.x, Gerrit

CI /CD Tools: Jenkins, Bamboo, Azure Pipelines, Gitlab Pipelines

Operating Systems: UNIX, Linux, Windows, Solaris

Virtualization Platforms: Oracle VirtualBox, VMware Workstation, Vagrant, VMware vSphere ESXi 5.x/4.X, ESX /3.x, Hyper-V

Bug Tracking Tools: JIRA, Bugzilla, Remedy, HP Quality Center, IBM Clear Quest, Mingle, VersionOne.

Containerization Tools: Docker, Kubernetes, Mesos, OpenShift, AKS, EKS.

Source Code Management: GIT, GitHub, GitLab, Bitbucket, Azure Repos.

Logging & Monitoring Tools: Nagios, Splunk, ELK, Data Dog, Dynatrace, Prometheus, Grafana, New Relic, Azure Service

Health, Azure Network Monitor, Cloudwatch

Developers Tool: Visual Studio Code

PROFESSIONAL EXPERIENCE

Goldman Sachs, New York, NY June 2023 to Present

Sr. DevSecOps Engineer

Create proxies with OAuth, OIDC, SAML to ensure security.

Develop capacity and architecture plans to enhance performance by migrating IAAS VMs and PAAS role instances within the Azure Cloud.

Optimized traffic management, security, observability within Kubernetes clusters using ISTIO service mesh.

Architect and execute Azure solutions, implementing robust solutions across Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS).

Lead multiple application and database migrations to the cloud, orchestrating a smooth transition and optimizing performance for increased operational efficiency.

Unify on-premises, hybrid cloud, and on-demand workloads with the Azure public cloud, streamlining operations for uninterrupted functionality.

Design and provision Azure resources using ARM Templates, BICEP, and Terraform, facilitated by Azure DevOps CI/CD pipelines.

Use Azure App Service and Service Bus instances to build a robust and scalable microservices architecture, promoting reliability and adaptability.

Create service endpoints and private endpoints to strengthen and optimize communication channels between Azure services and virtual networks.

Integrate the Docker container orchestration framework with Kubernetes, efficiently managing pods, Config Maps, deployments, and related resources, with automation through Ansible playbooks.

Ensure effective issue resolution and documentation by investigating .NET Core microservices, Angular websites, and Azure infrastructure issues, implementing precise fixes and optimizations.

Utilize Azure Kubernetes Service, Application Insights, and Log Analytics for effective monitoring and comprehensive performance analysis.

Establish Kubernetes clusters across cloud and on-premises environments, configuring services, pods, deployments, auto-scaling, load balancers, and health checks.

Collaborate with cross-functional teams, including developers, architects, and stakeholders, to facilitate seamless exchange of information and knowledge.

Eli Lilly, Indianapolis, Indiana Mar 2021 - May 2023

Cloud Architect/ Security Specialist

Implemented robust security measures using AWS Key Management Service (KMS), IAM policies, and AWS CloudTrail for auditing to ensure regulatory compliance and data protection.

Designed AWS cloud architectures leveraging services like Amazon S3, EKS and ECS. supported deployments using AWS code pipeline, code build.

Collaborated with analysts to transform raw data into meaningful insights and enhance observability with Istio. Assisted in implementing data security and compliance measures to safeguard sensitive data.

Designed and built resilient Azure solutions for on-premises applications and databases.

Collaborated with the data engineering team to document data processes and system architecture.

Utilized Azure DevOps/VSTS for version control, build orchestration, and release management.

Provisioned servers and resources using Terraform and BICEP through CI/CD pipelines.

Formulated capacity and architecture blueprints for optimized environments, enhancing performance and resource utilization in the Azure cloud.

Automated resource provisioning and configuration with Python scripting and Azure SDKs.

Deployed resources using ARM Templates and Jenkins Workflow for multi-tier applications.

Built Java web applications with Maven and managed artifacts with Nexus repository.

Utilized Datadog, Visual Studio, AKS, Application Insights, and Log Analytics for efficient monitoring.

Orchestrated Docker containers through Kubernetes for scalable deployment and management.

Implemented Azure B2C with OAuth for custom user journeys and multi-factor authentication.

Leveraged Azure RBAC for team-based access management and utilized Terraform with Log Analytics for monitoring.

Optimized .Net, Java, and Python applications through Azure DevOps CI/CD pipelines.

Created monitoring and alerting systems using the ELK Stack for log analysis and efficient monitoring. Executed an Azure DevOps Pipeline for cross-subscription resource management and continuous integration.

Configured HTTP Triggers within Azure Functions and integrated application insights for monitoring. Implemented and enhanced cloud-based process automation using Azure Automate.

Employed GIT hooks for code commits, pushes, and seamless GitHub integration.

Integrated Azure-native security tools & SonarQube within CI/CD pipelines for automated code quality control. Established secure connectivity with BGP routes for ExpressRoute connections.

Managed code within a private repository for version control and updates.

Automated Ansible servers with YAML scripting for improved efficiency and orchestration.

Toyota Motor Corporation, Plano, Tx Nov 2019 – Feb 2021

Cloud Solutions Architect

Utilized ARM templates in JSON format to deploy Azure services, ensuring seamless integration with existing infrastructure without disruptions.

Installed VMware ESX and skillfully created Virtual Machines from scratch and templates.

Deployed, updated, and deleted multiple Azure resources using Azure Resource Manager (ARM) templates.

Managed the migration of on-premises resources to Azure through Azure Site Recovery (ASR) and Azure backups.

Executed ARM templates using PowerShell for the precise deployment of Azure resources, facilitating continuous integration through VSTS (Azure DevOps).

Automated data workflows to reduce manual intervention and enhance operational efficiency.

Duke Energy Corporation, Charlotte, North Carolina Jan 2018 – Oct 2019

Cloud Architect/ Administrator

Implemented a diverse range of Azure services, such as Active Directory, storage, cloud services, VMs, SQL Database, Functions, App Service, and Service Bus, showcasing comprehensive Azure expertise.

Automated operations through Terraform, Ansible, and PowerShell scripts, enhancing efficiency and reducing manual tasks.

Established CI/CD pipelines in Azure DevOps to expedite development and deployment cycles. Designed and automated IaaS and PaaS solutions utilizing virtual machines, container services, virtual networks, and cloud services, optimizing scalability and reliability.

Efficiently deployed Azure services using ARM templates, ensuring compatibility with existing infrastructure.

Managed routine system tasks, including backups, job scheduling, and server logging, for maintenance, optimization, and testing.

Leveraged Azure Resource Manager (ARM) for efficient deployment, updates, and removal of resources.

Successfully migrated on-premises resources to Azure utilizing Azure Site Recovery and Backups. Established robust CI pipelines within Azure DevOps, ensuring secure and seamless code deployment practices.

Proactively monitored Azure environments using Log Analytics, Network Watcher, Service Health, and Dynatrace to diagnose issues, minimize service degradation, and prevent disruptions.

Utilized Azure DevOps services (Repos, Boards, Test Plans) for code development, collaboration, and deployment, fostering a cohesive development environment.

Created and maintained various Azure DevOps tools, including deployment utilities, staged virtual environments, and provisioning scripts, enhancing development efficiency.

Built machine images with Terraform and Packer and employed Ansible for software dependency installation.

Publix Super Markets Inc., Lakeland, FL Jan 2016 – Dec 2017

Cloud Security & DevOps Engineer

Established an architectural runway for information security requirements, catering to both infrastructure and application development teams.

Collaborated closely with Agile teams to ensure the fulfillment of security requirements, implementing, and maintaining Azure security policies within a DevSecOps environment.

Strengthened Azure security for all resources and access controls.

Conducted comprehensive Azure cloud security assessments and audits, demonstrating hands-on experience with Microsoft security and compliance tools like Microsoft Defender and Microsoft Purview.

Developed and managed Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), and Software Composition Analysis (SCA) scans on both web and API applications to identify vulnerabilities.

Performed security reviews, audits, and threat assessments on cloud-based applications, working closely with engineering teams.

Managed Azure Active Directory with Role-Based Access Control (RBAC) and implemented Single Sign-On (SSO) and Multi-Factor Authentication (MFA) for secure authentication.

Created and enforced Azure security policies across multiple subscriptions.

Implemented Continuous Integration/Continuous Deployment (CI/CD) pipelines through DevOps practices, utilizing PowerShell scripting and automation for consistent and periodic deployments.

Strategically configured Azure Express Route to establish secure private connections between Azure data centers and on-premises infrastructure.

Successfully migrated services from on-premises environments to Azure using a combination of Azure Portal and PowerShell scripts.

Proficiently managed Azure Security Groups and integrated them with virtual machines (VMs) and subnets.

Collaborated with Azure Data Migration Service, Azure Database Migration Service, Azure Data Factory, and third-party solutions for secure and seamless data migration, minimizing downtime.

Showcased expertise across various Azure services, including Compute, Caching, SQL Azure, NoSQL, Storage and Network Services, Azure Active Directory, Azure Monitoring, Scheduling, Autoscaling, Azure Identity & Access Management, Data Factory, and PowerShell Automation, among others.

Deployed Azure Virtual Networks and Azure Application Gateway to establish seamless communication with on-premises networks via Azure VPN Gateways.

Facilitated integration and collaboration between Azure applications and external systems, leveraging Azure integration services and APIs.

Deployed Azure resources effectively using Azure CLI, Azure Active Directory, Azure Virtual Network, Azure Storage, and Azure Database.

Demonstrated proficiency in administrative tasks such as configuring availability sets, virtual machine scale sets (VMSS) with load balancers, virtual networks, and network security groups (NSG).

Developed and implemented scripts using MAVEN, Jenkins, and Nexus to streamline the build and deployment processes of Java-based web applications.

Configured and managed Ansible for efficient web application management, environment configuration, and server orchestration.

Utilized JIRA Agile for project management, employing Scrum/Kanban boards to support agile development methodologies.

Leidos Holdings Inc., Reston, Virginia Jan 2014 – Dec 2015

Systems Administrator

Skilfully coordinate the setup and customization of Linux operating systems and software, ensuring optimal performance aligned with organizational needs.

Diligently uphold the maintenance of Linux systems through regular updates and security patches, reinforcing defences against vulnerabilities and threats.

Thoroughly oversee user accounts and access controls, safeguarding sensitive data and maintaining system integrity.

Promptly troubleshoot system issues, identifying root causes and implementing effective resolutions to minimize downtime and sustain productivity.

Continuously monitor system performance, proactively identifying areas for optimization and implementing enhancements for seamless operations.

Oversee the implementation and management of robust backup and recovery solutions to ensure data resilience and protection against potential losses.

Configure and manage essential network services, including DNS, DHCP, and VPN, to facilitate seamless connectivity and secure communication. Deploy and maintain comprehensive security measures, encompassing firewalls and intrusion detection systems, to safeguard systems against attacks and breaches.

Optimize efficiency and reduce manual effort by streamlining tasks and processes through automation using scripting languages like Bash and Python.

Promote collaborative teamwork and knowledge-sharing among colleagues, ensuring effective communication and coordinated efforts.

Create and maintain comprehensive documentation detailing system configurations, procedures, and troubleshooting guidelines for future reference and knowledge transfer.

Adhere to organizational policies and industry standards, ensuring compliance and upholding best practices in system administration.

Strategically plan and execute system upgrades and migrations to newer Linux versions, leveraging technological advancements and optimizing performance.

Proactively monitor and respond to security incidents, conducting thorough audits and assessments to identify and mitigate vulnerabilities.

Provide expert technical support and guidance to end-users and team members, fostering problem-solving and enhancing technical capabilities within the organization.

EDUCATION

• Bachelor of Science from Florida State University, FL

Contact this candidate