PAUL MULENGA
PARAMOUNT WAY FRISCO TEXAS *****
ad0wd6@r.postjobfree.com
Cloud Security & DevOps Engineer: Specializing in AWS & Azure platforms, I lead secure and streamlined cloud migrations and provisions. With deep expertise in Grafana, Kubernetes, Docker, and Terraform, I establish scalable and robust cloud infrastructures. My comprehensive background, underscored by CSSP & AWS certifications, guarantees agile and secure workflows across intricate cloud landscapes. Through a meticulous approach to Cloud Migration and Systems Automation, I consistently optimize and fortify solutions, ensuring best-in-class strategies and cloud deployments. TECHNICAL SKILLS
• Cloud & Virtualization: Proficient in AWS services (EC2, S3, RDS, CloudTrail, GuardDuty, CloudWatch, EKS) and Azure (CloudSQL, Terraform, Jenkins, Cloud Run) for creating scalable and secure cloud solutions.
• Security & Monitoring Expertise: Experienced in Kubernetes API Server Auditing, Amazon GuardDuty, Azure Network Watcher, and AWS CloudFormation, ensuring robust security and real-time threat detection.
• Scripting & Automation: Skilled in Python, Bash, and AWS Lambda, enabling efficient automation and serverless application development.
• Operating Systems Mastery: Hands-on administration of Linux, Windows, and MacOS systems, ensuring comprehensive platform coverage.
• Distributed Computing: Profound understanding of storage volumes, private networks, load balancers, and virtual machines for optimizing cloud infrastructure.
• Container Orchestration: Expertise in Kubernetes, encompassing deployment, service management, scaling, and maintenance of containerized applications.
• Additional Proficiencies: Familiarity with tools like Splunk, coupled with a background in High-Performance Computing system administration, Kubernetes, and Docker, for comprehensive cloud and container solutions.
EDUCATION
• Associate Degree - Cyber Security - COLLIN COLLEGE
• Bachelor’s Degree - Information Technology - CITIZEN UNIVERSITY
• Master’s Degree- Computer Science - HALLMARK UNIVERSITY CERTIFICATIONS
• AWS Certified Solution Architect
• AWS Certified Security
• CompTIA Security+
• CSSP
EXPERIENCE
TUPL INC
CLOUD ENGINEER 2023-PRESENT
• Implemented and maintained Grafana dashboards to monitor critical cloud infrastructure and applications, improving system observability and reducing downtime.
• Integrated Grafana with Prometheus and Alert Manager to ensure timely alerts for critical incidents.
• Deployed and managed Apache Kafka clusters, ensuring seamless data streaming and messaging for real-time analytics applications.
• Configured and optimized Apache NiFi workflows for data ingestion, transformation, and distribution across microservices.
• Administered Hadoop clusters, ensuring optimal performance, data redundancy, and fault tolerance.
• Managed HBase data stores to facilitate real-time read/write access for big data applications.
• Implemented Keycloak for centralized identity and access management, streamlining user authentication and authorization processes across all applications.
• Orchestrated and maintained microservices using Kubernetes, ensuring autoscaling, load balancing, and self-healing of applications.
• Migrated legacy applications to Kubernetes, achieving more scalable and manageable infrastructure.
• Deployed and optimized Docker containers to encapsulate applications, ensuring consistent environments from development to production.
• Leveraged Terraform scripts for provisioning and managing cloud infrastructure, resulting in faster deployments and version-controlled infrastructure.
• Managed intra-service traffic using service meshes, optimizing latency and ensuring reliable data flow between services.
• Implemented traffic management policies to ensure efficient routing, load balancing, and failover mechanisms.
• Utilized Postman for API endpoint testing, ensuring all microservices communicated as expected and met performance benchmarks. ABBOTT
DEVOPS ENGINEER II – 2021- 2023
• Orchestrated and monitored Kubernetes clusters, focusing on optimizing resource utilization, scaling pods, and monitoring cluster health.
• Deployed Helm for streamlined application deployment, coupled with Flux, for a seamless and progressive delivery system.
• Utilized k9s for effective Kubernetes cluster oversight and real-time performance monitoring.
• Implemented robust AWS IAM policies, ensuring secure access to AWS services, and further fortified the environment using MFA protocols.
• Designed and launched AWS resources within an Amazon VPC, segregating databases, and web servers in private subnets to enhance security. Leveraged Elastic Load Balancing for efficient traffic distribution.
• Deployed CloudFront for a swift CDN service, ensuring global reach of demo applications with minimal latency.
• Provisioned and managed SSL certificates using AWS Certificate Manager, fortifying network communications, and enabling HTTPS for applications.
• Hosted various web applications, such as a PHP-MySQL app, on Amazon. EC2, ensuring a resilient compute capacity in the cloud. Integrated EC2 Auto Scaling for maintaining application availability in fluctuating traffic scenarios.
• Optimized user experience by implementing Amazon’s Route 53, directing end-users to applications via custom domain names. COPART
CLOUD SECURITY ENGINEER 2019-2021
• Implemented CloudFront as the go-to CDN solution, ensuring global, secure, and efficient delivery of demo applications to users, characterized by low latencies and highspeed data transfers.
• Leveraged Amazon's Route 53, a scalable cloud Domain Name System service, to direct users to applications through custom domain names, enhancing user navigation experience and site reliability.
• Collaborated with project teams to embed predefined policies into AWS solutions, particularly emphasizing IAM protocols.
• Championed the creation and upkeep of the organization's compliance policies, procedures, and the system security plan (SSP).
• Orchestrated regular security and risk assessments, ensuring the system's robustness against potential threats.
• Helmed the AWS cloud information security strategy, leading efforts in threat identification and subsequent remediation processes.
• Spearheaded the creation of a cross-functional privacy program, utilizing the NIST privacy Framework to ensure comprehensive coverage of all privacy related concerns.
• Conducted periodic self-assessments based on the NISTSP 800 53A criteria, ensuring consistent alignment with industry standards and protocols.
• Demonstrated expertise in log analysis and troubleshooting, ensuring swift resolutions to system or security-related issues and minimizing potential downtimes.
CAPITAL ONE
CLOUD ADMINISTRATOR II – 2018-2019
• Orchestrated the design and management of S3 buckets to store databases, logs, and backup data, seamlessly integrating with CDN servers for image uploads.
• Expertly monitored server health and performance metrics via Amazon CloudWatch, coupled with SNS for real-time alerts and notifications.
• Championed the setup, configuration, and management of Linux servers on AWS, encompassing a broad range of services such as EC2, EBS, ELB, SSL, Security Groups, RDS, and more.
• Showcased proficiency in creating and managing AWS resource entities including AMIs, Snapshots, and Volumes, effectively handling resource adjustments like CPU scaling and memory allocations.
• Spearheaded the development and launch of EC2 instances on Amazon Linux, facilitating the execution of Proof of Concepts (POCs) in live Production environments.
• Seamlessly operated and managed vital server configurations including NFS, SAMBA, NIS, and Yum servers, ensuring consistent service availability and performance.
• Executed comprehensive security measures including supervising Virtual Private Clouds (VPC) and subnets, ensuring inter-zone connectivity, and proactively blocking potential threats via Access Control Lists (ACL).
• Oversaw the support and maintenance of the existing DNS infrastructure, ensuring optimized domain name resolutions and minimized latencies.
• Led hardware installations, firewall configurations, and Virtual Private Network (VPN) setups, bolstering the overall security and connectivity of the infrastructure.
• Excelled in troubleshooting system failures, conducting in-depth bottleneck analyses, and implementing solutions to ensure long-term network efficiency and reliability.
CORE COMPETENCIES
• Solution Architecture: Proficient in designing solutions using architectural principles tailored to meet customer requirements and objectives.
• Cluster Management: Ensured optimal cluster performance by monitoring, scaling, and maintaining Kubernetes clusters.
• Application Deployment: Orchestrated the deployment and management of containerized applications using Kubernetes manifests.
• Service Discovery: Created and managed Kubernetes Services for internal and external application exposure.
• Networking: Resolved network issues and established network policies for traffic control between pods.
• Storage Management: Provisioned and managed storage resources for stateful applications with Persistent Volumes.
• Security: Implemented RBAC and security best practices, monitored for vulnerabilities, and applied security updates.
• Logging and Monitoring: Set up monitoring and alerting solutions to track cluster and application health.
• AWS Application Deployment: Skilled in architecting, deploying, and maintaining secure and resilient applications using a wide range of AWS services.
• Implementation Guidance: Providing comprehensive implementation guidance and best practices to project teams and stakeholders throughout the project lifecycle.
• AWS Services Expertise: Hands-on expertise in utilizing various AWS services encompassing computer, networking, storage, and database services to address specific project needs.
• Technical Requirements: Proficient in defining and matching AWS services that align with specific technical requirements and industry standards.
• Best Practices: Knowledgeable in adhering to recommended best practices for building highly secure, scalable, and reliable applications on the AWS platform to ensure client satisfaction and long-term retention.
• Technical Analysis: Capable of defining and identifying the technical requirements necessary for the successful development and operation of AWS-based applications.
• Network Technologies: Understanding of network technologies and their relevance within the context of AWS, including networking best practices and configurations.
• AWS Security: Proficient in leveraging AWS security features and tools to safeguard cloud based resources and data. Additionally, skilled in managing Linux systems and basic SQL administration.