Aws Manager
Resume:
Name: Felix Foncham Azoh
Address: **** ******** ** ***********, ** 20785
Tel: 240-***-****
Email: *********@*****.***
Skype ID: live:.cid.c5b0f1f4c347f9d7
Summary of Qualifications:
A self-motivated Cloud (AWS and Azure) Engineer offering about 8 years of experience in Cloud/Linux/ environments with proficiency in cloud orchestration, security, identity & access management, monitoring and event management, governance & compliance, application delivery, data protection, image and patch management, self-service and ops analytics in AWS and Azure platforms.
Technical Skills and Technology Stack:
• Cloud Orchestration/Automation: AWS CloudFormation, AWS Lambda, AWS Systems Manager, AWS SSM Parameter Store, Ansible, Docker
• AWS Security: AWS Security Hub, AWS Guard Duty, AWS Shield, AWS Firewall Manager, AWS Inspector, etc.
• Monitoring & Event Management: AWS CloudWatch (Events & Logs), AWS SNS, AWS S3
• Identity & Access Management: AWS Organization, AWS IAM, AWS AD Connector, Active Directory, AWS Workspaces, AWS Secrets Manager, etc.
• Governance & Compliance: AWS Config Rules, AWS Organization, AWS Control Tower, AWS Trusted Advisor, AWS Well Architected Tool, AWS Budgets, AWS License Manager, etc.
• Programming Languages: Bash, JSON, YML, Python
• Application Delivery: Jira Jenkins, Bitbucket, Confluence, AWS Code Pipeline, AWS Code Commit, AW
• Data Protection: AWS Certificate Manager, AWS KMS, Snapshot Lifecyle Manager, AWS Cloud HSM,
• Self Service: Service Catalog
• Network: VPC, VGW, TGW, CGW, IGW, NGW etc.
• Image & Patch: AWS SSM Patch Manager, AWS Golden AMI Pipeline
• AWS Platform: AWS CloudFormation, AWS Lambda, AWS Systems Manager, S3, VPC, EC2, ELB, RDS, SNS, SQS, SES, Route53, CloudFront, Service Catalog, AWS Auto Scaling, Trusted Advisor, CloudWatch etc. Education:
Howard University
Chemical Engineering/ 2018 – Present
Montgomery College, United States of America
Associate of Science in General Engineering /2014 - 05/2018 Certifications :
• AWS Certified Solutions Architect – Associate
• AWS Certified Cloud Practioner
Professional Experience:
AWS Architect 12/2018 – Present
PFSCM, Arlington VA
• Developed and leveraged baseline and custom guardrails, policies, centralized policy enforcement, tagging policies and a well architected multi account environment.
• Implemented Machine Image Pipeline and integrated Patch Management
• Migrated legacy applications to AWS cloud environment
• Leveraged Docker to build, test and deploy applications in different environments.
• Developed LLDs for migrating various applications including network sizing, Instance types, names, tags etc.
• Developed required and optional tagging reference document for automation, compliance and consolidated billing
• Developed baseline VPC and Network design including leveraging VPN connectivity and Direct Connect
• Developed baseline AWS account security, implemented/integrated end-point protection, vulnerability scanning and intelligent threat detection
• Built serverless architecture with Lambda integrated with SNS, CloudWatch logs and other AWS services.
• Leveraged automated DevOps tools deployment and Blue-green deployment patterns and strategies
• Configured CI/CD Pipelines using Jenkins connected to GitHub and build environments (Dev, stage & Prod)
• Implemented IAM best practices and role-based access control
• Implemented AWS Organization to centrally manage multiple AWS accounts including consolidated billing and policy-based restrictions
• Implemented Control Tower Preventive and Detective guardrails and leveraged Account Factory, integrated with Lambda for new AWS account creation and setup.
• Setup Ansible control and slave nodes and developed playbooks to automation configuration of servers across environments.
AWS Engineer 01/2017 – 12/2018
Bank of America, VA
• Managed provisioning of AWS infrastructures using CloudFormation
• Design for high availability and business continuity using self-healing-based architectures, fail-over routing policies, multi-AZ deployment of EC2 instances, ELB health checks, Auto Scaling and other disaster recovery models.
• Created patch management using Systems Manager automation for multi-region and multi account execution
• Implemented preventive guardrails using Service Control Policies (SCPs)
• Implemented detective guardrails using Cloud Custodian policies and AWS config
• Designed and implemented for elasticity and scalability using Elastic ache, CloudFront – Edge locations, RDS (read replicas, instance sizes) etc.
• Implemented security best practices in AWS including multi factor authentication, access key rotation, encryption using KMS, firewalls- security groups and NACLs, S3 bucket policies and ACLs, mitigating DDOS attacks etc.
• Implemented Jenkins, GitHub and Git for version control, code build, testing and release and CI/CD.
• Monitored end-to-end infrastructure using CloudWatch and SNS for notification
• Used AWS system manager to automate operational tasks across AWS resources
• Project Management -AWS Infra design & application migration
• Used System Manager to automate operational tasks across WK AWS infrastructure.
• Setup AWS Single Sign On (SSO) for on premise Active Director (AD)
• Built kinesis dashboards and applications that react to incoming data using AWS provided SDKs; and exported data from kinesis to other AWS services including EMR for analytics, S3 for storage, Redshift for big data and Lambda for event driven actions
• Developed and documented security guardrails for AWS Cloud environments
• Built custom images though docker server, docker compose with multiple local containers and created production grade workflows and a continuous application workflow for multiple images
• Implemented multiple container deployments to AWS and maintained sets of containers with deployments
• Setup, Configured, and used Ad Hoc ansible Command
• Designed secured, cost optimized, highly available and fault tolerant infrastructure in AWS
• Architected and configured Dev/Stage/QA environments in AWS (VPC, subnets, security groups, EC2 instances, load balancer, RDS, Redis, route53, etc.)
• Implemented security best practices in AWS including multi factor authentication, access key rotation, role- based permissions, enforced strong password policy, configured security groups and NACLs, S3 bucket policies and ACLs, etc.
• Optimized cost through reserved instances, selection and changing of EC2 instance types based on resource need, S3 storage classes and S3 lifecycle policies, leveraging Autoscaling etc.
• Leveraged EC2 Create Snapshot API call to create snapshots of EBS Volumes on scheduled intervals
• Configured CloudWatch alarm rules for operational and performance metrics for our AWS resources and applications
• Setup and configured logs files for detail monitoring and alerts notification when changes are made.
• Monitoring from end-to-end view of runtime systems CPU, bandwidth, disk space and log files using New Relic
• Deployed and configured infrastructure using Terraform and Ansible
• Architected and implemented continuous integration and deployment pipelines using Jenkins and other CI
• Implemented identity federation using FreeIPA to enable users to seamlessly connect to multiple services AWS/Linux Administrative 03/2013 – 01/2017
Vertex Group Inc, Columbia MD
• Designed, deployed and clustered High Availability servers on VMware Exsi using vSphere Client
• Performed applications installation, upgrades/patches, troubleshooting, maintenance, and monitoring Linux servers
• Installation, configuration and administration of Enterprise Linux
• Created, managed and administered user accounts security and ssh password less login
• Network configuration & troubleshoot issues with respect to network and configuration files
• Configuring Apache, NFS, FTP, and SMB
• Create users, groups and give permissions on bear metal servers
• Task automation, service management and application deployment using Ansible and Jenkins
• Build and configured Linux servers from scratch with type one hypervisors for virtualization and network components
• Perform security setup, networking, system backup and patching for both AWS, and on-premise environments.
• Architect high availability environment with auto scaling & Elastic Load Balancer
• Securely deploy MySQL Primary DB and its read replica in private subnet with multi AZ for disaster recovery and best practice
• Migration of high availability webservers and databases to AWS EC2 and RDS with minimum or no downtime
• VPC build with Private and Public Subnet couple with VPNs setup back to on premise datacenter and cooperate offices
• VPC peering with other Accounts allowing access and routing to service and users of separate account to communicate.
• SSL setup for Apache and Nginx application couple with AWS ELB SSL for all http to https thereby maximizing security
• Network, CPU, Disk and connectivity monitoring with CloudWatch and setup to trigger alarm and notify system administrators
• Aide setup for and configured for logs files detail monitoring and alerts notification when changes are made.
• Performed root-cause analysis of recurring issues, system backup, and security setup
• Security groups configured and locked down to the various authorized subnet and IP addresses in AWS
• Automated deployment, configuration and security settings using Ansible
• Experienced in GitHub (cloning a Git repository, creating a branch, pushing to Git from local, making a PR, etc.)
• Architected and implemented continuous integration and deployment pipelines using Jenkins and other CI
• Experienced in GitHub
Contact this candidate