Modeste Genie Mbunwe Nkoko
Solutions Architect/DevOps Engineer/Oracle DBA
Greenbelt, MD 20770
US CITIZEN
202-***-**** ********@*****.***
Summary of Qualifications:
Self-motivated Cloud Solutions Architect with 11 years of overall IT experience with proficiency in cloud orchestration, security, identity & access management, monitoring and event management, governance & compliance, application delivery, data protection, image and patch management, self-service and ops analytics in AWS platform. Strong organizational, interpersonal, and stake holder expectation management skills. Excellent communication (written + oral), strong articulation and presentation skills, Strong problem-solving Self-driven and ability to perform in demanding environment, envisioning and solution skills, with an ability to draw big picture at the same time able to detail on lower level functional issues,very reliable and able to work independently as well as a team player and can manage own workload, Strong leadership skills with ability to lead Consultants Great hands on experience with Web Services development/deployment cloud computing
Technical Skills and Technology Stack:
Cloud Orchestration/Automation: AWS CloudFormation, Terraform AWS Lambda, AWS Systems Manager, AWS SSM Parameter Store, Ansible, Docker
AWS Security: AWS Security Hub, AWS Guard Duty, AWS Shield, AWS Firewall Manager, AWS Inspector, etc.
Strong understanding of Architecture, Design and implementation experience in access management
Monitoring & Event Management: AWS CloudWatch (Events & Logs), AWS SNS, AWS S3
Identity & Access Management: AWS IAM, AWS AD Connector, Active Directory, AWS Workspaces, AWS Secrets Manager, etc.
Used Terraform to create, manage, and update infrastructure resources such as physical machines, VMs, network switches, containers
Governance & Compliance: AWS Organization, AWS Config Rules, AWS Organization, AWS Control Tower, AWS Trusted Advisor, AWS Well Architected Tool, AWS Budgets, AWS License Manager, etc.
Programming Languages: Bash, JSON, YML, Python
Application Delivery: Jira, Confluence, Jenkins, Bitbucket, AWS Code Pipeline, AWS Code Commit
Data Protection: AWS Certificate Manager, AWS KMS, Snapshot Lifecyle Manager, AWS Cloud HSM
Self Service: Service Catalog
Network: VPC, VGW, TGW, CGW, IGW, NGW etc.
Image & Patch: AWS SSM Patch Manager, AWS Golden AMI Pipeline
Ops Analytics: Splunk exposure
IAC: CloudFormation, Terraform
AWS Platform: AWS CloudFormation, AWS Lambda, AWS Systems Manager, S3, VPC, EC2, ELB, RDS, SNS, SQS, SES, Route53, CloudFront, Service Catalog, AWS Auto Scaling, Trusted Advisor, CloudWatch etc.
High Availability
Migration from on-Premises to Cloud
Backup and recovery using RMAN
Database Performance, monitoring, analyzing and tuning to enhance performance
Database upgrades and patches
Database encryption using Advanced measures like TDE
Disaster recovery using data guard
Real time replication using Golden Gate
RAC for high availability
Education:
Bachelor in Computer Science /2009
University of Buea, Cameroon
Certifications:
CompTIA Security Plus
AWS Certified Solutions Architect – Professional
AWS Certified Solutions Architect – Associate
Oracle Certified – Associate
Oracle Cloud Interface
Oracle certified Professional
PSM1 Certified (Scrum)
Professional Experience:
Infosys/Pfizer PA and Verizon VA 08/2019–Present
AWS Solutions Architect
Developed and leveraged baseline and custom guardrails, policies, centralized policy enforcement, tagging policies and a well architected multi account environment.
Implemented Machine Image Pipeline and integrated Patch Management
Developed SDDs for various applications including Diagrams (using Lucid Chart) for Current State/End State Architecture and network topology, security architecture, outlining dependencies, constraints and risks in the SDD
I created security groups to secure EC2 Instances
I have used Amazon ECR to define specific actions, resources, and condition keys, using precisely AWS JSON policies to specify who has access to what. Defining which principal can perform actions on what resources, and under what conditions.
I have created and manage file storage in s3 buckets
I have used Network ACLs to secure subnets
I have used the AWS Policy Generator to create a bucket policy for Amazon S3 bucket
I have used the generated document to set bucket policy by using the Amazon S3 console, through several third-party tools, or via application
I have used Service control policies (SCPs) to manage permissions in my organization by leveraging central control over the maximum available permissions for all accounts in my organization.
I used IAM role to create and manage users and groups and define their privileges
Used Terraform to create, manage, and update infrastructure resources such as physical machines, VMs, network switches, containers
Migrated legacy applications to AWS cloud environment
Leveraged Docker to build, test and deploy applications in different environments.
Developed LLDs for migrating various applications including network sizing, Instance types, names, tags etc.
Developed required and optional tagging reference document for automation, compliance and consolidated billing.
Developed baseline VPC and Network design including leveraging VPN connectivity and Direct Connect
Leveraged CloudWatch alarms baseline and centralized logging with AWS landing zone
Managed ERP related features like Integration, Automation, Data Analysis, Reporting, Customer Relationship Management, Accounting, Tracking and Visibility.
Design and deployed containerized workload solutions on Kubernetes.
I have great experience in handling CI/CD pipelines, CFTs using Azure devOps and Jenkin
Designed for high availability and business continuity using self-healing-based architectures, fail-over routing policies, multi-AZ deployment of EC2 instances, ELB health checks, Auto Scaling, and other disaster recovery models.
Leveraged Auto scaling groups to right-size EC2 pools to match the level of demand and helped to manage costs by eliminating excess capacity to maintain optimal level of resources.
Developed baseline AWS account security, implemented/integrated end-point protection, vulnerability scanning and intelligent threat detection.
Built serverless architecture with Lambda integrated with SNS, CloudWatch logs and other AWS services.
Leveraged automated DevOps tools deployment and Blue-green deployment patterns and strategies.
Configured CI/CD Pipelines using Jenkins connected to GitHub and built environments (Dev, Stage & Prod).
Ensure optimal ETL performance with a comprehensive view into infrastructure and application health
Identify individual database queries causing application latency or downtime in seconds
Optimize the performance of all applications running data manipulations with both APM and the Live Process view
Analyze in real time the lifecycle of the processes spun up to transform data
I coordinated with offshore daily to make sure they are delivering their respective work on time and with quality
I designed appropriate ETL flow considering all best practices and performance aspects in AWS.
I suggested Improvements and innovations to have best practices implemented and lowering cost
Implemented IAM best practices and role-based access control.
Implemented AWS Organization to centrally manage multiple AWS accounts including consolidated billing and policy-based restrictions.
I have great hands-on experience on performance enhancement, system monitoring and enhancements
Implemented Control Tower Preventive and Detective guardrails and leveraged Account Factory, integrated with Lambda for new AWS account creation and setup.
Knowledge across cloud infrastructure components (server, storage, network)
Setup Ansible control and slave nodes and developed playbooks to automation configuration of servers across environments.
Implemented AWS Organization to centrally manage multiple AWS accounts including consolidated billing and policy-based restrictions.
Migration of high availability webservers and databases to AWS EC2 and RDS with minimum or no downtime.
Deployed Applications using Kubernetes.
Experience in creating Docker Containers leveraging existing Linux Containers and AMI's in addition to creating Docker Containers from scratch.
Managed Docker orchestration and Docker containerization using Kubernetes.
Used Kubernetes to orchestrate the deployment, scaling and management of Docker Containers.
RCCL 05/2015– 08/2019
AWS Solutions Architect
Managed AWS infrastructure provisioning using Terraform.
Hands on experience with AWS cloudWatch to monitor VPC components and VPN connections
Used flow logs to capture information about IP traffic going to and from network interfaces in VPC
I used IAM policies to control access
I used IAM role to create and manage users and groups and define their privileges
Designed and deployed scalable, highly available, fault tolerant and reliable applications in AWS.
Hands-on experience with AWS CLI including deploying CFTs, managing S3, EC2, IAM on CLI.
Built serverless architecture with Lambda integrated with SNS, CloudWatch logs and other AWS services.
Leveraged automated DevOps tools deployment and Blue-green deployment patterns and strategies.
Configured CI/CD Pipelines using Jenkins connected to GitHub and build environments (Dev, stage & Prod).
I have used Service control policies (SCPs) to manage permissions in my organization by leveraging central control over the maximum available permissions for all accounts in my organization.
Developed baseline VPC and Network design including leveraging VPN connectivity and Direct Connect.
Leveraged CloudWatch alarms baseline and centralized logging with AWS landing zone.
Developed baseline AWS account security, implemented/integrated end-point protection, vulnerability scanning and intelligent threat detection.
Implemented IAM best practices and role-based access control.
Implemented AWS Organization to centrally manage multiple AWS accounts including consolidated billing and policy-based restrictions.
QVC - West Chester, PA 05/2012– 05/2015
AWS Solution Architect /DBA
Database migration using Datapump and Transportable Tablespaces.
Monitored and Managed Oracle Databases Using both OEM and Linux CLI.
Performing Backup and recovery using RMAM and user managed Backup.
Performed Database disaster recovery using Data Guard.
Configured Data Guard Primary and Physical Standby for Disaster Recovery.
Performed Database upgrade from 11g to 12c using DBUA.
Performed Performance Tuning tasks to enhance the performance of Databases using tools like AWR, ASH, ADDM, SQL Baseline, SQL Tuning Advisor, OEM,TOAD etc.
Recommended and implemented DR strategies for Business Continuity and HA.
Provided technical perspective on configurations (DR, Golden Gate, RAC).
Performed Database upgrades and patches from 10g to 11g and to 12c using DBUA.
Used Oracle Golden Gate for live replication.
Used Real Application Clusters (RAC) for High Availability.
Database Migration using Data pump and Transportable tablespace.
TDE for data/data encryption.
Environment: JIRA, Confluence, AWS Console, LINUX, AWR, ASH, ADDM, SQL Tunning Advisor, Service Now,Json,Java, Yaml, DrawIO, Visio
KeyBank – Cleveland, OH 06/2010 – 04/2012
Oracle DBA
Handled projects in monitoring, deploying and applications on LINUX/UNIX servers.
Installation, configuration and administration of Enterprise Linux and Unix Systems.
Configure LVM-based partitions and manage mount points usage as needed Creating, cloning Linux.
Performing capacity analysis, monitoring and controlling disk space usage on systems.
Software installation and management using Yum and RPM.
Monitored and managed Oracle Databases using OEM.
Data Guard Configuration for disaster recovery.
Resolved huge log gaps between Primary and Standby databases.
Live replication of Data using Oracle Golden Gate