VIBHUTIBEN MAHANT

Email : ads94y@r.postjobfree.com Phone : +1-314-***-****

Gained More than 8+ years of experience in an analysis, architecture, design and infrastructure security and governance. Solutioning and maintenance of highly functional Cloud systems with uninterrupted workflows and consistent productivity. Skilled and experienced in the oversight and proactive monitoring of my environment through leveraging tools and system monitoring best practices to forestall network downtime and likelihood of security compromises. Experienced in the AWS, AZURE, Identity Management, vulnerability assessment and network security tools such as Web Inspect, Fortify, DLP, Splunk, Nessus and Trend Micro.

Identity & Access Management

Vulnerability Assessment

Network Security

Cloud Security

Enterprise Hybrid Cloud

Project Management

IT Strategy, Governance & Leadership

Application Performance Management

Scrum & Waterfall

Testing/QA/Rollout/Support

Production Support

PROFESSIONAL SUMMERY

Expertise on Identity and Access Management, RBAC, Least Privilege.

Experienced on Cloud Migrations from on premise to AWS/Azure, utilizing migration strategies, tools, VPC, EC2, S3, Glacier, CloudFormation, CloudWatch, Snowball

Experience with configuration management using Ansible and Infrastructure as a Code provisioning using Terraform.

Designing and developing new back-end services, maintaining, and expanding our AWS infrastructure.

Practical knowledge about Sequence Diagram, Class Diagram, Workflow Diagram and ER diagrams which using UML, Visio, Draw.io and Luicidchart design tools

Very good understanding of AWS, AZURE, Splunk, Sailpoint, Ansible

Strong knowledge about software development using Waterfall, and Agile Methodology (SCRUM) (Version One).

Experience in using version controller tools like Subversion (SVN) and CVS, ServiceNow, JIRA and Git.

Quick learner with outstanding ability to work under pressure and ability to do multitasking and thrive in a dynamic environment.

TECHNICAL SKILLS

Operating Systems

Centos, Linux, Ubuntu, Unix and Windows

CI/CD Tools

Basic understanding of Jenkins, Docker, Ansible, Chef, Kubernetes (High Level Overview)

Source Control Tools

GIT, Bitbucket

Programing Language

Python, Javascript, JASON, HTML, CSS, .Net, Bash, YAML, JSON, PowerShell

Data Base

RDS, Aurora, PostgreSQL

Cloud

AWS EC2, VPC, ELB, IAM, SNS, Cloud Watch, S3, Cloud Trail, Route53, SQS, CloudFormation, KMS, System Manager, SSO, Terraform, Config, CertManager, Single Sign On, KMS, WAF

Methodologies

Agile, Scrum and Waterfall

Web Service

Web Logic, Web Sphere, Apache Tomcat, Jboss

Bug Tracking Tools

Jira, ServiceNow

PROFESSIONAL EXPERIENCE

A & T Systems, Maryland Nov 2021 - Current

Role: Cloud Infra/Security Engineer

Responsibilities:

Developed Bash, JSON and YANL scripts for CloudFormation and Terraform automation templates

Leveraged AWS Control Tower to set up and govern a secure, multi-account AWS Environment

AWS environment. Implemented Security Controls as per the requirement (PII, PHI, NIST, FedRamp)

Perform periodic technical reviews for cloud infrastructure

Worked on core AWS services such as Setting up new server (EC2) instances/services in AWS, configuring

security groups, and setting up Elastic IP’s, auto-scaling, and Cloud Formation.

Managed Route53 hosted zones, configuring aliases for the Elastic Load Balancer applications and responsible for maintaining ACLs, Security Groups, firewall configurations

Utilized CloudWatch to monitor resources such as EC2, RDS, EBS Volumes, set alarms for notification and automated actions to monitor the logs for a better understanding and operation of the system

Responsible for system administration tasks such as user/group management, assigning permissions, managing disk space usage, logical volume management, patching, software’s, and hardware upgrades, troubleshooting issues, process monitoring, install, upgrades and manage packages via RPM and YUM package management.

Maintaining SLA in resolving and troubleshooting the tickets as part of operations and production support for troubleshooting issues.

Provided guidance to the team and stakeholders by Designing, solutioning the cloud migration efforts and integration with the various cloud services, tools and on premises integration for cloud and hybrid cloud migration

Designed and solution the requirements to strengthen the security posture of the company and present to the higher management and Architecture Review Board

DHS, Maryland Jan 2019 – Nov 2021

Role: Cloud Engineer

Responsibilities:

Developed and leveraged baseline and custom guardrails, policies, centralized policy enforcement, tagging

Worked on landing zone and control tower set up activity

Setup AWS Organization and AWS Security Hub services for centrally manage multiple AWS accounts including consolidated billing and policy-based restriction and security compliance

Assisted on security configurations and activities for legacy applications migration to AWS cloud environment

Migrated on-premises machines to AWS cloud using cloud Endure tool

Developed logical data sharing for migrating various applications including network sizing, Instance types, names, tags etc.

Developed required and optional tagging reference document for automation, compliance, and consolidated billing

Worked on Site-to-Site VPN connectivity with on premises to AWS

Set up AWS SSO with Azure AD for single sign on authentication

Developed baseline VPC and Network design including leveraging VPN connectivity and Direct Connect

Developed baseline AWS account security, implemented/integrated end-point protection, vulnerability scanning and intelligent threat detection

Built serverless architecture with Lambda integrated with SNS, Cloud watch logs and other AWS services.

Implemented IAM best practices and role-based access control

Implemented AWS Organization to centrally manage multiple AWS accounts including consolidated billing and policy-based restriction

Supporting the Security infrastructure of the enterprise, resolving issues, tickets via Freshdesk and JIRA tool.

ACL, Kansas City, MO April 2017 – Oct 2018

Role: Cloud Security Engineer

Responsibilities:

Performed extensive migration of all life-Cycle Systems within the Environment from On-Premises Solutions to Amazon AWS Cloud-based environment

Created, configured, and ensured connection to RDS database running Oracle, PostgreSQL & MySQL engines

Created highly available and scalable infrastructure in AWS cloud by using various AWS services like EC2, VPC, Auto scaling, ELB, RDS, Route53

Actively automate provision of AWS EC2 Instances using private hardened AMIs & baseline

Responsible for maintaining the integrity & security of systems by creating & managing Security Groups and Network ACLs to ensure controlled access to Instances & Subnets respectively

Database migration from on premise to AWS

Performed a strategy using AWS Identity and Access Management (IAM) Role for community platform systems and successfully implemented the same setting precedence for other teams to follow

Worked with the governance team to ensure the security measures of the AWS resources are aligned with the NIST, HIPPA, PII compliance guidelines

Managing project scope, schedule, status, and documentation

Guided teams on project processes, deliverables and contribute to the proposal development, client training and internal capability building and help detail the project scope.

Dreams Technology, Ahmedabad March 2012– July 2015

Role: Cloud Engineer

Responsibilities:

Create and maintain users accounts profiles, security, rights disk space and process monitoring

Provide technical support by troubleshooting day-to-day issues and escalations.

Supported and advised on projects that involved planning, analysis, design, development, testing, quality assurance, configuration, installation, implementation, integration, maintenance, and management of cloud IT assets and infrastructure.

Helped educate enterprise customers on AWS and participated in deep architectural discussions to ensure solutions are designed for successful deployment in the cloud.

Ability to work within an agile project management methodology.

Experienced in designing the overall Virtual VPC environment including server instance, storage instances, subnets, network access controls, security groups, peers, availability zones etc.

Served as a security expert in areas such as vendor risk management, application development, database design, network, cloud-based services, and platform (operating system) efforts, helping comply with enterprise and IT security policies, industry regulations, and best practices.

Researched, designed, implemented, and advocated new technologies, architectures, and security products that will sustainably support security requirements for the customers enterprise.

Worked closely with development teams to remediate application vulnerabilities detected throughout the secure development lifecycle.

Liaised with relevant stakeholders to ensure that security controls are implemented and communicated effectively.

Learned how to assess and implement multiple control standards, such as ISO27001, NIST800-53, SSAE SOC2, HIPAA and others.

Researched and investigate cyber threats and security incidents in the cloud environment.

Performed comprehensive risk assessment of new or existing cloud service that business needs to use.

Developed a Security strategy, guidelines, configurations for the cloud services used. Ensured optimum efficiencies for the utilization of cloud services.

Assisted in designing, planning, and implementing security tools, controls, policies, and processes.

Provided management report on security posture of the cloud services being used.

SKILLS:

Project Management:

Scrum & Waterfall

Costing & Budgeting

Testing/QA/Rollout/Support

Technical:

AWS/Azure Cloud

Cloud Orchestration tools

Security & Governance

Vulnerability Assessment

Value-Added Leadership:

Team Building & Mentoring

Client Relations & Presentations

Business & IT Planning

Vendor Management

EDUCATION DETAILS:

Pursuing Master’s in Computer Science with Cyber Security, Harrisburg University PA (USA)

Completed Master’s in Computer Engineering, Dharmsinh Desai University, Nadiad, India - 2014

Completed Bachelor’s in Computer Engineering from SVIT, India in 2010

CERTIFICATIONS:

AWS (Amazon Web Services):

AWS Certified Security – Specialty

AWS Certified Solutions Architect – Associate

AWS Certified Cloud Practitioner

Microsoft Certified: Azure Security Engineer Associate

Microsoft Certified: Azure Fundamentals

Contact this candidate