Support Technician Security Analyst
Resume:
Joseph okon
************@*****.***
Atlanta,Ga.
Professional Summary:
Having more than 14 years of experience in Information Technology and more than 4 years experience as a DevOps /SecDevOps Engineer, Support and Maintenance in environments like Red Hat Enterprise Linux, Ubuntu and focus on DevOps tools on AWS Cloud hosted environment.. Create and maintain fully automated CI /CD build processes for multiple environments, Support the day-to-day development operations. Experience working with security team, QE Automation, Development to ‘shift left’ and follow SecDevOps practices. Work with, Development, and the InfoSec to integrate testing tools into pipelines Build CI/CD systems using tools like Git/GitHub, Jenkins, SonarQube, Fortify, K8s, Maven, Ansible, Docker, and Terraform. GitOps.
Experience working on AWS and using services like IAM, VPC, EC2, EBS, S3, ELB, Auto Scaling, Route 53, and SNS and create custom sized VPC, EC2 instances, ELB and Security groups to deploy DevOps Toolchain.
Using Terraform to designed highly available, cost effective and fault tolerant systems using multiple EC2 instances, Auto Scaling, Elastic Load Balancer and AMIs.
Establishing connectivity to AWS Resources in another VPC in another region using AWS VPC Peering.
Configured S3 buckets with various life cycle policies to archive the infrequently accessed data to Storage classes based on requirement.
Creating alarms in Cloud watch service to get more visibility for monitoring the server performance, CPU Utilization, disk usage and take appropriate actions in case of resource performance issues.
Used ELB to distribute application across multiple resources and Availability Zones
Configure RDS to simplify relational database security, administration backups, redundancy, failovers, scalability, and geographical distribution using Postgres, Mysql.
Experience on DevOps essential tools like Ansible, Docker, GIT, Jenkins, Nexus, SonarQube, Maven to AWS and Managed Services like EC2, S3, Route53, ELB, and EBS.
Good Hands on experience in creating Jenkins jobs, plug-in installations, setting up distributed builds using master/slave concepts.
Automated deployment of builds to different environments using Jenkins.
Automate Deployment using configuration Management tool like Ansible to enable Continuous Deployments.
Experienced in using Build Automation scripting like Maven as build tools for building of deployable artifacts (JAR, WAR) from source code.
Worked on Provisioning of AWS instances using Terraform and User data.
Experience in using Tomcat and Apache web servers for deployments.
Experience in Docker like creating Docker images, containers, Docker files, tagging and publishing to Docker Hub.
Good knowledge on app deployment to the Kubernetes clusters Work Experience:
US Tech Solutions Inc. SecDevOps Engineer 1/23 -
[Nike Inc.] Contract
Supporting the team in designing, implementing and maintaining a secure software development, deployment, and operations pipelines. Working closely with software development and security teams to ensure that our applications are secure, reliable, and scalable.
Automate security testing and vulnerability scanning in the development process
Work with development teams to ensure security requirements are met throughout the software development lifecycle
Monitor and respond to security threats and incidents
Implement security controls and tools to ensure the confidentiality, integrity, and availability of our applications and systems are maintained.
Provide guidance and support to development teams on secure coding practices
Collaborate with Governance / Compliance teams to develop and implement security policies and procedures
Conduct security assessments and audits to ensure compliance with industry and regulatory standards are ensured.
Keep up-to-date with the latest security threats, trends, and technologies
Understand and participate in SCRUM/Agile sprints.
Strong knowledge of DevSecOps principles, tools, and practices
Experience with cloud platforms such as AWS Cloud
Application performance monitoring using Splunk
Experience with security testing tools such as SonarQube/Sonar Cloud, Nexus, WIS, Twistlock, OWASP ZAP, Dependency Checker, and Synk.
Implement shift left by creating and integrating security into every stages of the development BMX pipeline with SCA,SAST,DAST and Container security
Strong understanding of security standards and frameworks such as OWASP Top10, SAN Top 25, ISO 27001, NIST, and CIS benchmark
Integrate Sonarqube/ Sonar Cloud with Jira so that issues can be created in Jira with a click of a button. This saves a lot manual effort and time in creating Jira ticket for reporting security vulnerabilities in Jira and assign tickets to developers for a fix. Push SecDevOps mindset and ensure best practices are followed, issues prioritized and understood Fineos Corporation DevOps Build and Release Engineer 10/21 - 1/23 Create and maintain our build and deployment pipelines to facilitate continuous integration, continuous delivery and test automation of our product implementations of the core FINEOS AdminSuite product.
Support and maintain build and deployment pipelines to facilitate continuous integration, continuous delivery and test automation of product implementations.
Own, manage and improve our release process. Focus on scale, efficiency, and quality.
Support regular cadence of promotion of solution builds/releases, upgrades and hotfixes for variety of customers
Work directly with engineering, product and project teams to ensure all release schedules stay coordinated and on time.
Triage and troubleshoot issues relating to CI and CD pipelines.
Collaborate with and educate engineers on proper use of build and source control systems.
Strong familiarity with software configuration management systems and/or source code version control systems, SVN, Git.
Experience with the build, deployment and automated test pipelines of Web application. o Experience with Jenkins, Gradle, Maven.
o Experience with Nexus/Artifactory or other Artifact repositories o Experience with Continuous code inspection tools, eg configuring SonaQube, Quality Gate, running static analysis tools such as PMD, Check style, Findbugs,, Fortify, reports into CI pipelines.
o Experience with cloud technologies and architecture, ideally AWS. o Experience with configuration deployment tools like Ansible/Terraform/. Familiarity with agile development processes.
DHL e-Commerce DevOps platform Engineer 06/21-10/21 Use Source control management such as Git, Github, SVN, and Subversion Knowledge of Java builds systems and tools including: Gradle, Maven Well versed with Jenkins Declarative/Scripted Pipelines Experience maintaining automated build systems such as Jenkins Experience test frameworks such as JUnit, TestNG and integrating test automation into DevOps pipelines Experience working with software development project tools Jira and Confluence Knowledge of artifacts repository management tools such as Artifactory Cloud Native Concepts and hands-on-experience with Openshift Build and Deployments Cloud Concepts and hands-on experience with Public Cloud Providers such as AWS, Working knowledge of containerization (Docker), and supporting technologies Experience with Orchestration tools like Kubernetes- Microservice Architecture, and Openshift Client Deploy to kubernetes with Jenkins GitOps GitHub pipeline EMK Technologies DevOps Pipeline Enablement Engineer 09/2018 – 06/2021. Technical/ Functional Summary:
Code management best practices such as branching, merging, and integration strategies. Experience in Release Engineering - Building, maintaining and deploying web/SaaS applications. Experience in designing and deploying CI/CD workflows and pipelines using JenkinsFile Experience with build tools (Maven)
Experience with GitHub administration and setting up authentication, authorizations, configuring Webhooks, status checks, and branch protection rules. Knowledge of Git version control system and using various Git commands to perform some basic activities such as creating branches, repositories and resolving merge conflicts. Experience with Artifact management using Sonatype Nexus3 Experience with source code version control systems (GitHub) and methodologies Exceptional skill in Management and orchestrating pipelines using Jenkins with Groovy script Exposure to Configuration management using Ansible Exposure to Containerization and Orchestration using Docker, Compose and Swarm Comfortable using Linux command line interface, Bash /shell scripting Enable DevOps by moving code from Dev/Test to Staging and Production. Troubleshoot issues along the CI/CD pipeline.
Good knowledge of SAFE -Agile development process from app build through deployment. Experience with Jenkins server administration and performing activities like setting up authentication, authorization, security hardening, managing Jenkins nodes, installing plugins and monitoring
Experience in Code coverage/Quality Gate using SonarQube, Jacoco Experience building DevSecOps pipeline.
Integrate OWASP Dependency checker for source composition analysis Integrate Git Secrets in the Pipeline using Trufflehog Integrate SAST with SonarQube, Fortify in pipeline. (Static Application Security Testing) Integrate DAST-ZAP (zed attack proxy) Baseline scan in CI/CD Pipeline (Dynamic Application security Testing)
Provision Infrastructure and managing resources on AWS using IAC Terraform. Experience setting up system monitoring tools (e.g. Prometheus and Grafana). Have experience building out and deploying CI/CD and configuration management tools Have strong experience deploying applications into AWS. Defined AWS Security Groups which acted as virtual firewalls that controlled the traffic allowed reaching one or more AWS EC2 instances.
Project #1:
EXIMLOG USA DevOps Support Engineer
Environment : AWS, Linux, Git, Jenkins, Ansible, Terraform, Docker. Project based : 01/2018 – 08/2018 (8month)
Roles & Responsibilities:
Setting up EC2 instances and prerequisites on the instances for deploying the applications.
Designing and deploying AWS solutions using EC2, S3, Elastic Load balancer (ELB), auto scaling groups.
Provisioning of infrastructure and resources using Terraform on AWS.
Experienced in creating multiple VPC's, public, private subnets as per requirement and established connectivity to AWS Resources in another VPC in another region using AWS VPC Peering.
Used security groups, network ACL's, internet gateways and route tables to ensure a secure zone for organization. Used Git Hub repository to run Jenkins job for Continuous Integration.
Installing and Configuring Jenkins, Installing plug-in, configuring security, creating a master and slaves for implementation of multiple parallel builds.
Designed and documented CI/CD tools configuration management.
Managing the working environments through configuration management tool Ansible.
Working on Ansible Playbooks and Roles to bring the required infrastructure changes.
Automated deployment of builds to different environments using Jenkins.
Responsible for installation & configuration of Jenkins to support various Java builds and Jenkins plugins to automate continuous builds and publishing Docker images to the Nexus repository.
Experience in Docker like creating Docker images, containers, Docker files, tagging and pushing to Docker Hub.
Created multi containers application (SpringBoot and MongoDB) using Docker compose, creating deployments using Yaml code.
Splunk Security Analyst – SIEM RollSec Technologies Austell, GA 2016- 2017
• Splunk ES installation, configuration, and Administration
• On boarding various types of logs sources into Splunk in accordance to Common information model (CIM).
• Assisting in incident review, Continuous monitoring of system activity, respond to alert, critical events, and investigation.
• Analyze security incidents to identify the root cause, report on weakness and develop remediation strategies.
• Document and escalate incidents (including event’s history, status, and potential impact for further action) that may impact the enterprise environment.
• Incident response and Event correlation using information gathered from a variety of sources. • Perform risk assessments on security systems, analyze results and provide recommendation.
Select Import (Atlanta Ga) Computer support technician 5/2015- 9/2016 Build and configure hardware and update software. Repairing computers and ensuring the Servers are functioning properly. Running diagnostic programs and maintaining computer networks. Gathering data to assist the need of the customer. System administration. Resolving incorrect configuration settings. Remove viruses or spyware, be able to replace hardware or reinstall the entire operating system. Ability to identify simple and complex problems, analyze and come with effective solutions to rectify them. Saumur Engineering Services, Nigeria Information Technology Ass. Manager 6/2011- 9/2013 Managing IT staff, communication job expectations and monitoring performance. Assist in gathering, organize, analyze and present a variety of information. Effectively manage configuration/ maintenance of records associated with system management. Effectively assist department unit with other staff and agencies, providing support including procedural documentation and relevant reports. Work well under pressure, meeting multiple and sometimes conflicting deadlines. Constantly demonstrate cooperative behavior with colleagues, supervisors and vendors/clients. Inspect and monitor information technology project.
Fibertech Solution. Nigeria Fiber Optic technician 12/2009 -1/2010 Install, configure and maintain networking equipment including but not limited to routers, switches, hubs, print server and file Server. Design, implement and maintain network cabling system including pulling, termination and certification of copper and fiber optic cable. Installation of patch panels, racks and other termination equipment, Fiber optic cable splicing assembly, OTDR testing as well as troubleshooting. Springwood Technologies. Nigeria System Network/Security 10/2000 – 3/2008 Protect the company’s data and information systems, install and configure ASA Pix Firewall, routers and switches within the network..Install and configure antivirus for protection. LAN and WLAN installation. Monitor and maintain computer system and networks. Install network printer. Windows Server installation and configuration. Setup new user’s accounts, password, group policies. Cisco Firepower- URL filtering. Endpoint security
Assurance Communication Networks. Nigeria Network support technician 12/1998 – 8/2000 Design and install well-functioning computer networks, connection and cabling. Perform troubleshooting system failures and identify bottlenecks to ensure long term efficiency of network, installed switches, testing and configuring software, troubleshoot local area networks WLAN and data communication equipment
Micro Link Limited. Nigeria System Support Technician 7/1995 – 12/1998 Diagnosing, repairing and re-assembly of personal computers. Install, configure and troubleshoot computer systems, windows operating system and related software applications. Coordinate parts supply with vendors for warranty and other technical related issues. Re-imaging, staging of laptops and desktops as required. Train and communicate basic technical concepts to users. Perform root cause analysis, develop checklist for typical problem and recommends procedure and controls for problem prevention. Technical Skills:
DevOps AWS, Linux, Bash scripting, Jenkins, Automation, Ansible, GitHub, Git, DSL, CI/CD, MongoDB, Groovy, Terraform, Maven, Nexus, SonarQube, Jira, Apache Tomcat, Docker, Splunk, Cybersecurity, ITIL
Education/Certifications
Bachelor Degree, Computer Science, Tansian University CompTIA A+, CompTIA Security + AWS Cloud practitioner Information Technology Infrastructure Library –ITILv4, Linux, Rhel, Ubuntu DevOps Engineering
Contact this candidate