Post Job Free
Sign in

Senior AWS /Cloud DevOps Architect

Location:
Golden Valley, MN, 55422
Posted:
November 20, 2024

Contact this candidate

Resume:

Ed Sebastian

SR. AWS Cloud & DevOps Architect

*************@*****.*** 678-***-****

Profile Summary:

Over 11 years of experience in Information Technology, including 8+ years specializing in cloud technologies, with a proven track record as a Senior Cloud Architect. Successfully transitioned organizations from monolithic systems to microservices, driving scalability and performance improvements.

Extensive expertise in designing and implementing solutions on AWS and Microsoft Azure, with in-depth knowledge of services like Azure Virtual Machines, Amazon EC2, Azure Kubernetes Service (AKS), EKS, Azure Virtual Network (VNet), RDS, Azure Data Lake Storage, Elastic Load Balancing (ELB), Identity and Access Management (IAM), Azure Active Directory, Route 53, Direct Connect, and Azure ExpressRoute.

Proficient in deploying and managing large-scale containerized applications using Docker, Kubernetes, AKS, and EKS, ensuring operational efficiency and reliability.

Skilled in automating cloud environments using scripting languages such as Bash, Python, and Groovy, along with expertise in Infrastructure as Code (IaC) tools like Terraform and CloudFormation for seamless CI/CD pipeline integration using Azure DevOps and GitHub Actions.

Strong capabilities in securing cloud environments through tools and services like Azure AD, IAM, CloudWatch, and Splunk, with a focus on proactive monitoring and ensuring high system availability.

Experienced in deploying advanced cloud services, including EKS, Azure App Services, and CloudFront, as well as hosting web applications on Azure Blob Storage and AWS S3 with integration via CloudFront, Azure CDN, and Route 53, leveraging IaC templates.

Comprehensive understanding of the Software Development Life Cycle (SDLC) with a focus on DevOps and Agile methodologies, ensuring smooth integration and continuous delivery using tools like Azure Pipelines.

Proficient in managing both Linux (Ubuntu, RedHat) and Windows server environments, ensuring seamless operations across diverse platforms.

Skilled in analyzing business processes, defining technical requirements, and crafting innovative use cases that align with organizational goals and drive efficiency.

Expertise in designing secure, resilient, and scalable end-to-end cloud systems tailored for performance and availability.

Hands-on experience with monitoring and observability tools, including Azure Monitor, CloudWatch, Prometheus, Datadog, Grafana, and Nagios, to optimize cloud environments and enhance performance.

Proven leadership and mentorship abilities, fostering high-performing teams through exceptional communication, analytical thinking, and interpersonal skills.

Technical Skills:

DevOps: Docker, Ansible, Kubernetes, Chef, Puppet, Jenkins, Maven, Gradle, Subversion, Git

CLOUD: AWS, Azure

SCRIPTING: Python, Bash Shell, and Groovy scripting

MARKUP: JSON, HCL, YAML, XML

OPERATING SYSTEMS: Unix/Linux, Ubuntu, Amazon Linux 2, CentOS, Windows, Windows Server

MONITORING AND SECURITY: CloudWatch, Azure Monitor, CloudTrail, Splunk, ELK, Prometheus, Shield, Guard Rails

NETWORK PROTOCOLS: TCP/IP, UDP/IP, DNS, DHCP, SMTP, SNMP, ICMP

DATABASE: DynamoDB, SQL Server, MySQL, Postgres DB, MariaDB, Amazon Aurora

SECURITY SERVICES: Familiarity with cloud-specific security tools and services (AWS IAM, AWS KMS, Azure Security Center, Google Cloud IAM), (Software as a Service) and PaaS (Platform as a Service)

Professional Experience:

Sr. DevSecOps Architect

Sep 2023 - Present, Publix, Lakeland FL

Summary: As a Senior DevSecOps Architect at Publix, I spearheaded the development and implementation of a secure microservices architecture on AWS and Azure. This included deploying robust encryption mechanisms and automating infrastructure provisioning through AWS CloudFormation, Terraform, and Azure Resource Manager (ARM) templates. I enhanced Kubernetes (AKS/EKS) clusters with advanced security controls, performed in-depth security assessments, and established centralized logging using the ELK Stack and Azure Monitor. These efforts ensured confidentiality, integrity, and availability of critical systems while driving operational efficiency.

Designed and implemented microservices architectures on AWS and Azure, leveraging ECS, Azure Kubernetes Service (AKS), and Kubernetes for efficient container orchestration.

Automated infrastructure provisioning and management using AWS CloudFormation, Terraform, and Azure ARM templates, seamlessly integrating them into CI/CD pipelines such as Azure Pipelines.

Performed regular security assessments and vulnerability scans using tools like Azure Security Center, AWS Inspector, and Nessus to identify and mitigate risks.

Enforced stringent security measures, including Azure Network Security Groups (NSGs), Kubernetes RBAC, and network policies within AKS/EKS clusters to safeguard data and prevent unauthorized access.

Secured data at rest and in transit by implementing encryption protocols such as Azure Key Vault, AWS KMS, and SSL/TLS.

Centralized logging with the ELK Stack and Azure Monitor, enabling real-time aggregation and analysis of logs for efficient monitoring and troubleshooting.

Developed custom Prometheus exporters for comprehensive metrics collection, enabling detailed monitoring of application and service performance.

Integrated security tools like OWASP ZAP, Azure DevTest Labs, and SonarQube into CI/CD pipelines, automating vulnerability scans and static code analysis for proactive issue resolution.

Automated build, testing, and deployment workflows using GitLab CI/CD pipelines, Azure Pipelines, and AWS CodePipeline for seamless and reliable deployment of models and applications.

Optimized real-time data management with Azure Cosmos DB and DynamoDB, ensuring high performance and scalability for e-commerce fulfillment systems.

Configured AWS and Azure environments to support machine learning model deployment, enhancing operational efficiency across the deployment lifecycle.

Automated security incident responses using AWS Lambda, Azure Functions, and Azure Logic Apps, with monitoring through CloudWatch and Azure Monitor.

Implemented automated security compliance checks using AWS Config, Azure Policy, and Security Hub, ensuring adherence to industry standards and regulations.

Optimized server environments on Amazon Linux 2 and Azure VMs, improving performance and reducing costs.

Architected scalable and secure AWS and Azure infrastructures using CloudFormation and ARM templates, adhering to best practices and organizational policies.

Authored and maintained templates to provision resources such as EC2 instances, VMs, VPCs, S3 buckets, Blob Storage, RDS, Azure SQL, and Lambda functions.

Enhanced incident response and troubleshooting with automated Bash scripts for log collection and analysis across AWS and Azure.

Strengthened application resilience with AWS Shield Advanced and Azure DDoS Protection, safeguarding services against DDoS attacks.

Deployed and monitored security tools like AWS CloudTrail, Amazon GuardDuty, Azure Monitor, and Azure Security Center to identify and respond to threats in real time.

Conducted security audits to ensure compliance with industry standards like PCI DSS and HIPAA, and delivered security awareness training to foster a culture of security-first practices.

Applied least privilege and defense-in-depth strategies to mitigate risks and enhance the security posture of AWS and Azure infrastructures.

Containerized applications using AKS/EKS, Azure Container Registry (ACR), ECR, and Docker Hub, following best practices aligned with DevSecOps principles.

Collaborated with security teams to implement controls and measures in line with organizational security standards on AWS and Azure.

Enforced security policies across infrastructures, including MFA and IAM policy implementation, ensuring strict access controls and regulatory compliance.

Automated routine tasks like instance provisioning, backups, and resource tagging using Python scripts, Boto3, and Azure SDK for Python.

Integrated Nagios, Datadog, and Azure Monitor for comprehensive infrastructure monitoring, enabling real-time threat detection and response.

Used Grafana for performance visualization and monitoring, providing actionable insights into resource utilization and system behavior across AWS and Azure environments.

Cloud Security Architect

May’21-Aug’23, Champion Energy, Houston, Tx

Summary: As a Cloud Security Architect at Champion Energy, I directed the secure migration of Linux environments to AWS, utilizing AWS CloudFormation and Ansible for precise and efficient configuration management. I strengthened the organization's security posture by integrating Splunk for centralized logging and SIEM, automating the deployment of microservices with AWS ECS and Kubernetes, and creating secure server provisioning workflows using Ansible and Puppet. Additionally, I conducted comprehensive security assessments, automated backup processes, and developed custom monitoring solutions with Python and CloudWatch, ensuring high availability and robust security throughout the cloud infrastructure.

Directed the secure migration of Linux environments to AWS, employing AWS CloudFormation and Ansible for precise configuration management.

Managed AWS Network Access Control Lists (NACLs) to enforce network security policies, controlling resource access and traffic flow.

Integrated Splunk for centralized logging and SIEM, facilitating real-time threat detection and effective incident response strategies.

Automated server and application provisioning using Ansible Playbooks and Puppet Manifests, with deployments streamlined via Jenkins.

Developed Python-based ETL pipelines, leveraging AWS services like S3, RDS, and Redshift for efficient data processing and management.

Established and optimized GitLab CI/CD workflows to enhance integration, testing, and deployment efficiency for cloud-native applications.

Improved cloud infrastructure automation by combining AWS services with custom scripts to optimize performance and ensure compliance.

Designed and implemented security incident response (SIR) procedures for rapid and coordinated action during security events.

Automated deployment and scaling of microservices using AWS ECS and Kubernetes, ensuring high availability and scalability.

Conducted regular penetration testing and threat analysis to proactively address security vulnerabilities within the cloud ecosystem.

Enhanced security monitoring by integrating the ELK Stack with SIEM solutions for advanced threat detection.

Automated critical data backup and recovery processes on AWS using Bash scripts, ensuring data integrity and availability.

Implemented AWS CodePipeline to automate delivery workflows, enabling consistent and error-free releases.

Orchestrated Puppet configurations to maintain secure installation, upgrades, and system configurations aligned with security standards.

Secured Kubernetes clusters and Docker environments using Ansible Playbooks tailored for container orchestration.

Leveraged AWS CloudTrail for activity auditing and compliance, bolstering the overall cloud security posture.

Utilized DynamoDB for real-time data processing, enabling scalable and efficient database management.

Engineered custom monitoring solutions with Python and CloudWatch, generating actionable alerts for specific metrics.

Configured Prometheus Alert Manager to automate incident response through customized notifications.

Collaborated with development teams to design secure database capacity plans and optimize instance selection.

Built custom Grafana dashboards for real-time monitoring of Kubernetes clusters, Docker containers, and application performance.

Utilized Docker, Jenkins, and Maven for secure build pipelines, maintaining artifact integrity with Nexus and JFrog Artifactory.

Automated deployments using YAML-based Ansible Playbooks, orchestrated through Ansible Tower for scheduling efficiency.

Integrated AWS IAM roles and compliance standards into CI/CD workflows to ensure secure software delivery.

Partnered with cross-functional teams to optimize CI/CD pipelines, troubleshoot issues, and maintain comprehensive documentation.

Conducted performance testing and failover validation for PCF applications linked to RDS Multi-AZ instances, ensuring resilience.

Led security awareness initiatives to foster a security-conscious culture within the organization.

Configured Elastic Load Balancers and EC2 Auto Scaling groups, optimizing performance and security based on CloudWatch insights.

Designed secure Lambda services, conducting comprehensive vulnerability analysis during the development lifecycle.

Implemented advanced log monitoring for database and performance troubleshooting, using Jenkins and Bamboo for secure CI management.

Automated virtual network provisioning with Terraform templates and managed software processes with Ansible Tower.

Leveraged AWS CodeBuild and CodeDeploy to automate build and deployment pipelines, reducing manual intervention and accelerating releases.

Secured Kubernetes and Docker environments, focusing on best practices for containerized application management.

Automated AWS server administration using Ansible roles, ensuring both operational efficiency and robust security measures.

Enhanced Jenkins and Bamboo environments with security plugins, integrating Maven for continuous and secure builds.

AWS Data/ Cloud Engineer

Mar’19-Apr’21, Travelers Insurance, New York City, NY

Summary: As a Cloud Data Engineer at Travelers Insurance, I led the efficient management and operation of RDS and EC2-based databases, ensuring strong security measures and maintaining data integrity. I utilized AWS Glue to streamline ETL processes and employed Amazon Kinesis for real-time data processing and analysis. Additionally, I optimized infrastructure performance using CloudFormation and automated CI/CD pipelines while improving system monitoring and scalability with Prometheus, Elasticsearch, and Kubernetes.

As an AWS Data/Cloud Engineer at Travelers Insurance, I led the seamless management of RDS and EC2-based databases, ensuring optimal performance, security, and data integrity.

Utilized AWS Glue to maintain data consistency and compliance, enabling efficient cataloging, ETL processing, and preparation workflows.

Developed Bash scripts for administrative tasks on EC2 instances, including user management, system updates, and log rotation.

Leveraged Prometheus for real-time monitoring of Kubernetes clusters and microservices, ensuring high availability and peak performance.

Configured Elasticsearch and Grafana to enhance log management, search capabilities, and system performance monitoring.

Streamlined CI/CD pipelines using automated Bash scripts, collaborating with cross-functional teams to optimize DevOps processes.

Managed microservices communication with API gateways and service meshes like Istio, improving security and performance.

Optimized network infrastructure using Route 53, DNS, ELB, and IP configurations to enhance network performance and reliability.

Ensured the integrity and availability of RDS and EC2-based databases by implementing robust security protocols and high-availability configurations.

Designed scalable and resilient applications with AWS services such as multi-AZ deployments and ECS.

Automated infrastructure provisioning and management with AWS CloudFormation templates, adhering to best practices for Infrastructure as Code (IaC).

Used Amazon Kinesis for real-time data ingestion, processing, and analysis to drive data-driven decision-making.

Managed GitHub repository configurations for streamlined version control and collaborative development.

Built serverless applications using AWS Lambda and Python for data processing and integration with third-party APIs.

Conducted regular reviews and updates of IaC templates to ensure alignment with security standards and industry best practices.

Migrated containerized environments from ECS to Kubernetes, optimizing resource utilization and scalability.

Enhanced application performance through effective use of web services, API gateways, and integration design principles.

Automated repetitive tasks using event-driven and scheduled AWS Lambda functions, improving operational efficiency.

Provided diverse storage solutions such as S3, EBS, EFS, and Glacier to meet varied business needs.

Streamlined application deployment using AWS Elastic Beanstalk for consistent and efficient delivery.

Troubleshot Kubernetes cluster issues, ensuring a stable and efficient containerized infrastructure.

Automated AWS infrastructure management using Python scripts and custom tools.

Designed and managed AWS cloud infrastructure leveraging services like EC2, S3, RDS, VPC, Lambda, and IAM.

Implemented configuration management with AWS Systems Manager, Puppet, and Chef to automate resource management processes.

Utilized CloudWatch and CloudTrail for comprehensive monitoring and alerting of performance and security metrics.

Migrated large-scale datasets to AWS using AWS DataSync, ensuring efficiency and durability in data management.

Orchestrated CI/CD pipelines to accelerate software deployment and maintain optimal application performance.

Enhanced RDS and EC2 database performance through data partitioning, indexing, and other optimization strategies.

Integrated GitHub and Jenkins to improve development workflows and enhance software delivery efficiency.

Cloud/ DevOps Engineer

Jan’17-Feb’19, Biogen, Cambridge, MA

Summary: As a Cloud Engineer at Biogen, I managed and optimized critical Linux applications, ensuring operational efficiency and reliability. I implemented Nagios for real-time monitoring and streamlined build and deployment workflows using Jenkins pipelines. Additionally, I restructured software build systems and contributed significantly to managing Linux servers, Oracle RAC, and SAN-based network infrastructures.

Designed and implemented DevOps CI/CD pipelines on AWS using AWS CodePipeline, CodeBuild, and CodeDeploy to automate the software development lifecycle.

Developed DevOps infrastructure using tools like Terraform and AWS CloudFormation for provisioning scalable and reliable AWS environments.

Implemented DevOps monitoring solutions with AWS CloudWatch, CloudTrail, and ELK Stack to ensure the performance and security of applications.

Managed Linux servers, overseeing critical operations such as Apache/Tomcat administration, mail server management, MySQL database handling, and firewall configurations across development and production environments.

Streamlined software builds, patch creation, source control, and release tracking/reporting processes on UNIX platforms by introducing efficient tools and workflows.

Configured Linux servers for Oracle Real Application Clusters (RAC) and managed SAN-based network infrastructures, including switch setups and 3PAR OS virtualization.

Enhanced scalability and deployment efficiency by establishing robust Jenkins pipelines and integrating multiple nodes.

Enabled seamless continuous deployments by configuring SSH and optimizing Jenkins for User Management, Plugin Management, and automated Build and Deployment workflows.

Administered key Linux applications, such as Apache, Active Directory, BIND, SSH, NFS, DHCP, and SNMP, ensuring system performance and reliability.

Implemented and optimized Nagios for proactive application monitoring, allowing for early detection and resolution of potential issues.

Configured NIS and DNS naming services, managing public DNS servers to ensure reliable and consistent name resolution.

Monitored system resources, including CPU, memory, disk, and swap space usage, to address performance bottlenecks proactively.

Managed source code repositories and orchestrated daily development, testing, and production builds, as well as software deployment operations.

Leveraged JIRA for comprehensive issue tracking and project monitoring, enhancing team collaboration and transparency.

Strategically managed Jenkins Pipelines, improving efficiency in weekly and nightly builds and creating an optimized test environment, reducing integration issues and boosting code quality.

Contributed to network infrastructure by configuring Brocade and Cisco switches, while successfully implementing vCenter and VMware ESXi Hypervisor installations.

AWS Engineer

Jan’16-Dec’16, Huntington Bank, Columbus, OH

Summary: As an AWS Engineer at Huntington Bank, I designed and managed scalable, secure cloud infrastructures leveraging AWS services such as EC2, S3, Lambda, and RDS. I developed and maintained Infrastructure as Code (IaC) using CloudFormation and Terraform, ensuring high availability and compliance with security best practices. By automating CI/CD pipelines, implementing disaster recovery strategies, and migrating on-premises workloads to AWS, I optimized the bank's cloud operations for performance, scalability, and cost-efficiency.

Design, deploy, and manage AWS cloud infrastructure to support enterprise applications.

Develop and maintain Infrastructure as Code (IaC) using tools like AWS CloudFormation, Terraform, or Ansible.

Ensure high availability, scalability, and performance of cloud-based systems by leveraging AWS services such as EC2, S3, Lambda, RDS, and Auto Scaling.

Configure and manage Virtual Private Clouds (VPCs), subnets, routing tables, and security groups.

Implement AWS security best practices, including IAM policies, roles, and security groups.

Perform regular audits and compliance checks, ensuring alignment with Huntington Bank's security policies and regulatory requirements.

Configure and manage AWS Key Management Service (KMS) for data encryption.

Set up and monitor CloudTrail and AWS Config to track and log account activities and resource configurations.

Build and maintain CI/CD pipelines using AWS CodePipeline, CodeBuild, and CodeDeploy.

Automate resource provisioning and configuration using Python, Bash, or PowerShell scripts.

Collaborate with DevOps teams to improve deployment workflows and reduce manual interventions.

Utilize AWS CloudWatch, Elasticsearch, and Prometheus to monitor system health, set up alerts, and troubleshoot performance issues.

Implement robust logging mechanisms using tools like CloudTrail and AWS Lambda for log aggregation and analysis.

Conduct root cause analysis of production issues and implement corrective measures.

Manage AWS RDS, DynamoDB, and Redshift for secure and efficient data storage.

Leverage AWS Glue, Kinesis, and EMR for data integration and real-time data processing.

Automate backup and disaster recovery strategies using S3, Glacier, and other AWS services.

Work closely with development, operations, and business teams to define requirements and deliver cloud solutions aligned with business goals.

Stay updated on AWS service offerings and emerging technologies to recommend improvements and implement innovative solutions.

Lead and execute cloud migration projects, including migrating on-premises workloads to AWS.

Modernize existing applications and infrastructure by adopting serverless architectures and containerization using AWS ECS or EKS.

Software Test Engineer

Jan’13-jan’16, Thoughtworks, Chicago, Illinois

Developed and executed over 200 automated test cases using Python, reducing manual testing efforts by 30% and speeding up the release cycle by 20%.

Analyzed performance metrics and resolved more than 140 issues (e.g., performance, network, GUI) via JIRA, leading to a 15% improvement in system performance, as reflected in customer feedback and internal benchmarks.

Mentored three junior team members, guiding them in testing methodologies and best practices to foster their professional growth.

Conducted monthly regression, longevity, and upgrade tests, achieving 89% system stability and proactively addressing performance issues to minimize downtime.

Documented and organized essential information in Confluence, contributing to the creation of 15 knowledge base articles, enhancing continuous improvement within the team.

Configured and optimized 30 virtual machines for various test scenarios, increasing test coverage and efficiency by 25%.

Led root cause analysis for 20+ complex performance issues, identifying key bottlenecks and implementing effective solutions.

Evaluated storage features like snapshots, data compression, and encryption, ensuring compliance with industry standards and customer requirements.

Utilized monitoring and logging tools (e.g., ELK stack, Telemetry) to analyze test results and provide insights, reducing system downtime by 10% and improving overall system behavior.

Skilled in leveraging Amazon Web Services (AWS) for cloud computing, including deploying applications, managing infrastructure, and using services like EC2, S3, RDS, and Lambda to create scalable, reliable solutions.

Education:

M.S. in Information Systems

Virginia Commonwealth University Richmond, VA

BE in Computer Science Engineering

Virginia Commonwealth University Richmond, VA

Certifications:

Amazon Web Services Cloud Foundations

Lean Six Sigma Green Belt



Contact this candidate