Senior Cloud / DevOps Architect
Resume:
Snehith Varma
Lead AWS Cloud/DevOps Architect
Phone: (917) 463 - 3996; Email: ************@*****.***
Professional Summary
●10+ years of IT experience in full-stack development, with a focus on cloud-native applications.
●8+ Years of hands-on experience in Amazon Web Services including EC2, VPC, S3, EBS, ELB, Cloud-Front, IAM, RDS, Cloud Watch.
●Project experience of designing and architect server less web application using AWS Lambda, API Gateway, Dynamo Db and Security Token Service (STS).
●Experience in cloud migration, especially the network related infrastructure provisioning using Terraform and Jenkins jobs.
●Hands on experience of BASH Shell scripting on Ubuntu Linux environment with Amazon AWS CLI.
●Good understanding of Web Application deployment and maintenance of IIS 5.0 and 7.0, Apache on Amazon Web Service (AWS).
●Demonstrated understanding of AWS data migration tools and technologies including Storage Gateway, Database Migration, and Import-Export services.
●Good understanding of networking concepts including TCP, VPN, VPC, NAT, Bastion Host, Subnet, DNS, Gateways and Routers.
●Excellent knowledge of source control management concepts such as Branching, Merging, Labeling/Tagging, and Integration, with tools like GIT and TFS.
●Good knowledge of full Software Development Life Cycle (SDLC) stages in a Waterfall and Agile environment.
●Adept at Relational database design, stored procedure, triggers, user-defined functions, SQL jobs.
●Experience establishing complete DevOps pipelines using tools such as Git, Jenkins, Maven, Docker, Ansible, and Kubernetes.
●Create Docker files and automate Docker image creation using Jenkins and Docker.
●Experience in figuring and deploying application servers Apache Tomcat.
●Hands-on experience performing tasks in databases (e.g., Casa GCP, MSSQL) and strong working knowledge of database administration and Windows Server administration.
●Proven skillful troubleshooting issues that arise during building, deploying, and the production support and documenting phases of the build and release process.
●Experience serving multiple roles and applying various methodologies, configuration, and build management strategies.
Technical Skills
Cloud: AWS, Azure.
IAC: Terraform, CloudFormation.
Programming Languages: Python, Java, C#, PHP.
Scripting: Python, YAML, Shell scripting.
DevOps: Docker, Ansible, Kubernetes, Maven, GIT Build
CICD: GitHub Action, Jenkins
Data Visualization Tools: PowerBI, Athena.
Monitoring: CloudWatch, Grafana, Prometheus.
Log Monitoring: CloudWatch, Splunk, ELK Stack (Elasticsearch, Logstash, Kibana).
Monitoring & Security: AWS CloudTrail, Amazon GuardDuty, AWS Key Management Service (KMS), AWS Security Hub, AWS Inspector, AWS WAF (Web Application Firewall), AWS Shield, CloudWatch, Datadog, Grafana, Nagios, ELK Stack, Prometheus.
Identity Management: AWS Identity and Access Management (IAM), AWS Cognito, AWS Single Sign-On (SSO), AWS Secrets Manager, Amazon Directory Service, AWS Organizations, AWS Federated Identity (via SAML, OIDC)
Databases/Data Structures: Apache Cassandra, DynamoDB, Microsoft SQL.
Software: Microsoft Project, VMWare, Microsoft Word, Excel, Outlook, PowerPoint.
Operating Systems: Windows 10, Unix/Linux, Ubuntu, CentOS, Windows Servers.
Network Protocols: TCP/IP, FTP, HDFS, SMTP, ICMP, TELNET, UDP, and RIP, iSCSI, NIS, DNS, DHCP, Cisco Routers/Switches, WAN, LAN.
Professional Experience
Lead DevOps & Cloud Security Architect
MetLife Inc., New York City, NY December 2023 – Current
As Lead Cloud DevOps & Security Architect at MetLife, I led the migration of AWS infrastructure to a Cloud Broker Service, enhancing network efficiency and security through Software Defined Networking (SDN) and Direct Connect Gateway. I ensured data protection using AWS Key Management Service (KMS), implemented Transit Gateway for optimized traffic flow, and enforced stringent IAM policies for secure access control. By automating infrastructure with Terraform and incorporating security best practices, I maintained regulatory compliance and improved overall cloud security posture.
Led the migration of AWS infrastructure to a Cloud Broker Service, improving connectivity and efficiency by leveraging Software Defined Networking (SDN) principles.
Replaced existing VPC connections with Direct Connect Gateway, reducing the complexity and operational overhead associated with managing Dedicated Direct Connect links.
Utilized AWS Key Management Service (KMS) to manage encryption keys, ensuring sensitive data is encrypted at rest and in transit across VPCs, S3 buckets, RDS databases, and other storage solutions.
Implemented Transit Gateway to centralize and optimize traffic flow, ensuring efficient connectivity to MetLife's core infrastructure within AWS.
Designed and managed network architecture, employing advanced SDN technologies to streamline connectivity and minimize complexities within the cloud environment.
Configured Network Access Control Lists (NACLs) and Security Groups to limit and control inbound and outbound traffic, restricting communication to only the necessary services.
Spearheaded the integration of Equinix services (P18) into the Cloud Broker Service, enhancing connectivity, reliability, and performance across MetLife's AWS infrastructure.
Ensured the security of cloud infrastructure by implementing robust IAM policies and role-based access control to enforce the principle of least privilege.
Incorporated encryption mechanisms such as AWS KMS to safeguard sensitive data during transit and at rest.
Continuously monitored infrastructure security using AWS security tools such as GuardDuty, Security Hub, and CloudTrail to detect and mitigate potential threats.
Automated cloud infrastructure management processes using Infrastructure as Code (IaC) tools like Terraform and AWS CloudFormation, ensuring consistent and scalable deployments.
Enabled Service Control Policies (SCPs) across accounts to enforce security boundaries and restrict access to sensitive services globally.
Developed CI/CD pipelines to automate the deployment and management of infrastructure and applications, integrating security checks at every stage of the pipeline.
Integrated logs with AWS Security Hub for a consolidated view of security alerts and compliance status across multiple accounts and environments.
Deployed SIEM (Security Information and Event Management) tools to aggregate logs from CloudWatch, ELK Stack, and VPC Flow Logs, providing real-time anomaly detection and automated response mechanisms.
Secured all APIs using AWS API Gateway with stringent rate-limiting, IAM authorization, and OAuth2.0 integration to prevent abuse and unauthorized access.
Worked closely with cross-functional teams, including security, network, and DevOps engineers, to ensure alignment of the migration project with business goals and security requirements.
Provided leadership and guidance throughout the migration process, ensuring adherence to security best practices and compliance with regulatory standards.
Implemented centralized logging and monitoring solutions using CloudWatch, ELK Stack, and Prometheus to track infrastructure performance and ensure high availability.
Established incident response processes and runbooks for handling security incidents, network outages, and performance degradation, ensuring rapid response and minimal downtime.
Regularly conducted security audits and penetration tests to identify vulnerabilities in the cloud environment and implemented corrective measures to strengthen security posture.
Ensured compliance with industry regulations and security frameworks such as ISO 27001, HIPAA, and SOC 2.
Lead Cloud DevOps Engineer
State Street Corporation, Boston, MA. Sep 2022 – Nov 2023
As Lead Cloud DevOps Engineer at State Street Corporation, I designed and deployed AWS infrastructure with a focus on high availability, fault tolerance, and auto-scaling using services like EC2, S3, and RDS. I automated infrastructure management with Terraform, integrated microservices using Kubernetes and Docker, and implemented continuous integration with Jenkins. Additionally, I streamlined operations with Python scripts for AWS services and enhanced monitoring through Datadog dashboards and the ELK stack, ensuring efficient and scalable cloud solutions across multiple environments.
Designed, configured, and deployed Amazon Web Services (AWS) for multiple applications using the AWS stack (EC2, Route53, S3, RDS, CloudFormation, CloudWatch, IAM) focusing on high availability, fault tolerance and auto-scaling.
Created Python scripts to automate AWS services, which included web servers, ELB, CloudFront distribution, database, EC2 and database security groups, S3 bucket and application configuration.
Used critical AWS tools and used ELBs and Auto-Scaling policies for scalability, elasticity, and availability.
Automated Datadog Dashboards with Stack through Terraform Scripts.
Created Infrastructure-as-Code model using Terraform.
Hands on Experience in container-based technologies Kubernetes, Docker and ECS.
Developed microservice on boarding tools leveraging Python and Jenkins allowing for easy creation and maintenance of build jobs and Kubernetes deploy and services.
Leveraged Terraform along with the previously mentioned tools to automate AWS.
Deployed infrastructure across Dev, QA, Staging, and Production environments using Terraform modules.
Managed Terraform state files for a large team.
Wrote Terraform scripts to configure CloudWatch alerts.
Developed and deployed AWS Lambda functions for system automation tasks.
Built and maintained Docker container clusters managed by Kubernetes, utilizing Linux, Bash, Git, and Docker.
Created Jenkins jobs to deploy infrastructure using local Git repositories containing Ansible code.
Implemented IAM roles and policies to ensure least privilege access, enhancing security by restricting unnecessary permissions.
Integrated AWS Key Management Service (KMS) to encrypt sensitive data across services like S3 buckets, EC2 instances, and databases, both in transit and at rest.
Used security groups and Network Access Control Lists (NACLs) to control inbound and outbound network traffic, minimizing exposure to unauthorized access.
Ensured encryption standards, security group configurations, and audit logging were embedded in Terraform automation to maintain compliance and security across environments.
Use Transit gateway, Direct network connect and implement hub and spoke model for security VPN.
Implemented Jenkins continuous Integration tools.
Applied DevOps operations processes and tools to review code, perform unit test automation, build and release automation, etc.)
Wrote terraform Templates in HCL format to build the AWS services with the paradigm of Infrastructure-as-Code.
Configured ELK stack in conjunction with AWS and use Logstash to output data to AWS S3.
Installed, set up, configured and supported Centos and Amazon Linux servers.
Applied hands-on development and configuration experience with software provisioning tools such as Ansible.
Create and maintain Highly Scalable and fault tolerant multi-tier AWS and Azure environments spanning across multiple availability zones using Terraform and Cloud Formation.
Utilized Terraform for automating AWS EC2 creation.
Used Shell Scripts to automate the deployment process.
Automated deployment and configuration of Redis for application caching.
Applied knowledge and experience with MongoDB, Elastic Search, Logstash, and Kibana (ELK stack).
Sr. Cloud & Data Engineer
Primark Stores, Boston, MA Apr 2020 – Aug 2022
As a Senior Cloud & Data Engineer at Primark Stores, I led the design and deployment of AWS-based microservices, cutting infrastructure costs by 50% while improving scalability. I also implemented a highly available Kubernetes infrastructure and automated Java application deployments with Python and Puppet. By setting up a robust CI/CD pipeline and migrating on-premises applications to AWS, I significantly enhanced operational efficiency and reliability.
Designed and deployed microservices on AWS using Amazon EC2, ECS, and Lambda, leading to a 50% reduction in infrastructure costs and enhanced scalability.
Implemented microservices in a load-balanced, highly available, and fault-tolerant Kubernetes infrastructure.
Automated the deployment and management of Java applications on Linux servers using Python scripting and Puppet.
Managed Docker containers within Kubernetes clusters using the OpenShift platform.
Set up a CI/CD pipeline with AWS CodePipeline and CodeBuild, cutting deployment time from hours to minutes and boosting team efficiency.
Designed and optimized data storage solutions using Amazon RDS, DynamoDB, and Amazon S3, ensuring high availability, fast access, and cost-effective scalability for large datasets.
Implemented data migration strategies from on-premises systems to cloud-based databases on AWS, ensuring data integrity, minimizing downtime, and optimizing performance using AWS Data Migration Service (DMS).
Developed a serverless application leveraging AWS Lambda, Amazon S3, and DynamoDB, achieving a 60% cost reduction and enhanced performance.
Migrated an on-premises application to AWS using AWS Server Migration Service, reducing operational overhead and improving reliability.
Orchestrated Docker containers and managed Kubernetes clusters to support various application environments on AWS using Docker, Ansible, and Terraform.
Applied security best practices for AWS services like Amazon RDS and S3.
Built microservices onboarding tools with Python and Jenkins to streamline build jobs and Kubernetes deployments.
Designed and implemented highly available and scalable AWS architecture for a SaaS application, reducing downtime by 80% and achieving 99.99% availability.
Architected a scalable AWS infrastructure for a high-traffic e-commerce website, resulting in 99.99% uptime and a 30% sales increase.
Automated provisioning and repetitive tasks using Terraform, Python, and Docker container orchestration.
Contributed to the development and configuration of test environments using Docker containers and Kubernetes.
Implemented AWS cost optimization and rightsizing strategies, reducing infrastructure expenses by 20% while maintaining performance.
Conducted regular AWS security audits and enforced security best practices, including VPC, IAM policies, security groups, and KMS encryption, ensuring zero security incidents.
Deployed AWS backup and disaster recovery solutions using AWS Backup, Disaster Recovery, and Storage Gateway to ensure business continuity.
Developed and maintained monitoring and alerting solutions with AWS CloudWatch, AWS Config, and Lambda, improving incident response times by 50%.
AWS Solution Engineer
Eli Lilly & Company, Indianapolis, Indiana Mar 2018 – Apr 2020
As an AWS Solution Engineer at Eli Lilly & Company, I led the design and deployment of highly scalable, cloud-based applications using services like API Gateway, DynamoDB, and Lambda. I established a DevOps model, streamlining processes for multiple development teams, and automated infrastructure management with Ansible, Docker, and Jenkins. Additionally, I optimized AWS network components and ensured compliance with security best practices, enhancing platform reliability and efficiency.
Established a DevOps model on AWS to support multiple development teams efficiently.
Designed, developed, tested, and deployed highly scalable and resilient cloud-based applications using AWS services, including API Gateway, DynamoDB, and Lambda.
Configured AWS network components such as IPSEC VPN tunnels, VPC Peering, Transit Gateway, security groups, and NACLs.
Provided technical expertise throughout the entire cloud program lifecycle, covering both Infrastructure as a Service (IaaS) and Platform as a Service (PaaS).
Developed an AWS DevOps framework tailored for multiple development teams, streamlining workflows and processes.
Managed application configurations across various environments and oversaw the production release process to ensure high platform reliability and availability.
Ensured regular compliance with tagging and patching standards for AWS servers.
Created and managed S3 buckets and utilized Glacier for storage and backup, ensuring effective policy management.
Supported and integrated Continuous Delivery (CD) pipelines into Jenkins using its pipeline suite.
Installed, configured, and managed Jenkins CI on Linux, including plugin management for tools like GIT, Maven, and Ansible.
Automated the deployment of applications and MySQL containers in Docker using Python.
Leveraged Ansible for configuration management, automating routine tasks and deploying microservices on AWS.
Containerized applications by building Docker images from Dockerfiles.
Managed Artifactory repositories for Maven and Ant builds.
Automated the build, deployment, and testing of web and J2EE applications using Ant and Maven scripts.
Installed and configured Docker and Docker-compose across various servers.
Developed APIs as needed using JavaScript.
Ensured application and infrastructure security by applying industry best practices and tools.
Implemented automation frameworks and tools on AWS to improve operational efficiency.
Managed build and release processes and created Standard Operating Procedure (SOP) documentation to establish operational guidelines and protocols.
Cloud Engineer
Clearway Energy Group, San Francisco, CA Jan 2016 – Feb 2018
As a Cloud Engineer at Clearway Energy, I automated server build, monitoring, and deployment processes using Jenkins and AWS EC2, significantly improving infrastructure efficiency. I implemented AWS ELB with auto-scaling, managing multi-tier, multi-region architectures through AWS CloudFormation, ensuring high availability and fault tolerance. Additionally, I integrated DevOps practices with Docker, Kubernetes, and Elastic Beanstalk, and enhanced project workflows and security by customizing JIRA and configuring AWS Security Groups.
Managed user roles, time tracking, security, and plugins across multiple projects.
Configured AWS ELB with auto-scaling and managed multi-tier, multi-region architectures via AWS CloudFormation.
Designed, developed, and implemented automated server build, monitoring, and deployment solutions using Jenkins, EC2, and other tools.
Integrated DevOps practices using AWS, Elastic Beanstalk, Docker, and Kubernetes.
Automated build and deployment pipelines, focusing on high availability, fault tolerance, and auto-scaling on AWS.
Installed and configured Ansible for automating infrastructure activities such as application server setup, deployment, and monitoring.
Created advanced workflows, scripted fields, and conditions in Jira; provided user management and training for JIRA.
Applied customizations and third-party add-ons to enhance JIRA functionality; integrated Jira with tools like SVN and Jenkins.
Assisted with system assessments and configuration services for upgrades, security, and database configurations.
Defined AWS Security Groups to manage traffic and protect EC2 instances.
Systems Administrator
Splendid Spoon, Minneapolis, MN Jan 2014 – Dec 2015
Supporting and troubleshooting TCP/IP network environment
Installing, Testing, Administrating, Troubleshooting, and managing the organization's local area networks in different locations with multiple servers and different topologies.
Installing, Operating, and Configuring LAN, WAN, and Remote access services for the organization's networks using Cisco devices.
Supporting Retail Manager in Updating the Price every day for the different stores.
Maintaining the Reports for Sales Day to Day and Monthly and Receiving the Shipment Physically and In the System.
Preparing the Credit Notes damages if any.
Assisting the Warehouse Manager for Transfer in and transfer out of Stock, Pathfinder file and Inventory.
Recommended and implemented system enhancements that improved the performance and reliability of the system, including installing, upgrading/patching, monitoring, problem resolution, and configuration management.
Education
Bachelor of Technology in Electronics and Communications
GITAM University, Hyderabad, India 2011
Master of Science in Data Science
Worcester Polytechnic Institute 2013
Contact this candidate