Post Job Free
Sign in

DevOps Lead/ Security Architect

Location:
Omaha, NE, 68114
Posted:
December 16, 2024

Contact this candidate

Resume:

Andy G.

DevOps Lead/ Security Architect

Phone: 912-***-****; Email: **********@*****.***

Profile Summary:

Dynamic Azure DevOps Architect with over 25 years of IT experience and 8+ years of specialized expertise as an Azure Cloud Architect, Data Engineer, and DevOps Engineer.

Key Competencies

•Cloud Technology Expertise: Skilled in Azure IaaS/PaaS services including Network Services, Load Balancers, App Services, Azure Functions, Logic Apps, VMs, VM Scale Sets, Front Door, Cosmos DB, Data Lake, Blob/File Storage, and Azure Active Directory.

•Cloud Migration Strategies: Proven ability to design and implement seamless migrations of on-premises legacy systems and cloud-native applications to Azure and hybrid cloud environments.

•Infrastructure Development: Proficient in building Azure Landing Zones to establish scalable, secure foundational infrastructures for diverse workloads.

•Distributed Systems: Expertise in designing and optimizing data pipelines and analytics architectures tailored to performance metrics, user feedback, and evolving requirements.

•Data Engineering: Adept in ETL processes, data modelling, and data integration, with experience in SQL data migration to Azure Data Lake Storage while preserving file structures and metadata.

•Monitoring & Observability: Experienced with tools like Prometheus and Grafana for Kubernetes, and integrating Prometheus, Grafana, ELK, and Splunk into CI/CD pipelines for robust log analysis.

•Networking & Security: Specialized in configuring Azure Virtual Networks (V-Nets), subnets, AKS service meshes, DNS, DHCP, security policies, and routing using tools like ARM Templates and Bicep.

•Containerization & Kubernetes: Extensive knowledge of Docker, ACR, and AKS, with expertise in deploying ISTIO service meshes for Kubernetes environments.

Professional Attributes

•Collaborative Leadership: Excels in team environments with strong communication, interpersonal, and project management skills.

•Problem-Solving Mindset: Demonstrates critical thinking, creative solutions, and sound decision-making in complex IT scenarios.

•Adaptability: Adept at navigating dynamic IT landscapes with a focus on time management, presentation, and innovative problem-solving.

Technical Skills:

Azure Services: Azure App Service, Azure Functions, Web Jobs, Azure Batch, Azure Logic App, Azure Container Services, Azure Container Registry, Azure Kubernetes Services, Virtual Machines, Virtual Machine Scale Set, Azure Bastion Host, Jump Server, Virtual Network Peering, Virtual Private Network, Express Route, Availability Sets, Availability Zones, APIM, Virtual Networks, Regions, Traffic Manager, Application Security, Front Door, Load Balancer, Network Security Group, Application Security Groups, Service Bus, Service and Private Endpoints, Azure Data Factory, Data Lake, Databricks, Azure Synapse, Azure Storage Account, Blob, Containers, Queue, Table, Access Keys, Shared Access Signatures.

Cloud Platform: Azure, AWS

DevOps: GitHub, Jenkins, Azure DevOps, YAML, CI/CD Pipelines, Blue-Green Deployment, Canary Deployment, Deployment Slots, SonarQube, ESLint, Cobertura, DotCover, coverage.py

Security: Azure Key Vault, Azure Firewall, Azure Security Center, Azure DDoS Protection, Azure Health Service, Azure Network Monitor, Azure Sentinel

Logging and Monitoring: Azure Monitor, Application Insights, Azure Log Analytics, Nagios, Splunk, ELK Stack (Elasticsearch, Logstash, Kibana), Datadog, Dynatrace, Prometheus, Grafana, AppDynamics, Azure Service Health, Azure Network Monitor

Bug Tracking Tools: JIRA, Bugzilla, Remedy, HP Quality Centre

Identity Management: OAuth, Azure Active Directory (AAD), Managed Identity, Service Principal, Azure AD B2C, Role-Based Access Control (RBAC), Azure Access Policies

Scripting & Programming Languages: Python, Scala, PowerShell, Bash/Shell, Java, JavaScript, ASP.NET, C#

Infrastructure Provisioning Tools: Terraform, Azure Resource Manager, Cloud Formation, ARM Template, BICEP

Configuration Management Tools: Ansible, Puppet, Chef, Salt Lake, PowerShell DSC

CI /CD Tools: Jenkins, Azure Pipelines, Gitlab Pipelines

Containerization Tools: Docker, Kubernetes

Source Code Management: GIT, GitHub, Gitlab, Bitbucket, Azure Repos.

Databases: Azure Cosmos DB, Apache Cassandra, SQL Databases, Azure Data Lake, Azure Databricks

Application/Web Servers: Apache Tomcat, NGINX, Internet Information Services (IIS), JBoss 4.1, IBM WebSphere, Oracle WebLogic

Operating Systems: UNIX, Linux, Windows, Ubuntu

Professional Experience:

Union Pacific, Omaha, Nebraska since August 2022

Azure DevSecOps Architect

Project Summary: As an Azure DevSecOps Architect at Union Pacific in Omaha, Nebraska, I led the design and implementation of secure, scalable Azure solutions for hybrid cloud environments. I spearheaded the development of resilient infrastructures, automated workflows using Azure DevOps, and optimized data processing with Azure Databricks and Synapse Analytics. Additionally, I conducted security assessments, implemented advanced access controls, and ensured compliance with data protection standards.

•Directed the development of Azure-based solutions tailored to accommodate on-premises infrastructure, hybrid cloud setups, and Azure public cloud services.

•Guided the team in designing and implementing modern data architectures using Azure PaaS services to enable advanced data visualization and analytics.

•Designed and deployed secure, scalable Azure cloud solutions by creating resilient network infrastructures, implementing stringent access controls, encrypting sensitive data, and establishing comprehensive disaster recovery plans.

•Managed ETL processes using Azure Data Factory, T-SQL, Spark SQL, and U-SQL within Azure Data Lake Analytics to streamline data workflows.

•Performed in-depth security assessments and threat modeling exercises to detect vulnerabilities and propose mitigation strategies for Azure-based deployments.

•Assessed the security configurations of Azure resources, identifying and addressing risks with tailored remediation strategies.

•Ingested and processed data from diverse sources into Azure Data Storage platforms, including Azure Data Lake, Azure Storage, Azure SQL, and Azure Synapse Analytics.

•Developed efficient data transformation pipelines leveraging Scala and Apache Spark on Azure Databricks, ensuring scalability and high performance.

•Built and optimized data warehousing models in Azure Synapse Analytics using Scala to support scalable and high-performing analytics solutions.

•Managed version control, build automation, and release workflows using Azure DevOps/VSTS, enabling seamless deployment across development, testing, and production environments.

•Designed and implemented secure network architectures within Azure Virtual Networks (VNets), incorporating advanced security measures like network security groups (NSGs), Azure Firewall, and VPNs.

•Leveraged tools like Visual Studio, Azure Kubernetes Service (AKS), Application Insights, and Log Analytics to enhance service observability and facilitate proactive issue resolution.

•Implemented Azure Site Recovery and Azure Backup solutions to ensure business continuity and secure data protection.

•Established Azure ExpressRoute connections to enable secure and efficient communication between Azure and on-premises data centres.

•Utilized Terraform and CloudFormation to automate server provisioning with Infrastructure as Code (IaC), ensuring consistent and streamlined deployment.

•Configured Azure DevOps pipelines for deploying and validating Helm charts, automating deployment workflows for consistency across environments.

•Integrated Ansible with Jenkins to automate deployment workflows, enhancing reliability and improving operational efficiency.

Ross Stores, Dublin, CA Mar 2021 – Aug 2022

DevOps Security Lead

Project Summary: As a DevOps Security Lead at Ross Stores, spearheaded the migration of e-commerce platforms to Azure, optimizing infrastructure for scalability and performance. Led secure design and deployment of data processing workflows with Azure Synapse and Databricks, while implementing advanced security measures, threat detection systems, and CI/CD automation. Enhanced system reliability and efficiency through robust monitoring, serverless architecture, and optimized Azure integrations.

•Designed and executed comprehensive migration strategies for transitioning e-commerce platforms to Azure, optimizing IaaS VMs and PaaS instances for scalability and performance.

•Collaborated on creating architectural blueprints and solution designs for Azure Synapse and Databricks projects, enabling seamless integration and efficient data processing workflows.

•Deployed advanced security logging and monitoring systems to proactively detect and mitigate security threats in Azure environments.

•Developed custom connectors for seamless data ingestion from diverse sources into Azure Data Lake Storage, streamlining processing pipelines.

•Automated CI/CD processes for infrastructure and data pipeline deployment using Azure DevOps, ensuring consistent and efficient operations.

•Utilized Azure Data Factory and Logic Apps to design robust ingestion workflows, facilitating smooth data integration and analysis in Databricks.

•Transformed data using Apache Spark on Azure Databricks, employing Scala, Python, and SQL for scalable and high-performance processing.

•Configured automated CI/CD pipelines for testing and deploying Databricks notebooks and jobs, ensuring production reliability.

•Leveraged Azure monitoring tools like Log Analytics and Application Insights for proactive issue resolution and performance optimization.

•Architected serverless solutions with Azure Functions and Python to enhance system scalability and cost efficiency.

•Managed Docker containerized applications using Kubernetes, optimizing deployments, scaling, and load balancing.

•Configured Azure ExpressRoute for secure private connections between on-premises systems and Azure, ensuring seamless communication.

•Enhanced threat detection and incident response capabilities by configuring Azure Security Center and conducting security drills.

•Utilized Azure SQL Database, Data Lake, Data Factory, and Analysis Services for optimized resource integration and advanced analytics.

•Implemented monitoring solutions using the ELK stack, designing Logstash pipelines and efficient Elasticsearch indices.

•Automated processes with Azure Automate for configuration management and update workflows, following Azure best practices for cost and resource efficiency.

•Configured Azure Active Directory for secure single sign-on and multi-factor authentication to safeguard Azure resources.

•Automated Windows patching using PowerShell and managed release pipelines in Azure DevOps for efficient update deployment.

•Optimized network performance by configuring BGP routes for ExpressRoute connections, ensuring reliable Azure-to-data-centre connectivity.

Sisense, New York, NY Apr 2019 - Mar 2021

Azure Cloud & DevOps Architect

Project Summary: As an Azure Cloud & DevOps Architect at Sisense, I led the design and deployment of scalable, secure Azure infrastructure to support critical applications. I implemented robust monitoring solutions with Azure Monitor, Application Insights, and Dynatrace to optimize performance, while orchestrating seamless data migrations using Azure Data Factory. By automating resource provisioning with ARM templates and terraform, and streamlining CI/CD pipelines via Azure DevOps, I ensured efficient, repeatable deployments. I also integrated third-party systems through Azure services, ensuring smooth application functionality and compliance with industry best practices.

•Architected and deployed Azure infrastructure tailored to application needs and scalability.

•Established robust monitoring frameworks leveraging tools like Azure Monitor, Application Insights, and Dynatrace for real-time insights and optimization.

•Formulated and executed data migration strategies using Azure Data Factory and Azure Migration Services for seamless transitions.

•Automated resource provisioning with ARM templates and terraform, ensuring consistent and efficient infrastructure deployment.

•Streamlined deployment processes by implementing CI/CD pipelines with Azure DevOps and employing scripting for automation.

•Enabled integration with third-party systems through Azure integration services, enhancing application functionality.

•Designed secure and compliant Azure environments, emphasizing scalability and adherence to best practices.

•Leveraged Git and Bitbucket for version control, adeptly managing branches, tags, and merge processes.

•Enhanced performance monitoring and optimization by configuring Azure tools and automating deployment workflows with Jenkins, Maven, and Ansible.

BNP Paribas, New York, NY Mar 2017 - Apr 2019

Azure Cloud & Data Engineer

Project Summary: As an Azure Cloud & Data Engineer at PNB Paribas, I designed and deployed a robust cloud architecture on Azure, ensuring high availability, disaster recovery, and compliance with industry regulations. I managed key Azure services like VMs, VNets, and NSGs to replicate on-premises infrastructure, and utilized Azure App Service and SQL Database for web application hosting. Additionally, I developed and maintained ETL pipelines using Azure Data Factory, Databricks, and Synapse, while implementing security measures through Azure Key Vault and Active Directory. My role also involved continuous monitoring with Azure Security Center, ensuring smooth migrations and seamless data integration across systems.

•Designed and implemented a cloud architecture on Azure that emphasizes high availability, disaster recovery, and adherence to industry standards.

•Managed Azure Virtual Machines (VMs), Virtual Networks (VNets), and Network Security Groups (NSGs) to mirror on-premises infrastructure in the cloud.

•Utilized Azure App Service and Azure SQL Database for hosting web applications and managing database workloads effectively.

•Configured Azure Active Directory (AAD) to enable secure user authentication and access control within the organization.

•Implemented Azure Key Vault to securely store and manage sensitive data such as encryption keys and certificates.

•Created and maintained data pipelines and ETL processes on Azure using tools like Azure Data Factory, Azure Databricks, and Azure Synapse.

•Established continuous monitoring and threat detection by deploying Azure Monitor and Azure Security Centre, ensuring regulatory compliance.

•Conducted rigorous testing and validation to minimize disruptions during migrations and ensure smooth transitions to the new infrastructure.

•Designed efficient data integration and pipeline solutions to connect various data sources and systems, enabling seamless data flow.

•Provided training and ongoing support for bank stakeholders and IT teams to facilitate the adoption and effective use of the new Azure infrastructure.

Novartis AG, East Hanover, New Jersey Oct 2014 - Mar 2017

AWS DevOps Engineer

Project Summary: As an AWS DevOps Engineer at Novartis AG, I ensured the high availability, performance, and security of production systems in AWS, optimizing scalability to support business growth. I utilized key AWS services such as EC2, S3, and CloudFormation to streamline resource management and enforce best security practices. I led the release management process using AWS Elastic Beanstalk and CodeDeploy, while implementing comprehensive monitoring strategies to detect and resolve issues proactively. Additionally, I enhanced security and compliance by applying IAM policies and encryption, ensuring the integrity and safety of our cloud infrastructure.

•Ensured the high availability, performance, and security of production systems within the AWS environment, while enabling scalability to meet evolving business demands.

•Utilized AWS services, including EC2, S3, and CloudFormation, alongside custom scripts and configurations, to optimize resource management, enforce security best practices, and design scalable architectures tailored to organizational needs.

•Managed application releases and deployment processes using AWS Elastic Beanstalk and CodeDeploy, ensuring consistency, reliability, and operational efficiency across different environments.

•Conducted research and analysis of emerging technologies and vendor solutions to enhance the AWS ecosystem, ensuring it stays aligned with industry advancements.

•Implemented monitoring and diagnostic strategies with AWS CloudWatch and custom tools to proactively identify and resolve issues, minimizing downtime and ensuring continuous service availability.

•Integrated AWS CodePipeline and testing tools like Selenium to perform comprehensive functional, performance, and security testing, reducing risks before production releases.

•Strengthened security and compliance of the AWS infrastructure by applying IAM policies, security groups, and encryption practices to safeguard against potential vulnerabilities.

Converse, Boston, Massachusetts Jan 2013 – Sep 2014

Cloud Data Engineer

Project Summary: As a Cloud Data Engineer at Converse, I configured Elastic Load Balancers (ELBs) for auto-scaling and managed multi-region architectures using AWS CloudFormation, ensuring high availability across environments. I led the migration of containerized applications from ECS to Kubernetes, optimizing scalability and efficiency. I integrated automated build and deployment pipelines, streamlined by tools like Jenkins and Artifactory, and implemented robust data governance and security controls to ensure compliance with GDPR, HIPAA, and PCI DSS. My role also involved using AWS services such as S3, EBS, and Lambda to enhance operational workflows and ensure data accuracy and consistency.

•Configured Elastic Load Balancers (ELBs) for auto-scaling and managed multi-region architectures using AWS CloudFormation to ensure high availability.

•Integrated automated build pipelines with deployment workflows using tools like Jenkins, Jira, SVN, Artifactory, and Jama to streamline upgrades, migrations, and integrations.

•Managed AWS network configurations, including Route53, DNS, ELB, and IP address setups, to optimize cloud performance and reduce downtime.

•Implemented robust data governance policies and security controls to maintain data confidentiality, integrity, and compliance with GDPR, HIPAA, and PCI DSS standards.

•Oversaw Docker containers and led migrations from ECS to Kubernetes, improving scalability and resource efficiency.

•Utilized AWS storage services such as S3, EBS, EFS, and Glacier for secure, durable, and compliant storage.

•Deployed applications using AWS Elastic Beanstalk, simplifying deployment processes and ensuring consistent environments.

•Leveraged AWS DataSync for efficient migration of on-premises data to the AWS Cloud, ensuring operational continuity.

•Implemented monitoring and validation processes to ensure data accuracy, completeness, and consistency.

•Designed and maintained CI/CD pipelines to accelerate software delivery and enhance operational efficiency.

•Troubleshot and resolved Kubernetes cluster issues, ensuring smooth operation of containerized applications.

•Developed AWS Lambda functions to automate tasks and improve operational workflows.

•Applied in-depth knowledge of Web Services and API Gateways to optimize system integration and enhance user experience.

BlackRock, New York, NY Aug 2005 - Dec 2012

Database Developer

Project Summary: As a Database Developer at BlackRock, I led the design and development of front-end database applications, optimizing data interaction between Oracle and Sybase systems to enhance performance. I crafted and fine-tuned SQL queries, improving data retrieval and streamlining management across multi-database environments. I also played a key role in the migration of applications from Sybase to Oracle, ensuring seamless data transitions with minimal disruption. Additionally, I developed and implemented robust QA procedures, ensuring the reliability and efficiency of database-driven solutions throughout their lifecycle.

•Directed the design and development of front-end database applications, ensuring smooth data interaction with Oracle and Sybase backend systems to optimize performance and user experience.

•Crafted and optimized SQL queries for multi-database environments, improving data retrieval efficiency and streamlining database management.

•Led the development of database-driven E-Business Solutions, enabling seamless integration between customers, trading partners, and businesses through web-based applications within a UNIX environment.

•Conducted extensive testing during the migration of database applications from Sybase to Oracle, ensuring data integrity and minimizing operational disruptions in a clustered server environment.

•Developed and implemented comprehensive Quality Assurance (QA) procedures for database applications, ensuring high performance, reliability, and adherence to data management standards.

•Played a pivotal role in the full database development lifecycle for Schwab’s E-business portal, from initial design through deployment, ensuring successful integration with business objectives and project goals.

•Managed database schema delivery and version control using ClearCase/ClearQuest, ensuring efficient tracking of database changes, bugs, and defects throughout the development process.

National Life Group Feb 1999 – Aug 2005

Data Analyst

Project Summary: As a Data Analyst at National Life Group, I developed and maintained databases to support data-driven web applications, implementing backend SQL solutions for seamless integration with front-end systems. I collaborated with cross-functional teams to create actionable data models, conducted detailed analysis to identify trends and insights, and optimized data structures for performance. Using tools like Excel, Power BI, and SQL, I enhanced data visualization and ensured data integrity, security, and scalability to support business decision-making and operational efficiency.

•Developed and maintained databases to support the creation of interactive, data-driven web applications.

•Implemented backend solutions using SQL, ensuring seamless integration with front-end systems and efficient data retrieval.

•Collaborated with cross-functional teams to understand business requirements and translate them into actionable data models and reports.

•Conducted data analysis and modeling to identify trends, correlations, and insights, optimizing data structures for improved performance and scalability.

•Utilized tools such as Excel, Power BI, and SQL for data visualization, enhancing user experience and usability for business stakeholders.

•Applied data optimization techniques to improve query performance and reduce processing time, ensuring efficient data handling.

•Ensured data integrity and security by applying validation protocols, access controls, and encryption for sensitive information.

•Worked closely with business teams to interpret data, generate actionable insights, and resolve data-related issues impacting operations.

•Documented data models, analysis procedures, and reporting methods for consistency and to facilitate future business decisions.

Education:

Master of Information Systems Management

Keller Graduate School of Management, Fort Washington, PA

Bachelor of Business Administration

Temple University, Philadelphia, PA

Certification:

•Azure Fundamentals (AZ-900)

•Azure Security Engineer Associate (AZ-500)

•Azure DevOps Engineer Expert (AZ-400)



Contact this candidate