Azure DevOps & Cloud Engineer
Resume:
Shen Akpan
Azure DevOps & Cloud Engineer
(Kubernetes Terraform CloudFormation DevSecOps)
470-***-**** *********@*****.***
PROFILE SUMMARY
A certified Azure DevOps & Cloud Engineer with 11 years of IT experience, including 9 years in Azure & AWS. Azure & AWS Cloud & DevOps Leader
A results-driven Cloud & DevOps Architect with deep expertise in multi-cloud infrastructure design, automation, and security across Azure and AWS environments. Proven ability to drive operational efficiency, cost optimization, and high availability by leveraging Infrastructure as Code (IaC), CI/CD pipelines, and containerization strategies. Strategic Infrastructure Architect
Expert in architecting and managing scalable, fault-tolerant, and high-performance cloud ecosystems using Terraform, CloudFormation, Kubernetes, and Docker. Skilled in DevSecOps, network security, and cloud governance, ensuring compliance with SOC 2, NIST, ISO 27001, and GDPR. Strong focus on disaster recovery, multi-region deployments, and hybrid cloud architectures for enterprise solutions.
Security-Focused Innovator
Specialized in implementing Zero Trust Security, IAM policies, least privilege access controls, and secure network architectures across AWS VPCs, Azure VNets, NSGs, WAF, and Firewall policies. Proficient in SIEM integration, threat detection (AWS GuardDuty, Azure Security Center), encryption standards (KMS, Azure Key Vault), and automated security remediation. Experienced in securing CI/CD pipelines using GitHub Actions, Jenkins, and Azure DevOps with SAST/DAST tools like SonarQube and Checkmarx.
Data & Automation Expert
Expertise in data engineering and ETL pipeline automation using AWS Glue, Azure Data Factory, Apache Airflow, and Snowflake. Skilled in building real-time data streaming solutions with Kafka, Kinesis, and Event Hub. Experience in observability using Prometheus, Grafana, CloudWatch, and Azure Monitor to enhance system performance and incident response.
TECHNICAL SKILLS
Cloud Platforms & Services:
• Microsoft Azure: Azure App Service, Azure Functions, Azure Logic Apps, Azure Kubernetes Service (AKS), Azure Batch, Azure Service Fabric, Azure Spring Apps
• Multi-Cloud Expertise: AWS (EC2, S3, Lambda, CloudFormation, IAM), GCP (GKE, Cloud Functions, BigQuery) Infrastructure as a Service (IaaS):
• Compute & Networking: Virtual Machines, VM Scale Sets, Azure Bastion, Jump Server, Virtual Networks (VNet), ExpressRoute, VPN, Traffic Manager, Load Balancer, Application Gateway, Azure Front Door, Azure Private Link, Service Endpoints
• Storage Solutions: Azure Storage (Blob, Table, Queue, Files), Azure Data Lake Storage (Gen1 & Gen2), Storage Replication, Access Keys, Shared Access Signatures (SAS), Data Lifecycle Policies
• Identity & Access Management: Azure Active Directory (AAD), Managed Identity, Service Principal, Azure AD B2C, OAuth 2.0, Role-Based Access Control (RBAC), Conditional Access Platform as a Service (PaaS):
• Serverless Computing: Azure Functions, Event Grid, WebJobs, Azure Logic Apps
• Messaging & Streaming: Azure Event Hubs, Azure Service Bus, Apache Kafka, RabbitMQ, Azure SignalR, WebSockets
• Monitoring & Logging: Azure Monitor, Azure Log Analytics, Application Insights, Azure Security Center, Azure Sentinel, Dynatrace, New Relic, ELK Stack (Elasticsearch, Logstash, Kibana), Splunk, Prometheus, Grafana Data Engineering & Analytics:
• Big Data & Data Warehousing: Azure Synapse Analytics (SQL Data Warehouse), Snowflake, BigQuery, Amazon Redshift, Databricks, HDInsight, Apache Spark, Apache Flink
• ETL & Data Pipelines: Azure Data Factory (ADF), Apache NiFi, AWS Glue, Apache Airflow, Azure Stream Analytics
• Databases: Azure SQL Database, Cosmos DB, PostgreSQL, MySQL, MongoDB, Cassandra, Amazon DynamoDB, HBase
• Data Integration & Processing: Delta Lake, Apache Hive, Presto, Apache Impala, Spark Structured Streaming DevOps & CI/CD:
• Version Control & Source Code Management: Git, GitHub, GitLab, Bitbucket, Azure Repos
• CI/CD Pipelines & Automation: Azure DevOps, Jenkins, GitHub Actions, GitLab CI/CD, Bamboo, TeamCity, CircleCI
• Infrastructure as Code (IaC): Terraform, Bicep, ARM Templates, AWS CloudFormation
• Release Strategies: Blue-Green Deployment, Canary Deployment, Feature Flags, A/B Testing
• Build Tools: Maven, Gradle, Bazel, Ant
Security & Compliance:
• Data Security: Azure Key Vault, Encryption (at Rest & In Transit), TLS/SSL, Secure Enclaves
• Cloud Security: Azure Security Center, Defender for Cloud, Microsoft Sentinel, WAF (Web Application Firewall), DDoS Protection
• Compliance Standards: GDPR, SOC 2, HIPAA, PCI DSS, NIST, ISO 27001 Containerization & Microservices:
• Container Platforms: Docker, Kubernetes, OpenShift, Amazon ECS, AWS Fargate
• Orchestration & Service Mesh: Azure Kubernetes Service (AKS), Google Kubernetes Engine (GKE), Istio, Consul, Envoy
• Serverless Containers: AWS Lambda, Google Cloud Run, Azure Container Apps
• API Gateway & Service Discovery: Azure API Management, Kong, Istio, Envoy, Traefik Scripting, Automation & Programming:
• Programming Languages: Python, Bash, PowerShell, Go, JavaScript, TypeScript, Java, C#, Scala
• Scripting & Automation: Ansible, Puppet, Chef, SaltStack, Pester (PowerShell Testing)
• Cloud SDKs & APIs: Azure SDKs (Python, .NET, Java), AWS Boto3, Google Cloud SDK PROFESSIONAL EXPERIENCE
Lead DevOps Engineer / Cloud Network Security Consultant London Stock Exchange Group (LSEG), Raleigh, NC March 2024 – Present Project Overview: Refactored the development environment by implementing Infrastructure as Code (IaC) with Terraform, automating deployments, and enhancing security controls. Spearheaded Azure DevOps initiatives, optimized CI/CD pipelines, and strengthened network security policies. Managed firewall rules, VPN access, and application-layer security while ensuring compliance with cloud security best practices.
Key Responsibilities:
• Developed Terraform configurations to manage shared resources, replacing manually configured components with automated, version-controlled deployments.
• Established IaC pipelines to streamline provisioning in a greenfield environment, ensuring consistency and reproducibility.
• Created Azure Storage Accounts and Blob Containers to store Terraform state files, securing state management and preventing configuration drift.
• Deployed Azure Virtual Machines (VMs) for MSSQL using Terraform, optimizing configurations for high availability and performance.
• Configured Azure Virtual Network Peering to establish secure, scalable connectivity across cloud resources.
• Designed and optimized CI/CD pipelines using GitLab CI, automating infrastructure deployment and monitoring changes.
• Implemented Blue-Green & Canary Deployments to minimize downtime and reduce deployment risks in cloud and hybrid environments.
• Developed and maintained YAML-based Azure DevOps pipelines, ensuring seamless integration with Terraform and security tools.
• Strengthened network security by reviewing and optimizing firewall rules, NSGs, and access policies across environments.
• Implemented conditional access policies to enforce role-based security and prevent unauthorized access.
• Conducted vulnerability assessments and optimized Web Application Firewall (WAF) configurations for enhanced threat detection.
• Enforced zero-trust security principles by restricting public access to sensitive resources and implementing Zscaler VPN for secure remote access.
• Configured Azure Monitor, Log Analytics, and Sentinel to provide centralized visibility into infrastructure health and security events.
• Integrated Splunk, ELK Stack, and Prometheus for real-time monitoring and anomaly detection across cloud resources.
• Set up Dynatrace and New Relic to analyze performance metrics, proactively identifying bottlenecks and optimizing system efficiency.
• Designed and implemented Azure Bastion Host and Jump Servers to enforce secure access controls for remote management.
• Designed and deployed scalable data pipelines using Azure Data Factory, Databricks, and Apache Spark, enabling efficient ETL processing.
• Developed Python- and PowerShell-based security automation scripts to enforce IAM policies, network security rules (NSGs, WAF), and vulnerability scanning using Pester, Checkmarx, and SonarQube.
• Developed Terraform-based automation for provisioning data services like Cosmos DB, PostgreSQL, and MSSQL.
• Implemented Data Lake Storage (ADLS) and Snowflake to support large-scale analytics and high-performance querying. Tech Stack: Azure DevOps, Terraform, GitLab CI/CD, Azure Pipelines, YAML, Azure Storage Accounts, Azure Virtual Machines, MSSQL, Azure Key Vault, Web Application Firewall (WAF), Azure Monitor, Log Analytics, Azure Sentinel, NSG, VPN, Zscaler, Tufin, Splunk, ELK Stack, Prometheus, Dynatrace, Python, PowerShellNew Relic, ExpressRoute, Azure Bastion, Jump Server, Private Endpoints, Service Endpoints.
Senior Azure DevOps Engineer
Cencora, Conshohocken, Pennsylvania February 2022 - March 2024 Project Overview: Designed and automated Azure DevOps infrastructure, ensuring seamless CI/CD pipelines, security hardening, and cloud optimization. Led Infrastructure as Code (IaC) implementation, performance tuning, and security compliance enforcement to drive operational efficiency.
Key Responsibilities:
• Automated CI/CD Pipelines using Azure DevOps Pipelines, YAML, and GitHub Actions to streamline deployment workflows.
• Designed and managed Terraform-based infrastructure for provisioning Azure Kubernetes Service (AKS), VMs, and Networking resources.
• Implemented Azure Security Center & Defender to monitor vulnerabilities and enforce security best practices across cloud resources.
• Optimized Azure Monitor & Log Analytics to centralize observability, integrating Application Insights, Prometheus, and Grafana.
• Developed Helm charts for AKS to standardize Kubernetes deployments, ensuring scalability and high availability.
• Automated cloud resource scaling with Azure Autoscale, Kubernetes Horizontal Pod Autoscaler (HPA), and Virtual Machine Scale Sets (VMSS).
• Configured Azure API Management (APIM) to secure and optimize API gateways, enabling policy-based traffic control.
• Integrated Azure Key Vault & Managed Identities to secure secrets, certificates, and access credentials.
• Orchestrated Blue-Green and Canary deployments for zero-downtime releases, enhancing application reliability.
• Refined cost management strategies by optimizing Azure Reserved Instances, Autoscaling, and Storage Tiering.
• Established robust role-based access control (RBAC) and Conditional Access Policies to enforce least privilege access.
• Automated database provisioning for Azure SQL, Cosmos DB, and PostgreSQL, ensuring optimized security.
• Deployed Infrastructure Compliance Audits using Terraform Sentinel, Azure Policy, and Azure Blueprints to enforce governance. Created custom monitoring solutions using Python to automate log analysis, anomaly detection.
• Implemented GitOps methodology with FluxCD & ArgoCD, enabling declarative infrastructure management.
• Integrated SIEM solutions (Azure Sentinel, Splunk, ELK Stack) for security monitoring, threat detection, and log analysis. Tech Stack: Azure DevOps, Terraform, Kubernetes (AKS), Helm, Azure Security Center, Azure API Management (APIM), Azure SQL, Cosmos DB, PostgreSQL, Azure Monitor, Log Analytics, Prometheus, Grafana, GitHub Actions, ArgoCD, FluxCD, Azure Sentinel, Splunk, ELK Stack, RBAC, Conditional Access, HPA, VMSS, YAML, Blueprints, python, Sentinel Policies. Azure DevOps & Cloud Engineer
PwC, New York City, NY January 2021 - February 2022 Project Overview: Led the cloud DevOps transformation at PwC, implementing CI/CD automation, infrastructure as code (IaC), and data pipeline optimizations. Designed secure cloud environments, automated Azure deployments, and integrated data engineering workflows for enhanced efficiency.
Key Responsibilities
• Designed & automated Azure DevOps pipelines using YAML, GitHub Actions, and Azure Repos, improving deployment efficiency.
• Implemented Terraform-based IaC to provision Azure Kubernetes Service (AKS), Azure Virtual Networks, and Azure SQL databases.
• Developed and optimized ETL data pipelines for Azure Data Factory, Databricks, and Synapse Analytics, ensuring efficient data processing.
• Integrated Azure Key Vault for secure storage of credentials, API keys, and certificates, improving cloud security posture.
• Implemented robust security controls using Azure Policy, Conditional Access, and Defender for Cloud to enforce compliance.
• Automated infrastructure monitoring via Azure Monitor, Log Analytics, and Application Insights, enhancing observability.
• Optimized Kubernetes workloads using Helm, AKS scaling strategies, and Horizontal Pod Autoscaler (HPA) for high availability.
• Built GitOps workflows with FluxCD and ArgoCD, enabling declarative infrastructure management.
• Developed DataOps workflows to automate data transformations and streamline pipeline deployments in Databricks and Synapse.
• Orchestrated serverless solutions using Azure Functions and Logic Apps, reducing infrastructure overhead.
• Enhanced logging and security analytics via Azure Sentinel and ELK Stack, improving threat detection and response.
• Implemented cost optimization strategies using Azure Reserved Instances, Auto-scaling, and Data Lifecycle Management.
• Refined access control policies with RBAC, Azure Active Directory (AAD), and Privileged Identity Management (PIM).
• Automated database provisioning for Azure SQL, Cosmos DB, and PostgreSQL, ensuring compliance and performance.
• Developed data ingestion pipelines using Python and PowerShell, integrating with Kafka, Kinesis, Snowflake, and Azure Data Factory to process high-volume structured and unstructured data.
• Ensured cloud governance by implementing Azure Blueprints, Security Baselines, and automated compliance audits. Tech Stack: Azure DevOps, Terraform, Kubernetes (AKS), Helm, Azure Data Factory, Databricks, Synapse Analytics, Azure SQL, Cosmos DB, PostgreSQL, Azure Key Vault, Azure Functions, Logic Apps, Azure Monitor, Log Analytics, Application Insights, Azure Sentinel, ELK Stack, GitHub Actions, FluxCD, ArgoCD, Azure Defender, Azure Policy, RBAC, AAD, PIM, HPA, Reserved Instances, YAML, Blueprints, Python
Senior Azure Site Reliability Engineer
SLB (Schlumberger), Houston, TX June 2019 – December 2021 Project Overview: Refactored Azure cloud infrastructure, automated CI/CD pipelines, implemented cloud security & monitoring, optimized big data pipelines, and ensured high availability & disaster recovery. • Designed and implemented highly available, scalable, and resilient Azure cloud infrastructure using Terraform and Azure Resource Manager (ARM) templates. Key Responsibilities
• Developed CI/CD pipelines using Azure DevOps and Jenkins, integrating automated testing, security scans, and compliance checks to enhance deployment reliability.
• Automated cloud infrastructure provisioning with Terraform and Ansible, reducing manual interventions and improving operational efficiency.
• Managed Azure Kubernetes Service (AKS) for microservices deployment, optimizing auto-scaling, network policies, and container security.
• Implemented observability and monitoring solutions using Azure Monitor, Application Insights, Prometheus, and Grafana to proactively detect and resolve performance issues.
• Configured Azure Security Center and Sentinel for proactive threat detection, vulnerability assessment, and compliance monitoring.
• Designed disaster recovery (DR) and backup strategies using Azure Backup, Site Recovery (ASR), and geo-redundant storage solutions.
• Managed Azure Active Directory (AAD), RBAC, and Conditional Access Policies to enforce secure authentication and least privilege access.
• Optimized Azure Virtual Networks (VNet), NSGs, VPN Gateways, and ExpressRoute to improve security and performance of cloud-based workloads.
• Collaborated with software and security teams to implement Zero Trust security architecture and ensure compliance with SOC 2, HIPAA, and ISO 27001.
• Designed end-to-end test automation frameworks using Pester (PowerShell), pytest (Python), and JUnit (Java) for validating infrastructure deployments.
• Optimized cost management strategies by analyzing resource utilization, right-sizing workloads, and implementing Azure Reserved Instances.
Tech Stack: Azure DevOps, Terraform, ARM Templates, Ansible, Jenkins, Azure Kubernetes Service (AKS), Azure Security Center, Azure Sentinel, Azure Monitor, Grafana, Prometheus, Azure Data Factory, Databricks, Azure Backup, Azure Site Recovery, Azure Active Directory (AAD), RBAC, Conditional Access, NSGs, ExpressRoute, Zero Trust, SOC 2, HIPAA, Python, Java, PowerShell AWS DevOps Engineer
Nordstrom, Seattle, WA January 2018 - Jaune 2019 Project Overview: Designed and automated AWS cloud infrastructure, built secure data pipelines, optimized DevOps workflows, and enforced cloud security & compliance for Nordstrom’s e-commerce platform. Key Responsibilities:
• Designed and implemented scalable AWS infrastructure using Terraform and AWS CloudFormation, enabling Infrastructure as Code (IaC) for automated resource provisioning.
• Developed and optimized CI/CD pipelines using AWS CodePipeline, CodeBuild, and CodeDeploy to automate application deployments.
• Engineered secure and high-performance data pipelines using AWS Glue, Kinesis, and Lambda for real-time and batch data processing.
• Managed big data workflows in AWS using EMR, Redshift, and S3, optimizing data ingestion and ETL performance.
• Configured AWS IAM roles, policies, and security best practices to enforce least privilege access and compliance standards
(SOC 2, GDPR).
• Deployed and monitored Kubernetes (EKS) and Docker containers, implementing autoscaling, logging, and service mesh networking (Istio).
• Integrated AWS Security Hub, GuardDuty, and WAF to detect vulnerabilities, prevent unauthorized access, and mitigate threats.
• Built serverless applications using AWS Lambda, API Gateway, and DynamoDB to improve scalability and reduce infrastructure overhead.
• Established monitoring and alerting using AWS CloudWatch, Prometheus, and ELK stack to track performance metrics and log analysis.
• Automated compliance checks using AWS Config, Security Hub, and AWS Lambda for continuous policy enforcement.
• Worked on data streaming solutions with Apache Kafka and AWS Kinesis, enabling real-time analytics for e-commerce recommendations.
Tech Stack: AWS DevOps, Terraform, CloudFormation, AWS CodePipeline, Kubernetes (EKS), Docker, AWS Glue, Kinesis, Lambda, Redshift, EMR, S3, DynamoDB, API Gateway, IAM, GuardDuty, WAF, AWS CloudWatch, Prometheus, ELK Stack, VPC, AWS Config, Kafka, Auto Scaling, AWS Backup.
DevOps & Cloud Engineer
J.Crew., New York City, NY December 2015 - January 2018 Project Overview: Designed and automated AWS and Azure DevOps workflows, built scalable data pipelines, ensured cloud security
& compliance, and optimized multi-cloud infrastructure for J.Crew’s digital platforms. Key responsibilities:
• Designed and deployed scalable AWS and Azure cloud infrastructure using Terraform and ARM templates, ensuring automated provisioning and configuration management.
• Built and optimized CI/CD pipelines using AWS CodePipeline, Azure DevOps, and Jenkins for automated testing, deployment, and rollback strategies.
• Developed and maintained data engineering pipelines using AWS Glue, Apache Spark, and Azure Data Factory for ETL and real-time processing.
• Implemented Kubernetes (EKS & AKS) and Docker for containerized application deployments with autoscaling, networking, and monitoring.
• Designed serverless solutions using AWS Lambda, Azure Functions, and API Gateway to support lightweight and cost- efficient workloads.
• Managed IAM roles, policies, and RBAC to enforce security best practices and access controls across AWS and Azure environments.
• Configured VPC networking, VPN, security groups, and firewall rules for secure hybrid cloud connectivity.
• Monitored and optimized cloud performance using AWS CloudWatch, Azure Monitor, and ELK Stack for log analysis and anomaly detection.
• Integrated AWS S3, Redshift, and Snowflake with Azure Data Lake for multi-cloud data storage, transformation, and analytics.
• Engineered data streaming architectures with Apache Kafka, AWS Kinesis, and Event Hub for real-time customer analytics and insights.
• Implemented disaster recovery (DR) and backup strategies using AWS Backup, S3 versioning, and Azure Site Recovery.
• Strengthened cloud security by configuring AWS WAF, Azure Security Center, and GuardDuty for threat detection and compliance monitoring.
• Established observability and incident response frameworks using Prometheus, Grafana, and PagerDuty to reduce downtime and improve system reliability.
Tech Stack: AWS (EKS, S3, Lambda, Glue, Kinesis, Redshift, CodePipeline, WAF, GuardDuty, CloudWatch), Azure (AKS, Data Factory, Monitor, Security Center, Functions, ARM Templates), Terraform, Jenkins, Docker, Apache Spark, Apache Kafka, Snowflake, ELK Stack, GitHub Actions, Prometheus, Grafana, PagerDuty.
Data Analyst
Capital One, McLean, VA February 2014 - December 2015
• Developed automated ETL pipelines using Azure Data Factory and SQL Server Integration Services (SSIS) to process large datasets for financial reporting.
• Designed and optimized Power BI dashboards to provide real-time insights into customer transactions and fraud detection patterns.
• Utilized Azure Synapse Analytics to analyze structured and unstructured financial data, improving reporting efficiency by 30%.
• Implemented Azure Monitor and Log Analytics for proactive system monitoring, reducing downtime incidents in cloud- hosted applications.
• Worked with data governance policies to ensure compliance with GDPR and CCPA, strengthening security measures for sensitive financial data.
Tech Stack: Azure Data Factory, SQL Server, SSIS, Power BI, Azure Synapse Analytics, Azure Monitor, Log Analytics, GDPR, CCPA. EDUCATION
MS in Digital Innovation (concentration: Computer Science) Bentley University, Waltham, MA
BSc. In Computer Science & Mathematics
Lincoln University, PA
CERTIFICATIONS
AWS Certified Solutions Architect AWS Certified Developer Microsoft Certified: Azure Security Engineer Associate
Contact this candidate