Post Job Free
Sign in

Devops Engineer Configuration Management

Location:
Durham, NC
Posted:
February 13, 2025

Contact this candidate

Resume:

BRINE NDAM KETUM

Sr. Cloud DevOps Engineer

+1-443-***-**** **********@*****.*** www.linkedin.com/in/brine-ndam-ketum Results-driven Lead IT Professional with over 8 years of experience in supporting and optimizing mission-critical SDLC and deployments in AWS and Azure. Skilled in SaaS, PaaS, IaaS, designing and implementing CI/CD pipelines using GitOps, Jenkins with automated configuration management. Proficient in provisioning and managing highly available, fault-tolerant, and scalable infrastructures on AWS/Azure using CloudFormation and Terraform for Infrastructure as Code (IAC) including Serverless architectures. Possessing expertise in Linux, networking protocols, RESTful API design Cloud security, Cybersecurity, IAM, data protection, monitoring, automated testing (SAST & DAST), AWS Organizations, with a solid background in containerization using Docker and Kubernetes. Proficient in writing bash and Python scripts for automation. Demonstrated Expertise in mentoring team members, attention to details, communicating and collaborating with team members, stake holders with willingness to learn and deliver high quality business solutions. Cloud Platforms AWS, Azure

Configuration Management

Tools

Ansible, Chef, Puppet

CI/CD & Build Tools Jenkins, Maven, SonarQube, Nexus, ANT, Gitlab, Argo CD Containerization Tools Kubernetes, Docker, Docker Swarm, AWS ECS, EKS Version Control Tools Git, GitHub, Bit-Bucket, VSTS Bug tracking and Ticketing Nagios, Jira, Scrum, Kanban, Agile Project Management, confluence, ServiceNow, Slack.

Scripting Languages Python, Bash/Shell Scripting, Power Shell, java, node.js, Golang Databases Oracle 10g/9i, DynamoDB SQL Server, MySQL, SQL Server, NoSQL (Mongo DB, Cassandra),

Application/Web Servers Tomcat, Apache, Application Server, IIS, Oracle WebLogic, Nginx. Networking/Protocols VPC, NACLS, Transit Gateways, SGs, IGW, NGW, DNS, DHCP, FTP/TFTP, SMTP, TCP/IP, HTTP/HTTPS, WAN, WAF, LAN, Routers/Switches, TLS, SSL, IP/URL etc. Governance and Compliance

AWS (Organization, Trusted Advisor, AD Connector, IAM, Secrets Manager, Control Tower, Budget, Workspaces, Well Architected tool, License) Operating Systems Amazon Linux (Red hat, CentOS, Ubuntu), Windows, Mac OS Cybersecurity Crowd strike, SOP, Wire shark, Nessus, Nmap, HIPAA, PCI-DSS, IDS, IPS, IBM-X- Force, Splunk Enterprise Security, OWASP TOP 10, NIST Logging, Monitoring Splunk, ELK, Azure Monitor, AWS Cloud watch, Grafana, Prometheus, Datadog, New Relic, PagerDuty, AWS SNS & S3.

Migration and Cost

optimization

Database Migration Service, Server Migration Service, Cloud Endure, CART, TCO, S3 storage and lifecycle policies, Compute Optimizer. Professional Summary

KEYSIGHT TECHNOLOGY 03/03/2023 – PRESENT

● Automated AWS infrastructure provisioning using Terraform supporting 1,000,000+ daily users and cutting infrastructure costs by $500,000 annually through cost-optimized resource configurations.

● Implemented robust backup and disaster recovery strategies using AWS services (S3, EBS snapshots, multi-region replication), ensuring 99.9% data integrity and reducing downtime in critical scenarios by 40%.

● Deployed and managed Amazon EKS clusters with 700+ pods, running across 85 nodes and hosting 12,000+ containers supporting over 10 million concurrent users globally.

● Streamlined container deployment and scaling with Bash scripts, accelerating deployment pipelines by saving 10 developer hours weekly and improving workload processing speeds by 2x.

● Deployed observability solutions using Prometheus and Grafana, reducing incident resolution time from 90 minutes to 30 minutes through real-time alerts and centralized monitoring.

● wrote automation python scripts to manage AWS resources via Boto3 SDK, streamlining cloud operations.

● Configured CloudWatch dashboards and alarms to monitor over 25 critical metrics, enabling faster response times to system anomalies and reducing downtime by 40%.

● Collaborated with cross-functional teams on security initiatives, achieving compliance with PCI- DSS and HIPAA regulations, and mitigating high-priority risks across 5 enterprise applications.

● Resolved complex network protocol issues (e.g., TCP/IP and UDP), improving data transfer speeds

● by Created 15% and detailed reducing documentation network latency and troubleshooting for critical workloads. guides, reducing support escalation times by 50% and improving ticket resolution rates across 20+ customer-facing services.

● Enhanced application scalability by implementing auto-scaling, load balancing, and caching strategies, supporting an increase in traffic from 50,000 to 200,000 requests per hour without performance

● degradation. Mentored junior team members by conducting hands-on training sessions, code reviews, and knowledge-sharing workshops, fostering their growth in cloud technologies, automation tools, and

● DevOps Created best automated practices. security scanning scripts using Python, reducing security vulnerabilities by 80% and ensuring full compliance with NIST and OWASP standards.

● Developed and enforced AWS guardrails and tagging policies, enabling streamlined governance for over 100 AWS accounts and ensuring compliance with internal and regulatory standards.

● Integrated Jenkins and GitLab CI/CD with Kubernetes (EKS/AKS) for containerized microservices deployment, improving system scalability by 50% .

● Managed AWS IAM roles with RBAC and integrated ADFS for user management across 500+ team members, simplifying access control while maintaining security standards.

● Provisioned and maintained robust cloud environments using Terraform, deploying EC2 instances, Lambda, ELB, EBS, AMI, IAM, VPC, WAF, RDS databases, and S3 buckets to handle 1 PB+ of data storage and support mission-critical applications.

● Implemented GitLab CI/CD security scans (SAST, DAST, and Dependency Scanning), reducing vulnerabilities by 55% before deployment.

● Integrated Ping Identity SSO and MFA solutions, reducing login times for enterprise users by 40% and increasing adoption rates of secure authentication measures by 25%.

● Implemented AWS Cost Explorer and TCO reducing infrastructure by 60% saving over

$650000 annually.

● Migrated on-premises workloads to AWS and Azure cloud platforms, achieving improved scalability and operational efficiency.

Lead DevOps / Cloud Security Engineer

● Deployed Elasticsearch clusters on Kubernetes using Helm charts, ensuring high availability and fault tolerance to handle log ingestion from thousands of pods across multiple namespaces. Ø

INFOTREE GLOBAL SOLUTIONS 2020 – 2023

● Provisioned and managed Azure Virtual Machines to deliver scalable and high-performance compute solutions for enterprise applications.

● Designed and implemented scalable cloud architectures using Azure services such as Azure Kubernetes Service (AKS), Azure Functions, and Azure Blob Storage, ensuring availability and reliability for mission- critical workloads using Terraform.

● Integrated Golang-based applications with Azure Lambda, reducing infrastructure costs by 40% and improving scalability.

● Configured and monitored Azure Monitor to provide real-time diagnostics and proactive alerts, reducing issue resolution time by 40%.

● Developed and deployed scalable Node.js microservices in Azure/AWS Lambda and Kubernetes, reducing API response time by 40% and increasing request-handling capacity to 500K+ requests per second.

● Implemented security best practices across Azure services, including RBAC, strong password policies, multi-factor authentication (MFA), and access key rotation, reducing potential attack vectors.

● Scheduled automated Jenkins jobs, streamlining CI/CD processes for regular builds and deployments.

● Designed API Gateways with Azure API Management to secure and standardize access to backend services.

● Responded to support tickets within a precise SLA /SLO to improve customer service.

● Work on and educate the development team to identify and remove performance bottlenecks, scaling choke points, avoid single points of failure, and to optimize our software and systems.

● Deployed and managed containerized applications on OpenShift and AKS (Azure Kubernetes Service)

● Integrated Circle CI with Terraform and Ansible, ensuring infrastructure changes were applied reliably with zero downtime.

● insights from the data stored in NOSQL databases like MongoDB and DynamoDB.

● Leveraged MongoDB for document model and scalability features in storing and querying data effectively that required dynamic schema structures and high availability.

● Using CloudFront to deliver content from AWS edge locations to users, allowing for further reduction of load on front-end server.

● Utilized Azure Application Gateway and Traffic Manager to balance load across global deployments, ensuring minimal latency and maximum uptime.

● Implemented GitOps practices using Argo CD, integrating with Git to manage application configuration and deployment, and achieving a 95% reduction in configuration drift.

● Collaborated with cross-functional teams to resolve load balancing or Kubernetes cluster failures, ensuring smooth system and application operations.

● Deployed and maintained Blob Storage for secure and scalable object storage.

● Implemented Azure Key Vault to securely manage secrets, keys, and certificates, reducing risk in application deployments.

● Optimized pipeline performance using CloudBees Pipeline Templates, cutting down CI/CD execution time by 50%, improving developer productivity.

● Implemented Azure Active Directory (AAD) for robust identity and access management.

● Utilized Azure Monitor for comprehensive monitoring and diagnostics of cloud infrastructure.

● Managed and optimized Azure SQL Database instances for various applications.

● Utilized Azure Resource Manager (ARM) templates to automate the provisioning of resources, reducing deployment time and human error.

Platform / Cloud Infrastructure Engineer

● Leveraged Snowflake for data warehousing to enable efficient querying and analytics on large datasets, resulting in improved data accessibility and performance.

● Designed and Implemented data pipeline for ETL processes using Snowflake, ensuring data integrity and optimizing performance for large-scale data operations.

● Utilized AWS Glue and EMR to construct data pipelines enabling efficient data processing and transformation.

● Utilized Redshift to optimize database performance to increase data processing speed ensuring efficient data handling.

● Designed and maintained Ansible playbooks for automated application deployment, reducing deployment time by 60% and minimizing manual errors.

● Architected disaster recovery solutions using Azure Site Recovery, achieving 99.99% availability for business-critical applications.

● Designed and managed secure CI/CD pipelines using cloudbees Jenkins and Azure DevOps, integrating security checks at every stage.

● Implemented Okta for MFA to enhance security by requiring multiple forms of verification before granting access, SSO to simplify user access by allowing one set of credentials to access multiple applications.

● Utilized Jira Boards (Scrum) to organize tasks, track sprint progress and manage Work in Progress

(WIP) limits.

● Migrated repositories from GitHub to GitLab.

● Utilized strong knowledge of Linux and Unix systems and networking protocols to diagnose and troubleshoot server-related issues, optimizing system performance and minimizing downtime.

● Perform all stages of audit, including planning, fieldwork/execution, reporting, and follow-up.

● API Access Management to control access to APIs using OAuth and OpenID connect standards and securing API endpoints and enforce policies.

● Deploy, debug and monitor Java applications on Azure Kubernetes Clusters and EKS. WIPRO 2016 – 2020

● Implemented RESTful APIs in Golang, leveraging Goroutines for high-concurrency processing,

● resulting Strengthened in 30% cloud higher application request-handling security efficiency. by addressing the OWASP Top 10 vulnerabilities, reducing risks of attacks such as SQL injections and cross-site scripting by 30%.

● Designed and optimized DynamoDB database schemas and indexes, supporting transactional workloads of up to 20,000 requests per second, improving query efficiency and scalability.

● Streamlined resource provisioning by authoring AWS CloudFormation templates for VPCs, EC2 instances, and security groups, reducing manual effort and deployment time by 50%.

● Implemented Bitbucket Pipelines, automating CI/CD workflows, leading to a 60% reduction in manual deployment efforts and accelerating release cycles by 45%.

● Enabled secure communication between AWS services and accounts using AWS Private Link and VPC Peering, enhancing privacy for sensitive data transactions.

● Integrated Bitbucket with JIRA and SonarQube, improving issue tracking efficiency by 30% and reducing code vulnerabilities by 55%.

● Deployed proactive monitoring solutions using PagerDuty, SNS, and New Relic, reducing incident response times to under 5 minutes for mission-critical applications. DevSecOps / SRE

● Implemented AWS Route 53 for global DNS management, enabling high availability by distributing traffic across multiple availability zones, achieving 99.99% uptime.

● Collaborated with stake holders to design networks, systems and storage environments that reflected business needs, security specifications and service level requirements.

● Deployed Istio for service mesh integration, enabling secure, reliable communication between microservices with automated traffic management and observability.

● Utilized Calico for Kubernetes network policies, enforcing security standards and ensuring compliance in multi-tenant environments.

● Integrated centralized logging and telemetry solutions with Rancher and Sumo Logic, providing actionable insights into microservices' health and performance.

● Automated scaling of applications in customized VPCs using Elastic Load Balancers (ELB/ALB), improving application responsiveness under high traffic load

● Configured and deployed SSL/TLS certificates using AWS ACM, ensuring encrypted communication and compliance with data security standards.

● Engineered high-performance microservices in Java, improving API response time by 50% and handling 200K+ requests per second.

● Secured data in transit by leveraging VPNs and encryption protocols, establishing secure communication between on-premises systems and AWS cloud.

● Performed vulnerability scanning using Tenable tools (Nessus.io, Nessus Professional) to identify and remediate security issues, ensuring compliance with PCI-DSS and HIPAA standards.

● Enhanced application security with AWS WAF integrated with ALB, protecting web servers from common threats and enabling secure content delivery via CloudFront.

● Implemented Kubernetes monitoring with Kobs, Prometheus, Grafana, and Elasticsearch, improving cluster performance and reliability for 10,000+ pods.

● Integrated DevSecOps workflows with ServiceNow ITSM/ITOM, reducing incident response time by 80% and mean time to resolution (MTTR) by 25%.

● Implemented and managed Apache Kafka clusters for real-time data streaming, processing over 10 million events per second across microservices, ensuring high throughput and low latency for mission- critical applications.

● Transitioned AWS infrastructure to serverless architecture using AWS Lambda and Kinesis, enabling cost-effective scalability and achieving recovery time objectives (RTO) under 15 minutes.

● Led customer-facing consulting engagements, resulting in a 15% improvement in customer satisfaction scores and a 25% increase in customer retention rates.

● Implemented AWS Elastic Container Service (ECS) scheduler to automate spring boot application deployment in the cloud using Docker Automation techniques.

● Managed Kubernetes clusters using Helm charts, streamlining deployment processes and ensuring consistent application delivery across environments.

● Certifications:

● AWS Certified DevOps Engineer Professional

● AWS Certified Solution Architect Associate

● AWS Certified Security Specialty

● AWS Certified Developer Associate

● Certified Kubernetes Administrator

● CompTIA Security+ (SY0-601)

● Hashicorp Certified Terraform Associate (003).

Education: BSc in Computer Science (University of BUEA) 2013 - 2016 Masters (in Progress): Business Administration - University of Maryland Global Campus (2024 - present)



Contact this candidate