Security Engineer Solutions Architect

Khusrav Nazarov

DevOps and Security Engineer

CORE SKILLS

EDUCATION

WORK EXPERIENCE

CERTIFICATIONS

PROFESSIONAL SUMMARY

224-***-**** **********@*****.*** Chicago, IL Linkedin.com AWS Certified Cloud Practitioner

AWS Certified Solutions Architect Associate

AWS Certified SysOps Associate

AWS Certified Developer Associate

HashiCorp Certified: Terraform Associate (003)

Cloud: AWS(EC2, VPC, S3, EBS, RDS, Lambda, SQS, SNS, CloudWatch,CloudFormation ) AWS Security services: Security Hub, SCP, KMS, IAM, Control Tower (AWS Organizations), Config IaC: Terraform, CloudFormation

CI/CD: Jenkins, Github Actions

Containerization: Kubernetes, Docker, ECS, ECR, EKS Scripting: Python, Bash

SCM: Git, GitHub, Bitbucket

Monitoring and logging: CloudWatch, Prometheus, Grafana, SumoLogic Database: MangoDB, RDS, MariaDB

Security: NIST Cybersecurity Framework, SOC 2 Compliance, Policy-as-Code - Checkov, Opsgenie Tajik National University, Bachelor’s Degree, Information technology in business In progress Certified DevOps and Security Engineer skilled in automating AWS infrastructure, optimizing CI/CD pipelines, and enhancing platform management with Terraform, CloudFormation, and Jenkins and Github actions pipelines. Proven ability to drive automation, embed security best practices into DevOps workflows, and collaborate with teams to streamline cloud-native deployments. Experienced in integrating DevSecOps principles like automated security scanning, policy enforcement, and compliance checks into CI/CD processes. Good working knowledge of Agile methodology and scrum ceremonies. Team-player, problem solver and highly adaptable to new environments and technologies. DevSecOps Engineer JSOC IT January 2025 - Present

PCEP - Certified Entry-Level Python

Programmer Certified Jenkins Engineer

Docker Certified Associate

Kubernetes and Cloud Native Associate

LPI - Linux Essentials

Enabled PGAnalyze query tuning by upgrading pganalyze collector to lates version. Integrated Liongard with AWS environment to secure and monitor Cloud environment. Updated GitHub Actions versions to ensure compatibility, enhance security, and improve CI/CD pipelines. Managed Github Enterprise repositories (branch protection, bypass rules and CODEOWNER file). Created reusable IAM roles and S3 buckets for QA environments, ensuring compliance with the principle of least privilege.

DevOps Engineer aKumoSolutions Chicago, IL March 2021 - January 2025 Used CloudFormation Nested Stacks to manage AWS infrastructure Collaborated with QA team on UI testing using AWS synthetic Canaries. Managed Web Application Firewalls (WAF) to protect applications from common web exploits. Created and configured Route 53 health checks to monitor availability and performance of critical services. Utilized Opsgenie to centralize incident management, alerting, and enforce escalation policies. Implemented and managed AWS Security Hub to centralize security findings, streamline compliance checks, and improve the overall security posture of cloud environments. Integrated SumoLogic with CloudWatch to fetch application and server logs and metrics. Created dynamic dashboards in Sumo Logic to visualize and analyze log data. Led and supported SOC 2 audits by implementing and maintaining required security controls. Integrated GitHub Actions with SonarQube by running a SonarQube scanner as part of your CI workflow Designed and implemented RESTful APIs serving requests, with full authentication and rate limiting Automated deployment of Cypress test suites on AWS ECS, integrating with CI/CD workflows and leveraging DynamoDB (NoSQL DB) for scalable, cloud-native test data storage and retrieval. Automated AWS infrastructure deployment and management using Terraform and CloudFormation. Developed reusable Terraform modules based on team requirements and security best practices. Provisioned and managed a multi-account environment using AWS Control Tower. Deployed AWS networking services, including VPCs, subnets, routing tables, and security groups. Designed and implemented backup and disaster recovery strategies using AWS Backup. Established an AWS security compliance framework using EventBridge, Lambda, and SNS. Customized Amazon Bedrock ML models based on company-specific datasets. Created manifest files to define Kubernetes objects, including Pods, Controllers, Services, and HPA. Collaborated with development teams to containerize applications, and define Dockerfiles. Managed software installations and updates on Linux systems using Ansible. Created and maintained user accounts, permissions, and access rights in a Linux environment. Provided support for incoming issues related to cloud, systems and applications. Used Git, GitHub and BitBucket for source code management. Worked in an Agile environment, managing and prioritizing tasks through the use of Jira. Enforced Service Control Policies (SCPs) across AWS accounts to strengthen security controls. Implemented pre-deployment IaC code scanning using the policy-as-code tool Checkov. Migrated AWS infrastructure from CloudFormation stacks to Terraform for better management. Designed a fully serverless Jenkins distributed build architecture using AWS Fargate. Troubleshoot and resolved Jenkins pipelines, cloud and server related errors. Automated the build and deployment of containerized applications using CI/CD pipelines. Created manifest files to define Kubernetes objects, including Pods, Controllers, Services, and HPA. Deployed Docker containers to Kubernetes clusters on Amazon EKS. Improved container launch times by implementing AWS Seekable OCI for lazy loading of images. Managed Docker registries, including Docker Hub and AWS ECR.

Contact this candidate