Post Job Free
Sign in

Aws Cloud Engineer

Location:
Ashburn, VA
Salary:
0
Posted:
April 23, 2025

Contact this candidate

Resume:

Ahmed W. Mohammed

Green Card Holder – Security Clearance -Public Trust

646-***-****

SUMMARY:

•Cloud engineer with 12 years of experience in IT industry on AWS Cloud computing, Systems Engineering, Virtualization, Data Center Consolidation, Security Remediations and Unix/AIX Linux Administration. Experience in building and maintaining infrastructure on premise and on AWS

•Have good experience on AWS Cloud platform and its features which includes EC2, VPC, EKS, ECS, ELB, AMI, SNS, RDS, Route53, Cloud Watch, Cloud Formation, Cloud Front, Auto scaling, IAM, S3 and Glacier

•Good understanding of cloud IAM token authentication OpenID Connect and other protocols SAML, SCIM, LDAP

•Expertise in creating complex and custom IAM policies, Roles, and user management for delegated users within AWS and experience in developing AWS Cloud Formation templates to create custom sized VPC, Subnets, EC2 instances, ELB and security groups

•Have good experience in triggering CloudWatch alarms and specified thresholds with metrics and notified by creating subscribers by using SNS

•Strong understanding in cloud platforms (IaaS, PaaS, SaaS)

•Good experience in Terraform and CloudFormation for building, changing, and versioning of Infrastructure and wrote Templates for AWS infrastructure as a code using Terraform /CloudFormation to build staging and production environments

•Experienced in monitoring tools like CloudWatch, Nagios, Sensu and Splunk

•Experienced in installation and configuration of Apache, Nginx, Tomcat, WebSphere, web and application servers

•Expertise in working with different Bug Tracking Tools like JIRA, Clear Quest and Quality center

•Experience with Hashicorp tools like Vagrant for virtualization and Packer for creating AMI’s

•Experience in AIX/Linux administration activities including Virtualization, network-based installation, RAID, LVMs, Disk quotas, configuration of DHCP, DNS, NTP, iptables, User and Group Administration, Nagios, proxy server

•Good Interaction with developers, managers and team members to coordinate job tasks and strong commitment to work

•Strong analytical, diagnostics, troubleshooting skills to consistently deliver productive technological solutions. Coordinated with the Offshore and Onshore teams for Production support

PROFESSIONAL EXPERIENCE:

Guidehouse / SBA, Washington DC February 2022 - Current

Cloud / Devops Engineer

Secret Clearance – Public Trust

Roles & Responsibilities

Primarily responsible for providing infrastructure support to SBA loan programs like Fiscal Transfer Agent (FTA), SBA One and secondary market (7A) . Provisioned highly available, scalable and fault tolerant services in Amazon Cloud tailored towards supporting the development efforts.

•Worked on setting up Code Commit repositories and providing secure access to the development team

•Created Docker images from the repository, pushed to ECR and created build projects using Code Build

•Created ECS Cluster and deployed the build by creating Task definitions and Containers on ECS.

•Updated the ECS cluster with new Docker Image and re-deployed the build

•Configured CloudWatch monitoring and logging for various AWS services like S3, ALB, Code Commit, Code Build, RDS and VPC etc

•Worked on streaming CloudWatch Logs to Amazon OpenSearch in real time using CloudWatch Logs subscription

•Created CICD pipelines for automated build deployments using CodeCommit, CodeBuild & Code Deploy.

•Created Cross account policies and roles in IAM and configured cross-account deployments using Docker, Code Build and Code Pipeline.

•Proficient in infrastructure automation and deployment using IAC / Terraform

•Deployed Kubernetes cluster in Amazon EKS using eksctl and also automated the deployment using Terraform

•Worked on creating Kubernetes manifests for deployment of pods and Services for deploying the application.

•Responsible for Git approval and merges, resolving code conflicts and pushing code through all environments like gamma, beta, hotfix and prod .

•Deployed ALB Ingress controller to load balance application traffic to backend pods.

•Worked on creating a customer owned Redis HA solution using Redis Sentinel and Kubernetes Stateful sets hosted on EKS.

•Developed Proof-of-Concept projects to validate new architectures and solutions.

IBM, Plano TX February 2020-February 2022

Cloud / Infrastructure Engineer

Roles & Responsibilities:

•Designing, deploying, and maintaining the application servers on AWS infrastructure, using services like EC2, S3, Glacier, VPC, Auto scaling, Lambda, Route53, SQS, IAM, Code Deploy, CloudFront, RDS, and Cloud Formation etc.

•Using AWS-CLI to suspend an AWS Lambda function. Used AWS CLI to automate backups of ephemeral data-stores to S3 buckets, EBS

•Utilizing AWS CLI to automate backups of ephemeral data-stores to S3 buckets, EBS and create nightly AMIs for mission critical production servers as backups

•Created Docker images using a Docker file, worked on Docker container snapshots, removing images and managing Docker volumes

•Used HashiCorp Packer to create and manage the AWS AMI's and Vault to manage AWS secret keys

•Implemented AWS Auto scaling groups, Elastic Load Balancing, S3, EBS, EFS, Route 53, VPC, SNS, CloudWatch and EC2 under AWS

•Worked on Auto Scaling for providing high availability of applications and EC2 instances based on the load of applications by using Cloud Watch in AWS

•Created Virtual private cloud (VPC), Elastic load balancers and Auto scaling groups in development, testing and Production environments

•Configured S3 versioning and lifecycle policies to backup files and archive files in Glacier

•Created the AWS VPC network for the Installed Instances and configured the Security Groups and Elastic IP's accordingly

•Designed and deployed a highly available and fault tolerant infrastructure on AWS using terraform modules, these modules install a web application in public subnet and database in private subnet which can communicate using the local route table in the VPC

•Worked on Monitoring, traffic tracking and trend analysis using Network Management Tools like Splunk, Nagios and Cloudwatch

•Implemented Blue-Green Deployment in production using Route53

•Used Ansible for automation and scheduling automated jobs

•Worked on creation of Ansible Playbooks to install tomcat instances and to manage configuration files for multiple applications

•Provided On premise system support for IBM Power 6,7 Servers, including routine maintenance, patching, installing third party software and system backups using mksysbs and restoring, and software and hardware/firmware upgrades

•Performed AIX Technology Level (TL) upgrades and migrations to AIX 7.1,7.2 using NIM and Alternate Disk technology. Performed HMC upgrades

•Volume Group and File systems management, troubleshooting

•Installed VIO server Advanced POWER Virtualization (APV) on IBM P5,P6 & and P770 Systems. Assigned resources by making partitions LPAR client of VIO server and clients Installation. dual VIOS setup and failover design

•Configured dual VIOS server for redundancy and configured network redundancy with SEA failover with Link aggregation (EtherChannel)

•Performed Upgrade/Patching of dual VIOS

•Perform periodic scans on all Unix servers and remediate any vulnerabilities and applied CIS benchmark for AIX

•Provide Tier3 SME support for all AIX issues

United States Dept. of Labor, Washington, DC February 2015-January 2020

Sr Unix/Aix Engineer SME.

Secret Clearance – Public Trust

Job Responsibilities

•Designed and implemented IBM Power 8 S824 in SSDC (Silver Spring Data Center) and STL (St Louis Data Center) as part of hardware refresh and DOL OWCP migrations

•Installed VIO server Advanced POWER Virtualization (APV) on IBM S824 Systems. Created Shared Storage Pools (SSP), Repository Disk, and create Logical Units (LU)

•Created Virtual Media Repositories (VML) to push OS from VIOS. Assigned resources by making partitions LPAR client of VIO server and clients Installation

•Responsible for Installing Security fixes and APAR’s in Servers

•Installation and configuration of NIM master server and clients

•Responsible for Auditing Server build’s, to ensure security compliance, and SOX compliance

•Provided support for AIX SAN migrations. Created virtual FCs on VIOS and client LPARs and assisted in LVM/SAN migration

•Performed Aix installations, configuration, Upgrading, Migrating, Performance Tuning, Audit management and patching using AIX Alt Disk

•Provided system support for IBM Servers, including routine maintenance, patching, installing third party software and system backups using mksysbs and restoring, and software and hardware/firmware upgrades

•Performed AIX Technology Level (TL) upgrades and migrations to AIX6.1 using NIM and Alternate Disk technology. Performed HMC upgrades from V7 to V8

•Provided AIX SME support as and when required

•Created RHEL 6/7 template image and applied security STIG for compliance

•Responsible for periodic patching of the RHEL Template

•Experience in Managing various Network related tasks such as TCP/IP, NFS, DNS, DHCP and SMTP

•Use of LVM, creating Volume Groups, Logical volumes, and disk mirroring

•Installed and upgraded packages and patches on RHEL6,7,8 using RPM, YUM and third-party software and automating patching

•Experienced in configuring and maintaining YUM repositories for package installations

•Worked on daily tickets which included server provisioning, network configs, LVM configs and multipathing

•Conducted installation/configuration/upgrades of hardware, operating systems, software and security related patches on a regular schedule for RHEL & AIX

•Installed and configured Splunk Universal Forwarder for RHEL and IBM AIX servers

•Created Dashboard Views, Reports and Alerts for events and configure alerting emails

•Performed Field Extractions from different types of log files

•Analyzed and co-related events through Splunk grouping commands such as transaction, join and append

•Created Dashboards to monitor CPU Performance and Memory usage

•Proficient in writing Splunk searches using Splunk SPL and using complex eval commands and well-versed with Splunk architecture and design

•Created and updated Splunk Indexes and data sources and deployed Splunk Apps

•Experience creating and managing Splunk Knowledge objects (field extractions, macros, event types etc.)

•Coordinated the Office Of Chief Financial Officer (OCFO) hardware relocation from DOL‘s primary site (FPB) to a colocation (ByteGrid)

•Racked, installed and configured SUN hardware like M3000, M5000, T5520, M8000 etc. to create a R&D environment

•Installed Solaris 10/11 on Sun hardware and provided network and storage

•Created Solaris 11 template image and applied security hardening and created baseline document

•Provided design input for implementation of enterprise-wide monitoring tool Solarwinds. Identified network/compute/Storage resources to be added to monitoring

WMATA (Washington Metro Transit Agency), Washington, DC June2010-January 2015

UNIX/AIX Administrator

Job Responsibilities:

•Provided 24x7 on call server support for AIX / Linux environment

•Installations, upgrades and the configuration and maintenance of AIX v5.3, 6.1 and Aix 7 running on Power5/Power6 and Power7 Pseries and Blade hardware

•Supported applications like SAP, Maximo, Trapeze, Bus Rail and Fare Collection Systems

•Performed Aix installations, configuration, Upgrading, Migrating, Performance Tuning, Audit management and patching using AIX Alt Disk

•Performed hardware installation and configuration of new Servers using automated installation

•Performed LVM and storage management

•Provided system support for IBM Servers, including routine maintenance, patching, installing third party software and system backups using mksysbs and restoring, and software and hardware/firmware upgrades

•Performed AIX Technology Level (TL) upgrades and migrations to AIX6.1 using NIM and Alternate Disk technology

•Installed VIO server Advanced POWER Virtualization(APV) on IBM P5 and P770 Systems. Assigned resources by making partitions LPAR client of VIO server and clients Installation

•Configured dual VIOS server for redundancy and configured network redundancy with SEA failover with Link aggregation (etherchannel)

•Configured P770 clients for Virtual Fiber channel (NPIV) on VIOS

•Installed dual pathing software on VIO servers (PowerPath/MPIO) and SDD for virtual SCSI redundancy

•Coordinate the SAN team to allocate / reclaim storage on new and existing servers . Storage used was (SHARK) and EMC Clarion

•Installed security software IBM Guardium and S-STAP and GIM agents to monitor databases and maintain integrity of PCI data

•Installed Tripwire and Varonis on all AIX servers for security and auditing

•Coordinated with IT-Security team to perform periodic scans on all Unix servers and remediate any vulnerabilities and re-scan

•Worked with the internal audit team to test and secure all Unix servers and ensure system policies like password ageing, login retries,disable root login etc. are implemented across the UNIX platform

•Was the main POC for internal as well as external auditing on WMATA’s Unix servers

•Performed migrations of file systems and remounting them on different mount point

•Responsible for system partitioning (LPAR) and operating system installation using HMC

•Responsible for performing administration tasks on DLPAR such as adding, deleting and moving system resources from one partition to another partition

•Focal point in Disaster recovery testing and implementation of production servers to DR site and rolling back to the primary site

•Created various NIM resources like lppsource, spot for automated OS installations

•Performed NIM installations of OS on P590, P595, P770 Lpars using HMC and on JS21 Blades using the Advanced Management Module(AMM)

•OPENSSH server administration with key management and host access control

•Upgraded TSM from 5.3 to 5.5

•Upgrade firmware of Frames, HBA etc.

•Provide temporary and permanent sudo permissions to users depending on the job requirement and security request clearance

•Coordinate with Application, Database and AD teams best time to schedule the Change so that there is no client or customer impact

•Monitor system performance on a daily basis to ensure adequate response times on production systems using NMON

•Provide audit reports for production servers and automate the data collection process using scripts

•Manage documentation of all production, test and development servers and VIO servers .Create scripts to automate the collection of Server configuration data and archive on NIM server

•Patched IBM AIX servers using IBM Endpoint Manager and provided reports for OS patch compliance

•Worked with the Backup team (TSM – Tivoli Storage Manager) to provide timely backups and perform test restores

•Installed and configured Oracle Active Guard on AIX servers for high availability

•Installed Oracle Real Application Cluster (RAC ) on Maximo servers for high availability

•Installed and configured CA Spectrum on AIX servers for proactive monitoring

•Worked on IBM Blade Center Power4 and Power7 Blades

SunGard, Orlando, FL September 2009-June 2010

AIX/Unix/Linux/HP-UX Admin

Job Responsibilities:

•Configured IBM p-series 550,570,590,595,690 machines for production, staging and test environments

•Responsible for Auditing Server build’s, to ensure security compliance, and SOX compliance

•Expertise in Build, Install, load and configured the boxes 550,520,560,570,590,595

•GSD331 troubleshooting, find any incompliant servers are Remediate GSD331

•Installation and configuration of LPAR’s with AIX 5.3 on p5 servers

•Experience in Installation, Configuration and Troubleshooting of Tivoli Storage Manager (TSM)

•Remediating failed backups, Take manual incremental backups of failing server’s

•Upgrading TSM from 5.1.x to 5.3.x

•Experience in Installation, Configuration and Troubleshooting of Tivoli License Manager (TLM)

•Experience in Installation, Configuration and Troubleshooting of Server Resource Manager (SRM)

•Install SSH Keys for Successful login of srmdata into the server without prompting password for daily backup of vital data such as processor utilization, disk utilization, etc.

•Installation and troubleshooting of IBM Director and Tivoli Endpoint

•Hardware troubleshooting, Maintenance and replacement of failed hardware

•Provide redundancy with HBA card, Ether channel configuration and network devices

•Coordinating with application and database team for troubleshooting the application or Database outages

•Installation and troubleshooting on VMware running Linux (RHEL, SUSE) and Windows

•Coordinating with SAN team for allocation of LUN’s in order to increase file system space

•Configuration and administration of Fiber card Adapter’s and handling AIX part of SAN

•Configuration of VIO server and VIO clients from Hardware Management Console

•Upgrading HMC version and Firmware

•Administration of multiple AIX machines, AIX clusters, and SP nodes from any client platform through WebSM

•Installed and configured RHEL Linux, Novell SUSE Linux Enterprise server 8, 9 and 10 on servers and desktops

•Good LVM skills, used LVM, created VGs, LVs, and disk mirroring

•Responsible for Installing Security fixes and APAR’s in Servers

•Used GPFS to eliminate points of failure and to increase reliability of data on HACMP

•Responsible for installing configuring and maintenance of GPFS version 2.1 and 3.3

•Migrating GPFS from 2.1 to 3.3

•Experienced in managing LPAR with AIX Virtual Memory Manager (VMM)

•Setup and configured network TCP/IP on AIX including RPC connectivity for NFS. Created mount points for Server directories, and mounted these directories on AIX Servers

•Experience in connecting to an EMC disk subsystem with PowerPath and MPIO

•Experience in working with IBM DS8000, DS4700, DS6800, FAStT/DS4800, DS4500 (FAStT 900), USP600, AMS500, IBM nSeries storage hardware and SAN Fiber director series

•Manage LPAR’s and provide virtual memory management and memory optimization

•Setup of full networking services and protocols on AIX, including NIS/NFS, DNS, SSH, DHCP, NIDS, TCP/IP, applications, and print servers to insure optimal networking, application, and printing functionality

•Configured Work Load Management (WLM) for Apache and IBM WebSphere Application Server

•Perform UNIX administrator duties supporting production ERP (SAP) and database (Oracle, PeopleSoft, and DB2) systems

•Clustered multiple RS6000/p-series machines on AIX 5.2/5.3 using HACMP, configured HACMP cluster to keep applications running

•Configured cascading, mutual takeover and rotating modes of operation of the HACMP and HACMP/ES products

•Performing Failovers in HACMP / cluster environment, monitoring servers

•Installed and configured DCE and DFS services

•Setup of full networking services and protocols on UNIX, including NIS/NFS, DNS, SSH, DHCP, NIDS, TCP/IP, ARP, applications, and print servers to insure optimal networking, application, and printing functionality

•Worked with monitoring tools like Tivoli monitoring, HP Open View, Wily, Active Watch and BMC Patrol

•Backing up AIX servers using mksysb and ADSM/TSM

•Improve server utilization and sharing I/O resources to reduce total cost of ownership and make better use of IT assets using PowerVM (Advanced Power Virtualization)

•Provide temporary and permanent sudo permissions to users depending on the job requirement and security request clearance

•Provide onsite and remote support for AIX/Solaris Server’s

•Provided 24x7 on call server support for UNIX environment including AIX, Linux and Solaris

EDUCATION:

Wayne State University, Detroit, MI

M.S. Computer Engineering/Science, 2001

Osmania University, India

B.S. Instrumentation Engineering, 1993

CERTIFICATIONS:

AWS Certified Solutions Architect Associate, 2022

Splunk Core Certified Power User, 2020

IBM Certified AIX System Administrator, 2011



Contact this candidate