Devops Engineer Solutions Architect
Resume:
NERVILLE ACHERA
UPPER MARLBORO. MD ***** 720-***-**** ********.******@*****.***
AWS SOLUTIONS/SECURITY ARCHITECT/DEVOPS ENGINEER.US CITIZEN. CLEARABLE
Summary of Qualifications:
I am an experienced and highly motivated certified AWS solutions Architect/Engineer with about 10+ years of experience in the AWS platform and 12+ in IT environments with proficiency in cloud orchestration, security, identity & access management, monitoring and event management, governance & compliance, and patch management, self-service and ops analytics in AWS and Azure platforms.
Technical Skills:
AWS Cloud Security:
AWS Security Hub, AWS Guard Duty, AWS Shield, AWS Firewall Manager, AWS Inspector, IAM, Security Groups, NACL etc.
Monitoring & Event Management:
AWS CloudWatch (Events & Logs), AWS SNS, Splunk, tableaux.
Identity & Access Management:
AWS Organization, AWS IAM, AWS AD Connector, AWS Workspaces, AWS Secrets Manager, etc.
Governance & Compliance:
AWS Config Rules, AWS Organization, AWS Control Tower, AWS Trusted Advisor, AWS Budgets, AWS License Manager, etc.
Automation language:
JSON YML. Python, GitHub, GitLab. GitHub Actions,
Cloud Orchestration/Automation:
AWS CloudFormation, AWS Lambda, AWS Systems Manager, AWS SSM Parameter Store, Ansible, Docker, Kubernetes, EKS, ECS.
Performance Optimization: Monitor and analyze system performance, ensuring optimal operations and cost-efficiency.
Network: VPC, VGW, TGW, IGW, NGW, ELB, Firewalls, IPAM etc.
Application Delivery/DevOps:
Git, GitHub, GitLab, Bitbucket, JIRA, ServiceNow, Confluence, Jenkins, GitHub Actions, CI/CD, ECR, AWS Code Pipeline, AzureDevops,ELK (Elasticsearch, Logstash, Kibana), AWS Code Commit, Openshift, AWS Code-Build, AWS Code Deploy, EKS, Kubernetes.
AWS Platform: AWS CloudFormation, AWS Lambda, AWS Systems Manager, S3, VPC, EC2, ELB, RDS, SNS, SQS, Route53, CloudFront, Service Catalog, AWS Auto Scaling, Trusted Advisor, CloudTrail CloudWatch etc.
Cloud-Native Development: Develop scalable, resilient, and secure cloud-native architecture utilizing leading service models (IaaS, PaaS, SaaS).
Cost optimization/Fineops: Aws Budget, Aws cost Explorer, Aws Billing Aws cost and usage reports, Aws Cost Anomaly detection, Aws Forecast Aws Trusted Advisor.
Data Protection: AWS Certificate Manager, AWS KMS, Snapshot Lifecycle Manager, AWS Cloud HSM,
AWS Migration: CART, ADS, Migration Hub, AWS Application Migration Service (MGN), DMS
Professional Experience
Senior AWS Solutions/Security Architect
IT Concepts Inc 09/30/2024- Present
Designed and implemented a proof of concept for Fraud detection at SSA using AWS Sage maker and Fraud detector, leading to successful approval and implementation.
Utilized AWS Blu Age to convert COBOL legacy code to Java on AWS, showcasing strong technical skills and problem-solving abilities.
Developed a comprehensive framework for Zero Trust implementation in AWS, ensuring enhanced security measures for the organization.
Led cloud migration projects ensuring FedRAMP compliance for government agencies, aligning with NIST 800-53 security controls.
Designed and implemented secure AWS architectures adhering to FedRAMP Moderate and High impact levels in AWS secret regions using Infrastructure As code. (IAC).
Conducted gap assessments and remediation strategies to achieve FedRAMP Authorization to Operate (ATO).
Worked with 3PAOs (Third-Party Assessment Organizations) to facilitate security assessments and audits for FedRAMP authorization.
Perform security architecture and risk assessment of internally developed or acquired IT systems and applications using best practices including threat modeling (STRIDE/DREAD).
Designed the enterprise landing zone using tools like AWS landing zone, Landing zone accelerator, and Control Tower.
AWS Solutions/Security Architect
ACCENTURE. 7/9/2022- 09/01/2024
Created and managed IAM policies for 86 enterprise accounts.
Promote awareness and provide consistent interpretation of security policy to technology and business teams.
Perform security architecture and risk assessment of internally developed or acquired IT
systems and applications using best practices.
Achieved a 40% reduction in security incidents and ensured compliance with industry standards by implementing security best practices such as security groups, network ACLs, encryption, and IAM.
Using AWS battery services and solutions like compute optimizer, instance scheduler, Auto scaling, AWS Tagging, centralized billing, service control policies, customized solutions, and policies to reduce monthly cost by 19% in 4 months.
Optimized CI/CD pipelines with Infrastructure as Code (IaC) using CloudFormation and Terraform to manage Jenkins and code build processes.
Assist and manage the roadmap for DevOps implementation in established operations, with expertise in continuous delivery, DevOps solutions, and integrated toolset solutions in an enterprise environment Mentor Cloud engineers and build team for effective Cloud Operations.
Automated infrastructure deployment with Terraform and OCI Resource Manager, reducing provisioning time and improving consistency.
Developed and managed intricate CI/CD pipelines for Java projects using Jenkins plugins, and GitHub Actions, leading to a 40% increase in deployment frequency and a 20% reduction in code defects.
Achieved a 20% reduction in manual configuration time and a 25% improvement in site reliability by developing and maintaining Ansible Playbooks for applications.
Extensive experience in implementing AWS EKS clusters, management and scaling of the clusters with a good knowledge of traffic in/outflows via subnet configurations and gateways.
Configured and managed JFrog Artifactory for artifact storage, version control, and CI/CD pipeline integration.
Developed and deployed EKS clusters for a java application using a CICD pipeline.
Implemented OCI Identity and Access Management (IAM) to enforce least privilege access, MFA, and policy-based controls across environments.
Optimized Elasticsearch queries and indexing strategies to enhance search performance and log retrieval speeds.
Integrated ELK with AWS services such as Amazon OpenSearch, S3, and Lambda for cloud-based log aggregation.
Deployed a data lake pipeline (Rds., Dynamo DB, S3, Glue, EMR, RedShift, Quick Sight.
AWS Solutions Architect 08/2020–06/30/2022
CITI GROUP
Developed and leveraged baseline and custom guardrails, policies, centralized policy enforcement, tagging policies and a well architected multi account environment.
Migrated legacy applications to AWS cloud environment.
Leveraged Docker to build, test and deploy applications in different environments.
Migrated Oracle databases from OCI to AWS RDS.
Developed required and optional tagging reference documents for automation, compliance, and consolidated billing.
Deployed and managed the ELK Stack for centralized logging, monitoring, and real-time analytics.
Configured Elasticsearch clusters with proper indexing, sharding, and replication for high availability and performance.
Implemented Logstash pipelines to ingest, parse, and transform logs from multiple sources (AWS CloudWatch, Kubernetes, application logs, etc.).
Build a data pipeline using AWS S3, Data Sync, EMR, Macie, and quick sight for analytics
Developed baseline VPC and Network design including leveraging VPN connectivity and Direct Connect
Developed baseline AWS account security, implemented/integrated end-point protection, vulnerability scanning and intelligent threat detection.
Created data lakes and data pipeline using tools like s3, lambda function, GLUE, EMR, MySQL. Quick-Sight and AWS redshift.
Implemented Control Tower Preventive and Detective guardrails and leveraged Account Factory, integrated with Lambda for new AWS account creation and setup.
Setup Ansible control master - slave nodes and developed playbooks to automation configuration of servers across environments.
AWS Site Reliability Engineer 05/2016 – 12/2020
Infosys- USA
Responsibilities
Designed and implemented Jenkins-based CI/CD pipelines, increasing deployment frequency by 20% and
reducing deployment failures by 5%.
Applied preventive guardrails using SCPs, enhancing security and reducing security incidents by 25%.
Designed and deployed secure, cost-optimized, highly available, and fault-tolerant cloud infrastructure, boosting system reliability by 20% and cutting infrastructure costs by 30%.
Automated remediation of Trusted Advisor findings using Amazon CloudWatch events and AWS Lambda with Python, halving manual effort and enhancing system compliance.
Implemented AWS Landing Zone to establish a secure, multi-account AWS environment, streamlining the setup of a scalable and compliant infrastructure with automated account configuration, centralized logging, and integrated security controls.
Develop cloud and Ai technologies to resolve technical problems.
Provisioned AWS infrastructures using Terraform and CloudFormation, boosting deployment efficiency by 40%.
Monitored infrastructure end-to-end using AWS resources, resulting in a 15% enhancement in response time to incidents.
Utilized AWS Config to enhance security and compliance across AWS environments by continuously monitoring and auditing AWS resource configurations to ensure compliance with corporate and regulatory policies.
Implemented AWS Single Sign-On (SSO) for streamlined access management, simplifying user authentication across multiple AWS accounts and developed/documented security guardrails for AWS Cloud environment.
AWS- Cloud Admin 09/2013 – 04/2016
JJTech Inc- Maryland-USA
Responsibilities:
Created, managed and administered user accounts security and SSH password less login.
Network configuration & troubleshoot issues with respect to network and configuration files.
Configuring Apache, NFS.
Create users, groups and give permissions on bear metal servers.
Task automation, service management and application deployment using Ansible and Jenkins
Build and configured Linux servers from scratch with type one hypervisors for virtualization and network components.
Perform security setup, networking, system backup and patching for both AWS, and on-premises environments.
Architect high availability environment with auto scaling & Elastic Load Balancer
Securely deploy MySQL Primary DB and its read replica in private subnet with multi-AZ for disaster recovery and best practice
Migration of high availability webservers and databases to AWS EC2 and RDS with minimum or no downtime
VPC build with Private and Public Subnet couple with VPNs set up back to on premise datacenter and cooperate offices.
VPC peering with other Accounts allowing access and routing to service and users of separate account to communicate.
Microsoft SQL Database Administrator:
Techno-communications -Yaoundé 12/2011-08/2013
Responsibilities: -
Experience in planning, implementing and administering High availability and Disaster recovery solutions like Log Shipping, Mirroring, Replication, Clustering and Always on availability group.
Installing service packs and patches on SQL server 2008 and 2005.
Resolve performance issues using SQL native tools like Database Engine Tuning Advisor, SQL server profiler, Activity monitor, Windows performance monitor, DBCC, Store procedures, DMVs, and DTAs.
Provide 24/7 dedicated support to users in production, development and testing servers and responded on Tickets based on requirements.
Experience in maintenance plans: database backups, integrity checks, update database statistics and index maintenance using GUI and T-SQL.
Strong Experience in SQL server upgrade, patching and data migration from MS Server 2005 to 2008R2 and 2008.
Education And Certification
Bachelors Degree
AWS Certified Solutions Architect – professional
AWS Certified Security Specialty
Azure Fundamentals
Certified Scrum Master
CompTIA Security+
Languages
English, French
Hobbies
World affairs and sports
Video games
Contact this candidate