Hands-On Cloud Architect

MITESH SHETH

Cell # - 201-***-****

Email – **.*******@*****.***

Core Skills

• Cloud Architecture & Modernization - Hands-on cloud architect with deep experience designing and building secure, scalable, and cost-effective solutions across AWS and hybrid environments. Actively lead and develop cloud migration and modernization projects using serverless, containerized, and event-driven architectures. Apply cloud- native design patterns, the AWS Well-Architected Framework, and multi-account governance best practices. Skilled in implementing DevOps, DevSecOps, and compliance frameworks such as NIST 800-53 and PCI DSS, with hands-on integration of tools like Checkmarx, SonarQube, JFrog X-Ray, Jira, and ServiceNow.

• Infrastructure Code & Automation - Expert in architecting and developing automated infrastructure solutions using Terraform and AWS CDK. Build and manage enterprise- scale landing zones using AWS Control Tower, Organizations, Service Control Policies

(SCPs), and IAM. Hands-on scripting in Python to automate infrastructure operations, enforce security and compliance, and drive CI/CD pipelines for DevOps and MLOps workflows.

• Data Architecture & Engineering - Design and implement scalable, high-performance data platforms for both batch and streaming use cases. Architect and build modern data lakes with Redpanda, Apache Iceberg, Trino, and Snowflake. Develop automated ETL/ELT pipelines using Apache Airflow, AWS Glue, and Python. Utilize Amazon Athena for ad hoc SQL analytics and Amazon EMR for distributed big data processing. Hands-on support for MLOps, integrating data pipelines with ML model training, deployment, and monitoring tools.

PROJECTS DETAILS

Company – NYSE

Duration: Sept 2024 – Present

Key Achievements & Responsibilities:

• Reduced data processing time by 60% by automating AWS workloads using EMR, Glue, and Athena, integrating secure Infrastructure as Code (IaC) practices to streamline querying and reporting.

• Eliminated 90% of manual ETL tasks by implementing parameterized AWS Glue jobs with role-based access controls and secure data transformation logic.

• Built secure, scalable Athena-based reporting solutions for S3 datasets, enabling real- time analytics and cost-effective, serverless querying across departments.

• Architected and deployed a high-availability Apache Trino environment with performance tuning and secure connectors for Snowflake and Redpanda, supporting distributed SQL queries across structured and semi-structured data sources.

• Developed automated Trino-Snowflake S3 catalogs, enabling schema evolution, data cleansing pipelines, and external table creation with auditable logging and access control.

• Managed EMR clusters with custom bootstrap actions, lifecycle policies, and encryption

(in-transit and at-rest), improving compute efficiency and reducing monthly costs by 25%.

• Designed and deployed low-latency Redpanda Kafka clusters using Protobuf schemas; developed secure, rate-limited gRPC APIs for dynamic topic configuration and governance.

• Implemented cloud security standards across environments, ensuring IAM least- privilege access, audit readiness, and consistent encryption policies. Environment: AWS EMR, Glue, Athena, Lambda, Step Functions, DataSync, IAM, RDS, CloudFormation, CDK, Apache Trino, Snowflake, Redpanda (Kafka), Protobuf, gRPC, Splunk, Redis, Python

Company – Prudential Insurance of America

Duration: Jan 2023 – Aug 2024

Key Achievements & Responsibilities:

• Increased infrastructure efficiency and consistency by implementing Infrastructure as Code (IaC) using Terraform and Python, automating the provisioning of AWS services across multiple business units.

• Led the successful cloud migration of over 10 legacy n-tier applications to AWS serverless architectures, achieving near-zero downtime and reducing long-term operational costs and complexity.

• Strengthened enterprise security posture by designing and enforcing RBAC policies for Terraform, ensuring least-privilege access across both on-prem and SaaS tools.

• Reduced infrastructure costs by 35% by re-platforming on-prem microservices to AWS Lambda, using Python-based APIs, and eliminating the need for persistent compute infrastructure.

• Developed secure, scalable REST APIs and microservices using Python FastAPI, AWS Lambda, and API Gateway, improving performance and reliability of customer-facing and internal applications.

• Automated onboarding and access management for enterprise DevOps tools

(Bitbucket, Jira, Confluence, Checkmarx, Sonar, Jenkins) using Python scripts and REST APIs, cutting onboarding time from days to minutes.

• Improved application security and governance by integrating SAST and SCA scanning with Checkmarx, SonarQube, and JFrog X-Ray into CI/CD pipelines.

• Performed security assessments of legacy applications and executed serverless migrations using FastAPI, Kong API Gateway, Load Balancer, and Lambda, with automated deployment pipelines and encryption policies.

• Implemented robust CI/CD automation using Apache Airflow and Trino, streamlining data orchestration, validation, and integration workflows within MLOps pipelines. Environment: AWS (Control Tower, Organizations, SCPs, Lambda, Step Functions, EKS, SQS, SNS, RDS, Config, CloudWatch, Bedrock Knowledgebase, SageMaker), Terraform, Python, FastAPI, Jenkins, Checkmarx, SonarQube, JFrog X-Ray, Bitbucket, Jira, Confluence, Apache Airflow, Trino, Splunk.

Company – MUFG

Duration: May 2019 – Dec 2022

Key Achievements & Responsibilities:

• Increased operational efficiency by 50% by architecting and automating the AWS Account Vending Machine using CloudFormation, Terraform, Python, and Stacker, standardizing account provisioning across business units.

• Designed and implemented a secure, scalable multi-account AWS organization structure with Organizational Units and Service Control Policies (SCPs), improving governance, access control, and auditability across environments.

• Migrated identity management from Ping Identity to AWS SSO integrated with Azure AD, enhancing authentication security and simplifying user management across 100+ AWS accounts.

• Led the migration of enterprise applications to AWS by evaluating legacy workloads and rearchitecting them into serverless microservices using API Gateway, Python, and Aurora, improving performance and scalability.

• Replaced monolithic APIs with containerized microservices deployed on EKS, achieving better fault isolation, faster deployments, and reduced compute overhead.

• Accelerated CI/CD adoption by developing Jenkins pipelines for automated deployments and security policy enforcement, cutting release times and reducing manual errors.

• Reinforced security compliance by developing custom AWS Config rules and CloudWatch rules with automated remediation using Python, achieving consistent enforcement of security policies across the cloud estate.

• Designed and deployed a hub-and-spoke model for Service Catalog products (e.g., EC2, S3, Workspaces, RDS, EMR), improving self-service provisioning and governance at scale.

• Built an enterprise-wide Security Hub implementation using CloudFormation, Stacker, and Python, centralizing threat detection, alerting, and posture management.

• Automated provisioning of Amazon Workspaces with BYOL and KMS, improving employee onboarding and reducing manual effort in virtual desktop setup.

• Developed IR-Crash-Cart: a cloud-native incident response tool using CloudFormation and Python, reducing response time for security incidents.

• Created a centralized monitoring and logging architecture by integrating VPC Flow Logs, Transit Gateway (TGW), and Splunk, enhancing operational visibility and alerting.

• Improved incident tracking and resolution by automating ServiceNow ticket generation from CloudWatch alerts for AWS infrastructure events.

• Partnered with Infosec to define security controls and service whitelisting, ensuring secure onboarding of new AWS services across the enterprise.

• Actively served on the Architecture Review Board (ARB), evaluating and approving technical designs and architecture standards across global teams. Environment: AWS (IAM, VPC, TGW, EKS, Service Catalog, Workspaces, SQS, SNS, Config, CloudFormation, Glue, EMR, RDS, Aurora, DMS, Security Hub, SageMaker), Terraform, Python, Stacker, Jenkins, Prometheus, Grafana, Splunk, ServiceNow. Company – Virtusa

Duration: Jan 2017 – May 2019

Key Achievements & Responsibilities:

• Successfully migrated 30+ on-premises applications to AWS, establishing it as the primary production environment to improve scalability and availability.

• Architected and provisioned AWS accounts and deployment strategies, streamlining application migrations and enhancing operational efficiency.

• Designed and implemented end-to-end CI/CD pipelines using Jenkins and Terraform, accelerating software delivery by reducing deployment times by over 40%.

• Automated AWS infrastructure provisioning with Terraform, optimizing resource usage and reducing manual errors and delays.

• Applied Chef best practices to automate application configuration and deployment, increasing consistency and reducing configuration drift across environments.

• Led migration of complex workloads from on-premises to AWS, improving application scalability, availability, and flexibility.

• Developed and enforced a comprehensive Disaster Recovery (DR) strategy for applications and databases, minimizing downtime and data loss risks.

• Automated Amazon RDS database deployments, boosting deployment speed and reducing manual errors.

• Led the evaluation and selection of a fraud detection tool, integrating it to enhance security posture and mitigate financial risk.

• Collaborated with Infosec teams to proactively identify and mitigate security vulnerabilities prior to production rollout, strengthening system security and compliance.

Environment: AWS (VPC, EC2, S3, Glacier, Route53, ELB, SNS, SES, RDS), Jenkins, Terraform, Chef, CloudFormation, Git, Troposphere, Linux, Windows, PowerShell, Python, Splunk. Company – Cognizant

Duration: June 2016 to Jan 2017

Key Achievements & Responsibilities:

• Evaluated, designed, and successfully migrated the Cloudera DAAS Hadoop on- premises application to AWS, significantly enhancing system scalability, flexibility, and maintainability.

• Transitioned the Cloudera DAAS application workload to AWS EMR, architecting a comprehensive data pipeline that optimized large-scale data processing and analytics capabilities.

• Applied AWS and Chef industry best practices to streamline operational workflows, improving automation and reducing manual intervention.

• Developed Troposphere Python scripts to dynamically generate CloudFormation templates for AWS services including CloudTrail, VPC Flow Logs, and VPC infrastructure, accelerating infrastructure provisioning and consistency.

• Designed and implemented AWS Lambda functions to automate data pipelines triggered by data ingestion into S3, enhancing real-time data processing and accessibility.

• Established robust CI/CD pipelines leveraging Git, Jenkins, and Chef, reducing software release cycles and improving deployment reliability.

• Configured and managed Splunk monitoring across AWS and on-premises environments, boosting operational visibility and proactive incident detection.

• Designed and deployed a multi-account AWS environment utilizing Assume Roles and consolidated billing strategies, optimizing cost control and resource governance. Environment: AWS (EMR, Lambda, S3, VPC, CloudTrail, CloudFormation), Chef, Jenkins, Git, Troposphere, Splunk, Linux, Windows, Python, PowerShell. Company – Dow Jones

Duration: Aug 2013 – June 2016

Key Achievements & Responsibilities:

• Led feasibility assessments and designed cloud migration strategies for on-premises PAM applications to AWS, significantly improving system scalability and fault tolerance.

• Architected distributed, fault-tolerant cloud infrastructures, conducting proofs of concept to optimize system performance and availability.

• Developed and maintained CI/CD pipelines utilizing Git, Jenkins, Artifactory, and Chef, expediting application delivery and enhancing automation.

• Authored modular CloudFormation templates for multi-AZ and cross-region deployments, supporting infrastructure for Windows, MarkLogic, and MS SQL workloads.

• Integrated monitoring solutions with CloudWatch, SNS, SES, and Splunk to deliver comprehensive alerting and system health dashboards.

• Created and maintained Chef cookbooks for infrastructure and application automation on Linux and Windows, supporting .NET and Python environments.

• Implemented auto-scaling and scheduled scaling through CloudFormation, optimizing resource usage and controlling costs.

• Executed Blue-Green deployment strategies to enable seamless application upgrades with near-zero downtime.

• Configured KMS encryption for securing data at rest on S3 and EBS volumes, ensuring compliance with security policies.

• Actively participated in Agile ceremonies including Scrum, backlog refinement, and sprint planning to foster team collaboration and continuous improvement. Environment: AWS (EC2, S3, ELB, SNS, SES, CloudWatch, KMS), Chef, Jenkins, Git, Splunk, CloudFormation, Linux, Windows, Python, ASP.NET, WCF. Education - Bachelor of Science with Chemistry from Gujarat University, India – 1992 to 1995

CERTIFICATIONS -

● AWS Certified Solutions Architect – Associate

Contact this candidate