DevSecOps & Cloud Engineer with DoD clearance
Resume:
BRENSLEY M. FOSTER
Email: ********.******@*****.***
Ph: 617-***-****
SUMMARY
Active DoD Secret Clearance Results-driven DevSecOps & Cloud Engineer with a track record of designing secure, scalable AWS/Azure architectures. Automates infrastructure with Terraform and Ansible and operates production Kubernetes platforms. Builds GitLab CI/CD with Trivy and OWASP Dependency-Check, codifying DISA STIG and FedRAMP controls to harden posture, accelerate releases, and eliminate manual toil.
PROFESSIONAL EXPERIENCE
Clarity Innovations – Columbia, MD.
US Air Force 11/2023 – Present
Sr. DevSecOps Engineer
Provide support in designing, implementing and maintaining the DoD US Air Force Cloud One/Swift Shield project.
Spearheaded the automation of Kubernetes EKS and AKS cluster builds, utilizing Terraform (IaC). Orchestrate the deployment of Tracer UI/API containerized security scanning tool through Helm Chart deployment, ensuring robust security measures.
Contribute to the setup and integration of Trivy security scanner for automating vulnerability assessments of container images within CI/CD pipelines, helping to ensure early detection and mitigation of security risks.
Sustained and iteratively enhance GitLab CI/CD Joint Automated Repository for Various Integration Simulation (JARVIS) pipelines to execute security-related scans, ensuring version control and collaboration through GitLab.
Update AWS VPC components via Terraform to accommodate changes in infrastructure deployments for continuous improvements. Facilitate in the upkeep of Terraform modules for various projects in play.
Collaborate with colleagues to improve DevSecOps best practices and assist UX team with onboarding customers to Cloud One, Swift-Shield GitLab platform.
Insight Global – Atlanta, GA.
AT&T/State of Georgia 05/2023 – 08/2023
DevOps Engineer
Assist AT&T in supporting the FBI Criminal Justice Information Services (CJIS) system for the State of Georgia criminal justice agencies, Service Now project.
Orchestrated network access control workflows by creating Ansible playbooks to automate processing of requests from ServiceNow and callbacks with validation, error handling, and integration points.
Implemented GitLab CI/CD pipelines to execute Ansible playbooks and roles on code changes, enabling infrastructure-as-code for network automation.
Created end-to-end automation from ServiceNow ticketing to network changes using Ansible Tower, GitLab, and AWS services for infrastructure, compute, storage, and APIs.
Achieved 80% reduction in manual processes for handling network access requests by implementing Ansible automation integrated with ServiceNow, GitLab, and AWS cloud.
Federal Reserve Bank – Kansas City, Missouri. 06/2022 – 03/2023
DevOps Software Engineer
Support the USA Spending division by providing DevOps Engineer processes, tools, and methodologies.
Develop and update automation scripts used for Jenkins pipeline jobs and Terraform provisioning.
Execute recurring operations using DevOps to control, automate and accelerate Agile SDLC and DataOps to orchestrate the delivery of data among systems.
Manage monthly large data sources and the flow of data between stages, for public analytical consumption.
Consistently partner with peers in troubleshooting resources and assisting with the development of innovative solutions that achieves the Federal Reserve Bank business goals.
Perform GITHUB code change, branch creation, commits, and PR’s approvals while utilizing Visual Studio IDE code editor.
KEYLOGIC – Alexandria, Virginia. 11/2020 – 04/2022
United States Patent and Trademark Office (U.S.P.T.O)
AWS / AZURE Cloud Engineer
Responsible for building and improving the reliability and performance of USPTO Cloud applications and infrastructure deployed on AWS and AZURE.
Build, test and implemented ALB_ELB_SSLPOLICYCHECK CloudFormation (IaC) script for weak Non-compliant Ciphers, by utilizing AWS Services, AWS Config Rule/ S3 /Lambda function/SNS, and IAM to prevent vulnerabilities.
Updated Budget Hard Cap CFN (IaC) script to include additional thresholds and SNS Topic notifications to alert different segments of USPTO Production environments.
Assist with the onboarding process creation of IAM Users and groups, assigning permissions and policies to specific users, managing Access Keys, and processing ongoing AWS Service requests.
Engage with USPTO senior management on AWS and Azure Hybrid Cloud platform, hosting of applications, systems, and components respectively, based on FedRAMP guidelines.
Manage plans for Azure Infrastructure, implementing & deploying Splunk Index server and QRadar on Azure virtual machines (VMs) incorporating Load Balancing, Event Hub, and Blob Store configuration.
Create VMs and manage Resource Groups per request from Team Lead and account owners.
Work with the Cyber Security team on STIG scan results. Responsible for ensuring the Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIG) images are fully DoD compliant in order to secure USPTO.Gov Cloud system and applications. Develop Azure POC DevOps CI/CD Pipeline coupled with Terraform to deploy artifacts.
Provide ongoing support to the PaaS Automation team using Terraform to build out Infrastructure and test modules then commit to GitLab Repo.
Booz Allen Hamilton (Federal) – Washington, D.C. 01/2020 – 02/2021
Office of Inspector General / Health and Human Services (OIG/HHS)
Cloud Platform Architect, Lead
Assess, develop and implement enterprise-scale business capabilities that support the analytic use of OIG/HHS program data on AWS platform.
Collaborate with internal Product Owners, Enterprise Architects, and DevOps Team to gauge Data Analytic capabilities (Attivio, SAS, Trifacta, and Looker) workload. Manage EBS volumes for bidirectional Sync to S3, and provide input on AWS Glue Data catalog implementation for ETL, EC2, RDS, and S3 Glacier in DEV/UAT/PROD.
Attend Federal daily standups, DevOps, DataOps scrum agile internal discussions.
Food and Drug Administration/Health and Human Services (FDA/HHS)
(FDA/HHS) Provide support building out FDA, Opioid Data Warehouse. Create and test CFN scripts in Dev and Pre-Prod “RDS Postgres, Kafka, Elastic-Search cluster instances” for both Data and Apps Stack.
Cognizant – Winston Salem / Charlotte, NC. 01/2019 – 01/2020
Sr. AWS Solution Architect / Manager of Operations
Assist R. J. Reynolds internal Business development team in formulating a strategy to adopt AWS within the focus industry verticals. Guide customers to success in migrating applications, software, and services following the principles of AWS Well-Architected Framework. Collaborate with Rack Space to implement cloud-native services by providing hands-on experience in implementing various services including EC2, EBS, RDS, ElastiCache –Redis, S3, ELB, ALB, Route53, and Cloud formation scripts.
Perform cloud adoption framework assessment for Thompson Reuters on a newly acquired company Integration, Point. Provide discovery, analysis, and design migration strategy. Probe business units within Integration Point to understand current on-prem Infrastructure, Applications architecture, and network connectivity of existing IP environment coupled with Thompson Reuters AWS target environment.
Centralizing the process of building reusable patterns and frameworks via Terraform that Thompson Reuters business teams can adopt, to enable frictionless cloud adoption and operation, for cloud-native and legacy products.
Wipro Limited – T-Mobile Headquarters – Bellevue, Washington. 03/2018 – 01/2019
AWS Solution Architect
Intrinsic to T-Mobile Enterprise Data Services (EDS) Cloud Analytic DevOps Team, duties include provisioning and administering resources, ELB, EBS, S3, RDS, EC2, IAM, running preconfigured Cloud Formation Templates.
Create roles in IAM, import certificates to Certificate Manager, and associate certificates to ELB and EC2 instances.
Collaborate with DevSecOps team aligning CNAMES request to associated ELB, build-out ElasticSearch- Logstash-Kibana (ELK Stack), Redshift Cluster, Docker/Docker Swarm environment. Assist internal stakeholders and external vendors in deploying and implementing Business Intelligence Statistical Analysis Systems application workload (SAS, SAS-MA, SAS-VIYA) on RHEL-7 Servers.
Manage existing and new resources in Non-Production DEV (NPE) environment. Take initiative in leading POC staging, implementation testing then relinquishing resources to the T-Mobile Operations production team.
Enable Monitoring, Logging and Alerting of Infrastructure, Application, and Security components using AWS CONFIG. Assist with predictable and proactive maintenance of operational tasks, releases, patches, and certificate renewals.
Jones Day Law Firm – Cleveland, Ohio. 09/2017 – 03/2018
Cloud Messaging Administrator
Provisioned the migration of IBM Domino Server 9.0.1 to Linux OS running on Amazon Web Service in a clustered messaging environment (EC2, ELB, VPC, S3, IAM, Route 53, CloudWatch, and SNS). Conduct systems design, feasibility and cost studies/recommend cost-effective cloud solutions. Perform mail and application database migrations, backup and recovery, geographic data replication (Region and Availability Zones), CloudWatch performance monitoring, system tuning, and disaster recovery configuration and execution.
Monitor different EC2 health parameters (CPU Load, Physical Memory, Swap Memory, Hard disk) on the Domino Server VPC infrastructure. Providing data for a weekly and monthly report to senior management.
Perform Administration of IBM Domino Infrastructure Mail & Application Database, connection, replication access, location documents, etc. Configure and maintain Lotus Domino Servers, Software, and User Accounts.
Troubleshooting corrupted mail files, databases, libraries, and escalation to another client support team.
Assist with Tier 3 support as needed, responding to level 2 user requests, application issues, and providing in-depth Lotus Notes support.
Mantad Technology Solutions – Silver Spring, Maryland. 01/2017 – 08/2017
AWS Solution Architect
Responsibilities include, deploying AWS highly available, secure, scalable fault tolerant system operations on the AWS Cloud Platform for Mantad Technology via test and production environment.
Duties include building out the following AWS Services: VPC, Simple AD, EC2, EBS, S3, Route53, ELB, CloudWatch, IAM control, along with minor CloudFormation configuration for newly created (IaaS) environment.
Coordinate with the business to model and provide a consensus-based enterprise solution that is scalable with the company's ever-changing needs.
Provide input into Product Management to influence feature requirements for computing, storage, and networking in the Cloud. Assist with risk planning in association with integration pertaining to architecture and deployment using appropriate cloud standards. Provide definitions and introductions on the use of AWS software tools and methods that will enable continuous build-out of the infrastructure. Responsible for the creation, documentation, and communication of documented standards and best practices regarding development and overall infrastructure. Estimating AWS resource usage cost and utilizing AWS Trusted Advisor to assist in identifying operational cost control mechanisms.
CompuGain / PNC Bank – Cleveland, Ohio. 11/2015 – 12/2016
Senior Lotus Domino Administrator
Administer PNC Bank Lotus Domino/Notes/Sametime/Designer 8.5.3 infrastructure, servicing 178 Domino servers in a clustered environment encompassing 80,000 users.
Perform Domino Directory management tasks pertaining to account creation, deletion, recertification with or without administration process, email distribution group management, mail-in database management, room reservations requests, mail box moves, and policies.
Resolve escalated Service Now incidents pertaining to calendar issues, Clubusy / freetime, template updates, Mail-in database creation, name change request and move in hierarchy via the AdminP process. Address Domino server related issues in relation to maintaining Notes Address Book (NAB), database clustering, Access Control List management, User ID/Group/Mail-in creation and modification. Provide coexistence support between Lotus Domino/Notes, Outlook 2013 and Skype for Business/Lync 2013. Manages and maintains Availability, System Integrity and Capacity of the Domino environment including Lotus configuration, troubleshooting and patching.
Troubleshoot SMTP Server Mail routing issues, utilize Symantec Message Labs track and trace cloud solution while providing excellent customer service and communication skills.
Oshkosh Corporation – Oshkosh, Wisconsin. 05/2013 – 11/2015
Senior Lotus Domino Messaging Analyst
Perform senior level multi-domain Lotus Domino 8.5.3 Server Administration tasks within the Lotus Domino, Traveler 9.0.1 and Sametime 8.5.2 environment at Oshkosh Corporation Department of Defense Data Center.
Provide support to Lotus Domino, Notes, iNotes/Webmail, Lotus Domino Traveler and the Lotus Sametime server to 13,100 global employees encompassing Oshkosh Corporation acquired brands. Oshkosh Corporate, Oshkosh Defense, Oshkosh Air Products, IMT, JLG, Pierce Fire and Emergency, McNeilus, Frontline Communications, Jerr-Dan, London Machinery and Con-E-Co. Primary focus involves monitoring and maintaining the Domino clustered server environment between two Data Centers. Creating user accounts, assigning proper ACL, updating person and server documents, configure DDM and Domino Administrator client to monitor servers; Resolve database, Address book, Clubusy, replication and synchronization issues; Use ID Manager Requests Database, and ID Management system to troubleshoot new user registration issues, distribute Notes ID’s, Recertify Users, Name Changes, process User Moves to OU’s Hierarchy, process User Terminations, create Mail-in Databases, rebuilding views, workspace, update templates, replacing design elements, standardizing user preferences and resolving Calendaring issues.
EDUCATION-CERTS AND CLEARANCE
Clearance
Active DoD Secret Clearance
CompTIA
Security-X ce. DoD-8140 (Certified)
Google Associate Cloud Engineer (Certified)
Azure
Azure Infrastructure Fundamentals
Azure Administration
Amazon Web Services - (Previously Certified)
AWS Solution Architect Associate
AWS Certified Developer Associate
AWS Certified SysOps Associate
AWS DevOps Engineer Professional
University of Phoenix - Online 02/2015 – 02/2016
Associate of Arts, concentration in IT with a Programming Certificate
SOFTWARE KNOWLEDGE
AWS: EKS, EC2, VPC, IAM, S3, Lambda, Route53, ALB/ELB, CloudFormation, Redshift, SNS and CloudWatch.
Azure: AKS, Event Hub, Blob Storage, Azure DevOps and VM.
Containers & Orchestration: Docker, Kubernetes, Helm Chart and Mesosphere DC/OS.
IaC & Automation: Terraform, Ansible, and CloudFormation.
CI/CD & Version Control: GitLab CI/CD, GitHub, Jenkins, Travis-CI and Bitbucket.
DevSecOps Tools: JARVIS, SonarQube, Trivy, KICS, OWASP-DC (Dependency Check), Renovate and Tracer UI/API.
Security & Monitoring: AWS Trusted Advisor, AWS Config, Symantec Endpoint and MFA.
OS & Virtualization: Linux (RHEL), Windows Server 2022, Win11, Mac and VirtualBox.
Collaboration & Ticketing: Jira, Confluence, ServiceNow, BMC Remedy and MS Teams.
Productivity & Messaging: MS Outlook/Office365, Cisco WebEx, Bomgar, LogMeIn and Rescue.
Development Tools: Visual Studio Code, Windows Terminal and iTerm2.
Contact this candidate