Sr DevSecOps Consultant
Resume:
Shahab Khan
**********@*****.***
Clearance: DHS Public Trust with BI (current)
TECHNICAL SKILLS
Cloud
technology
Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), VMWare. Familiar with the following components in all 3 clouds: compute (ec2, lambda, virtual machine), storage (ESB, EFS, S3), networking (VPC), Security (Security Groups, ACL), other (ELB, RDS, etc), security (IAM roles, etc). Languages PHP, Perl, Python, Ruby, SQL (PL/SQL) and Unix Shell scripting (bash, zsh). Also familiar with high level programming languages like C, C++, ProC, Java, Node. Software Development life cycle (SDLC) and Agile methodology.
Platforms Solaris, Linux (AL2, CentOS, RedHat, Ubuntu, SUSE), Windows and Windows Server.2012 and above Also familiar with prior Microsoft server operating systems. Tools Ansible, Chef/Puppet, GitLab/GitHub/Bitbucket, Docker, Jenkins (CloudBees CI), Harness CI, Terraform, Rundeck, GitLab CI, HashiCorp Vault.
Software ArgoCD, Grafana, New Relic, Rancher, Splunk, Tenable, Twistlock, Oracle, MySQL, MongoDB, TOAD and other commonly used packages like MS Office Products, VS Code, Confluence, Jira, etc. EXPERIENCE
Feb 2022 – Present. USCIS, Dept of Homeland Security Senior DevSecOps Consultant
Part of the Enterprise Infrastructure team with the following responsibilities
• Maintain CloudBees CI environment for multiple teams. (Operations Center, Controllers and Agents) on AWS GovCloud using CloudFormation. Migrate environment from RHEL7 to RHEL8.
• Automate application deployment using Ansible, Jenkins and Terraform.
• Built reusable Terraform modules for provisioning VPCs, EKS clusters, IAM roles and RDS.
• Support/troubleshoot CI/CD pipelines for development teams.
• Prototype CloudBees CI Modern setup on AWS EKS using Rancher and ArgoCD.
• Implemented pipeline security scanning (SonarQube, Twistlock/Prisma, Nexus IQ).
• Prototype and implement HashiCorp Vault centralized secrets management.
• Prototype Harness Platform to do proof of concept as a replacement of CloudBees Jenkins.
• Deployed Harness Platform with FIPS enabled on AWS EKS using ArgoCD and Rancher. Setup SSO with ICAM for RBAC roles for user access.
• Working with vendor to ensure FISMA and FedRAMP compliance.
• Setup Metrics dashboards for logging, monitoring and alerting Harness using Grafana, New Relic and Splunk.
• Provide NIST compliance artifacts for Harness to the ISO during an audit of the platform.
• Develop several CI/CD pipeline templates for development teams that will perform Build/Unit test/Code Scan/Vulnerability Scans and deployment (CD) of applications to AWS.
• Assisted migration of teams/pipelines from legacy Cloudbees Jenkins to Harness CI/CD. 2021 – Feb 2022. Verizon
Senior DevOps Consultant
Support infrastructure team with the following responsibilities
• Automate deployment of application using Ansible, Jenkins and Terraform.
• Prototype CI pipeline using GitLab CI using GitLab Runner as docker container.
• Provide deployment support.
• Perform security remediations to environment.
• Interface with other teams in troubleshooting issues with production.
• Support CI/CD pipelines for development teams.
• Maintain and troubleshoot applications like Elasticsearch, ForgeRock, Kafka and Radis.
• Mentor and provide knowledge transfer for new members by creating documentation and job shadowing. 2020 – 2021.Pyramid Systems,
DevOps Consultant
Support HUD’s AWS Infrastructure and development teams. Following tools are used: AWS (ECS, IAMS, Lambda, SNS, SSM, etc), Terraform, Gitlab Ci Pipelines.
• Provide analysis for AWS billing to provide cost efficiency vs performance.
• Apply lifecycle policies of AWS resource to decrease cost.
• Create Lambda functions to do Infrastructure activities/ reporting.
• Automate Infrastructure as Code using Terraform.
• Write Python scripts to access AWS using boto3 for reporting.
• Configure and setup Gitlab runners as a docker container.
• Migrated pipelines from Jenkins to Gitlab CI.
• Security Hub: auditing and cleanup of findings.
2017 –2020 Successfactors, SAP, Reston, VA
DevOps Consultant
Work with SAPs’ federal customers using their cloud based applications. Following tools are used: Puppet, Jenkins, Chef, Ansible, Terraform, docker, SUSE11, VMWare, Tomcat, Oracle, Rundeck and other CD tools. Manage the Federal customers for the Successfactors application suite.
• Migrated from Chef 11 to chef 13 server. Including cookbook updates.
• Updated cookbooks for newer platforms as well as new architecture.
• Developed IaC (Infrastructure as Code) to deploy new environments on AWS, Azure and GCP using Terraform, Bash and Chef cookbooks.
• Maintain Chef/puppet repo with changes required by system admins.
• Troubleshoot Chef / puppet server and clients.
• Assist in the migration of the customer data to AWS.
• Perform troubleshooting of application and the database.
• Managed a team of support staff to monitor and troubleshoot applications.
• Create Python scripts to access AWS using boto3 for reporting purposes. 2015 – 2017 USCIS, DHS, Washington, DC
DevOps AWS Consultant / Architect
Work with a team of CI and CD engineers on the AWS using Jenkins, Python, Boto, docker, Nexus, GitHub, Jira, etc
• Create bash, Python, and ruby scripts for repetitive tasks.
• Perform current Chef server upgrade to new version and make sure no dependencies are broken in CI and CD.
• Create and update and improve idempotency in chef cookbooks, environments, roles, data bags, and certificates.
• Automate use of AWS CLI to provision multiple environments consisting of EC2 instances (RedHat), VPCs, RDS, S3, IAM.
• Create Jenkins jobs using Job DSL Plugin.
• Participate in planning, testing and execution of system and application level upgrades.
• Support CD for deployment and troubleshooting of application environment.
• Automate AWS reporting into dashboarding tools (including Confluence) using Python boto.
• Test kitchen, Berkshelf and docker for CI/CD chef infrastructure.
• Support developers VMs with tools like STS, Eclipse, tomcat, mongodb, ActiveMQ, git, etc).
• Support developers switch platform from Windows to Mac
• Work with Security group in hardening systems as well as any new security issues. Environment: AWS, Chef, Confluence, docker, GitHub Engerprise, Gradle, Jenkins, JIRA, Python, RedHat, Ruby, Oracle, Shell Scripting (bash), McAfee
Jun 2014 – Dec 2014 Comcast, Philadelphia, PA
DevOps Engineer,
Managing systems in production environments. Experience with CentOS operating system with the following packages. Puppet, tomcat, Cassandra, MySQL, git, Openstack.
• Performing Linux operating system software installation, upgrades, and troubleshooting such as Mysql Apache, etc.
• Participate in planning, testing and execution of system and application level upgrades.
• Produce Root Cause Analysis findings that focus on recommendations to learn from and avoid problem recurrence. Environment: CentOS, Git, Openstack, Puppet, Shell Scripting (bash), 2007 – 2014 Pccwglobal Inc, Herndon, VA
Systemss Engineer / DevOps,
Manage all network monitoring applications and their systems including but not limited to the following: Infovista, IBM Netcool, BIND, Sun Solaris.
• VMware: Install and configure new infrastructure private cloud environment.
• Use Puppet for configuring virtual machines, install and upgrade applications.
• Infovista: A network performance management tool which reports on different aspects of the network via SNMP.
• Netcool: A network troubleshooting tool using syslog and SNMP to manage events from the network.
• System administration: Administer different Unix servers including Linux and Solaris.
• Develop custom reports for management using PHP and Perl. Environment: Ubuntu, RedHat, Puppet, VMware, Veeam, Netcool, Infovista, Oracle, Shell Scripting, PHP, Perl, Equalogic, NetApp, Cisco UCS, GIT, RCS
1996 – 2007 Sprint Reston, VA
Project Lead. (Jan 2007 – March 2007)
Part of a team to produce reports from an off the shelf application (NetCracker). Providing reporting from an Oracle database using Crystal Reports. Involved in the entire software development lifecycle starting from user requirements. Environment: Crystal Reports 10, Oracle and TOAD.
Team Lead for Customer Support, (Feb 2006 – Dec 2006) Rehired back from IBM to work as a team lead supporting of the Connection Manager application.
• Produce trouble ticket reports for management using PHP and MySQL on Apache web server.
• Provide reports for troubleshooting upstream and downstream applications.
• Interface with upstream and downstream application support teams.
• Train new team members to get up to speed with CM. Environment: Apache, Pl/SQL, Perl, PHP, MySQL, Oracle 8i, Solaris, TOAD. Connection Manager(CM) Customer Care, (July 2003 – Sept 2004) Provide off hours support for Connection Manager.
CM is used for ATM provisioning of the Sprint ATM backbone. It contains customer information, switch information and circuit topology to correlate each of the items with the other. Part of the production support team with the following responsibilities.
• Provide second level support for application during off hours.
• Performing data fixes due to the original application migration from Gemstone database to Oracle. This caused some data discrepancies.
Environment: C++, CORBA (TPBroker), Java, Perl, PL/SQL, Korn Shell Scripts, Oracle 8i, TOAD, Weblogic (6.x) on HP/UX 11, Sun Solaris 8.
Software Engineer, (1997 – 2003)
Participate in planning designing and developing products for automating Sprint's business processes. The following were some of the major projects:
Sprint Internet Management System (SIMS):
Worked on SIMS project. Assisted the SIMS2 development team in the following ways.
• Wrote part of the CORBA interface for SIMS to communicate with other Order entry applications like CM, OM, etc.
• Developed HTML servlets in Java to service data from a back end database.
• Act as build manager for any new builds.
Environment: Java, EJB, J2EE, JMS, Servlet, CORBA (TPBroker), Weblogic 6.x, Procmail, XML, PL/SQL, ProC, Perl, PVCS, RCS, Crystal Reports, Oracle 8i, Oracle Application Server 4.0.8.2, Oracle external procedure call. Network Technical Engineer, (1996 – 1997)
System administration of different types of Unix boxes including Sun, Data General and HP. Administering users, writing scripts for miscellaneous tasks including report generation. The following were some of the major projects:
• Setting up and configuring Sun SPARC systems with OS and other applications
• Troubleshooting network problems causing connectivity problems to customers.
• Wrote scripts to propagate applications, backup servers and do regular monitoring. Later moved into Tivoli. 1993 - 1996 Automation Research Systems, Alexandria, VA Programmer Analyst
Design and development of applications written in Visual C++ under MS Windows with interface to Open Database Connectivity (ODBC) to a Watcom SQL Database and producing reports with Crystal Reports. Resident Assessment Instrument: Designed and developed a medical database system that keeps track of resident's health in Nursing homes.
Tools used Visual C++, Watcom SQL on Client/Server architecture. Other Projects worked on are:
* Developed a graphical scanning package for The Federal Aviation Administration (FAA). This package stores general information about organizations and their graphical blueprints. This package has the ability to scan and store images into optical storage device using different graphical formats.
* Developed an inventory control system for the Communication Electronics and Command (CECOM). This product was used on Pen based computer.
EDUCATION
MS Information Systems, George Mason University (GMU), Fairfax, Virginia. BS Computer Science, George Mason University, Fairfax, Virginia. CLEARANCE STATUS: Public Trust (current) with DHS
REFERENCES: Available upon Request
Contact this candidate