Summary
Overview
Work History
Education
Skills
Certification
Training
References
Accomplishments
Affiliations
Languages
References
Timeline
Generic

Aaron A Annan

San Diego,CA

Summary

Over fifteen years plus of experience in information technology with solutions-focused, team-oriented SRE/Devops cloud engineer and infrastructure management, troubleshooting network, Linux shell administration, Bash scripting, Python, PowerShell. Windows and Linux administrator with broad-based experience and hands-on skill in the successful embarking of cloud engagements including infrastructure as code, compliance and engagements focusing on system configuration and security monitoring and compliance, change management, cloud security, data security and database management, data encryption, and risk assessment. A broad-based experience and hands-on skill in threat modeling and analysis, database administration, computer operations including installation and configuration management.

Overview

14
14
years of professional experience
1
1
Certification

Work History

Senior Cloud Architect/Principal Engineer

IBM
01.2021 - Current
  • Designed AWS eks micro services architecture
  • Deployed eks and components with terraform I wrote from scratch
  • Monitoring and log management with Prometheus and grafana/ Datadog
  • Designed and implemented CICD pipelines with Jenkins
  • Taught the team how to use micro services with kubernetes
  • Managed overall AWS account for billing and administration purposes
  • Worked with IBM cloud
  • Openshift management and troubleshooting

AWS/azure Solutions Architect/cloud Engineer

IBM/Mercedes Benz(contract)
01.2021 - 01.2022
  • Deployed OpenShift on AWS (ROSA) and azure (ARO)
  • Wrote automation scripts to spin up ROSA and ARO
  • Configured cidr blocks for complex OpenShift network peering
  • Deployed operators to on OpenShift for application functionality
  • Installed Certificate manager on OpenShift to handle ssl termination on https
  • Implemented CICD on Tekton to OpenShift
  • Wrote automation scripts to deploy Prometheus and grafana monitoring tool
  • Implemented logging with elastic search, fluent bit and kibana
  • Used infrastructure as code(terraform) to spin up database component for the application
  • Deployed Quay.io for image repository
  • Worked on OpenShift cluster
  • AWS configurations
  • Red Hat quay for container registry
  • Db2 database creation
  • Attended daily stand-ups at 9:30am pst
  • Trouble shooting
  • Worked with Eric most of the time on the above
  • VPN to Mercedes Benz network
  • Cicd for container build and deployment to OpenShift
  • Unit Testing code tool implementation
  • GitHub repo for documentation of processes

Manager/Senior Devops

SafetyChain-contract
01.2021 - 07.2021
  • Managed a team of four devops engineers and assigned direction to to their work
  • Worked hands on azure cloud, windows server r2 2012 - 2019, azure load balancers, vent, active directory, azure devops
  • CICD on azure devops to windows servers and SQL servers
  • Built new environment for containerization on azure container apps
  • Established monitoring with data dog to get visibility on application and infrastructure metrics
  • Worked with Higher management to improve automation of processes and infrastructure

Director of SRE/Devops

Safe Health systems
09.2020 - 01.2021
  • Built software infrastructure on GCP and AWS using terraform: vpc, virtual machines, Kubernetes, security groups etc
  • Established connectivity between AWS and Google cloud per client request
  • Pitched new architecture of environment to management and got a thumbs up for execution of new environments (development, quality, demo, pre-production and Production)
  • Coordinated with the team to build a high availability multi region aws application uptime and resiliency
  • Introduced Terraform as infrastructure as code and wrote all terraform scripts to spin up aws resources which includes vpc, eks, s3 buckets, ecr, repositories, sqs, sns, ses, DynamoDB tables, sage maker, CloudFront distributions, iam roles and policies
  • Hired a team of senior Devops to join to expedite the development of new infrastructure architecture
  • Lead the team to write a customized cli in bash to wrap terraform and Kubernetes kubectl commands to enable distribution, rollout and deployment of micro-services in an automated manner
  • Introduced Argocd for Kubernetes deployment and rollout together with canary deployments
  • Lead the team to migrate repos from github to bitbucket and hooked bitbucket to circleci for continuous integration
  • Lead team to write customize yaml deployment manifest for Kubernetes including taints and labels for microservices
  • Introduced Istio on Kubernetes to manage all ingress and egress gateways in the mesh network
  • Implemented monitoring with Datadog, Prometheus and Grafana, light step, kiali for infrastructure and apm monitoring
  • Lead team to design three channels of delivering application to clients which improved sales and productivity
  • Worked with clients with large number of employees like Delta airline, ASU university, Quidel to deliver our application tailored on their request for speed, reliability and response to downtime
  • Lead team to migrate all services from old environment to new environment including databases and dns
  • Worked with HIPPA compliant methods in new environment due to confidentiality of clients and patient records
  • Established vpn connection to clients environment to exchange data needed for application and api calls
  • Housed the whole company with vpn to ensure security and access control over resources
  • Connect all internal application to google as source of truth with saml integration

Lead Senior Devops/SRE

SafeHealth Systems
09.2020 - 12.2020
  • Worked in a multi-cloud architecture which includes aws and azure running microservices on Kubernetes(eks) and api services on azure
  • Supported developers in building docker images for their microservices in .Net and java programing languages
  • Created mongodb(atlas) database for application use and migrated data from old clusters to new mogodb clusters
  • Hooked repos from github to circleci to build images to ecr and upload ui code on aws s3 buckets for CloudFront distribution
  • Trouble shooted microservice applications on Kubernetes which involves identifying errors in application logs and resolving it
  • Introduced Datadog for monitoring on infrastructure which included logs, eks container monitoring, nodes, cpu, memory and network
  • Had meetings with company clients to understand their needs on application performance, response to downtime and deployment of new versions of the application in a defined timeframe
  • Architected a new environment plan for more efficient, reliable, faster, cost effective to increase productivity and revenue

Senior DevOps Engineer/SRE

Apple (contract)
07.2020 - 09.2020
  • Worked with a team of three to build Prometheus and Grafana from scratch to scrape custom metrics from application for monitoring
  • Automated deployment to Kubernetes with no downtime with readiness probe on all microservices
  • Built cicd pipelines on a customized Jenkins platform to deliver continuous integration
  • Added sidecars on unit testing to sync with microservices to create a complete environment for testing
  • Coordinated deployments to Kubernetes twice in a week and trouble shooted in case of infrastructure error on deployments
  • Wrote pytest to check python code for errors before committing to github
  • Wrote yaml configuration using fluentbit to export logs from microservices on Kubernetes to Splunk
  • Wrote automation script to pick up a current commit hash on a git repo and insert it into a release process
  • Automated tickets going to release by calling ticket system api any query it to update tickets for deployment
  • Worked in a team of three to delivery automation and building robust CICD pipelines
  • Wrote Dockerfiles for microservice applications and supported developers in configurations

Lead Senior DevOps/SRE Engineer

Cymatic Security
07.2019 - 05.2020
  • Designed infrastructure to implement SLI which is the metrics application needs in a monitoring system (APM), some SLOs were automated with Newrelic(monitoring tool) but had to set up more monitoring rules
  • A maximum of two monitoring metrics per SLA was implemented to separate and categorize alerts for easy interpretation
  • Opened aws account for the company to start building cloud infrastructure for our application
  • Designed infrastructure and all dependencies together with third party applications to match company’s application
  • Introduced Terraform as infrastructure as code and developed all aws components of infrastructure as code, which included vpc, eks, rds, s3 buckets and iam policies
  • Implemented pulsar as queuing system for application
  • Managed cloudflare as our dns and load balancing option
  • Built a Jenkins server for cicd and wrote all jenkinsfiles for continuous integration of workloads, hooked Jenkins with aws eks for deployments and rollouts
  • Wrote all eks manifest yaml files and later created a giant helm chart containing all microservices to be deployed with one command on Kubernetes
  • Wrote Dockerfiles for microservices and supported developers to configure application dependencies like pulsar and mongodb
  • Managed all deployments and roll backs to Kubernetes
  • Configured Spinnaker for deployments on Kubernetes
  • Managed entire company aws infrastructure and coordinated with team members

DevOps Engineer/SRE

Platform Science, San Diego, California
San Diego, USA
01.2019 - 07.2019
  • Took part in setting up multi region application replication for high availability on aws cloud platform
  • Load tested application with locust every time we had to do new upgrade on software to help determine the node type to use and components to tune to make the application resilient
  • AWS infrastructure automation with Terraform, Python, Bash script, JSON
  • High level CI/CD with Jenkins pipelines
  • Docker with Rake, Docker orchestration with Rancher and Kubernetes
  • Building robust and easy environment for developers to understand infrastructure
  • Database automation and application monitoring tools, New Relic, Data Dog, Prometheus and Kibana
  • AWS resource deployment with Chef and Ansible
  • GIT, Bitbucket code storage and management
  • Troubleshooting cloud infrastructure and Agile approach of infrastructure as a code

Systems/Cloud Engineer

Tusimple San Diego, California
San Diego, USA
01.2018 - 01.2019
  • Managing servers in AWS/Azure with Terraform automation and Ansible to provision servers, Containers, CloudFront, VPC, ELBS, S3 buckets, lDAP servers, load balancers, RDS and route 53
  • Managing cloud infrastructure, Windows/Linux system administration (Ubuntu/Redhat) with Linux shell commands, Powershell, command prompt, Bash scripting, Python and Ansible for script automation and Active Directory
  • Configured VLANs on Nexus (Cisco) and Netgear poe switches for various departments to be on a separate IP for security and confidentiality
  • Configured all company switches on separate VLANs to be managed on a dedicated VLAN
  • Installed, managed and configured supermicro servers to work on a dedicated VLAN on the network and Docker installation, Jenkins, GIT
  • Cloud infrastructure and applications deployments like Jira, Confluence, Snipe IT, databases
  • Managing RHEL identity management (IDM) on VMware ESXi 6.5 with Ansible/Bash script automation, PXE and Fog
  • VMware installed and configured VMware ESXi essential plus 6.5 upgrade 2 on two Dell EMCR 440 Power Edge servers
  • Deployed Vcenter appliance with embedded platform services controller on the Dell EMC servers to manage the ESXi host and configured HA, Vmotion, VSAN, ISCSI
  • Deployed data centers, clusters and virtual machines centralized to the Vcenter4rtrftrgf appliance control
  • Configured Truenas storage and managed Wekaio storage systems to physical and virtual servers
  • Worked in a team of two to installed Cat6a stp on a new office space to replace old Cat5 cabling for 10 gbs speed on network
  • Managed default gateway, network security policies on fortigate Firewall and load balancing
  • Backed up company sever data and information to AWS s3 containers and amazon snowball
  • Configured PXE network boot on network to install Ubuntu, Centos operating system, free-ipa client to register host on IDM server and Nvidia GPU drivers
  • Managed keycard access system installed by Tyco security systems

Systems Engineer

Fannie Mae (Washington, DC remote contract)
Washington, USA
08.2017 - 01.2018
  • Maintaining infrastructure, patches and deployment processes
  • CI/CD with Jenkins and Github
  • Infrastructure as code (Terraform) and configuration management tools (Ansible and Chef) to run automation and configurations on servers
  • Linux administration and troubleshooting server environments
  • Supporting developers and database administration

Systems Administrator

Endeavour mining/Adamus Resources (Nzema, Ghana)
Nzema, Ghana
05.2015 - 02.2017
  • Maintained AWS account IAM, CloudTrail, ec2 and s3 buckets for data storage and archival to Glacier
  • Installed, upgraded and troubleshot Windows software including operating systems, company applications, security tools, servers, email administration and IT helpdesk support
  • Monitored security clearance in company applications and company servers for audit purposes
  • Managed cloud severs with automation together with cloud applications
  • Experience in ICS/Scada Systems operations using a central computer control to manage all processes in transporting melted gold to gold room
  • Managed cloud servers and applications
  • Used Oracle database management system for keeping inventory in the mine
  • Managed networks between company servers and network computers, between office computers, wireless central printers
  • Network configurations of company application logins
  • Troubleshooting systems including servers, PCs, and network components (switches, routers, cables)

Systems/Cloud Engineer

Enterprise Insurance (Takoradi, Ghana)
Takoradi, Ghana
01.2014 - 04.2015
  • Deployed and configured cloud servers on aws with terraform and chef automation
  • Managed the network and database system (Oracle) for client information and company inventory
  • Trouble shooting internal network between clients and servers, network configuration of PC and network devices
  • Network monitoring, network security including Firewall configurations of servers, client computers and whole internal network
  • Managed a project for a new system of accessing personal insurance cover by phone texting a short code to provide personal insurance coverage
  • Created access control list at different levels to control read access, write access and read write Access to the company’s database due to complexity of client information on the system
  • Network management reports including security of network, conditions of network devices, ISP performance to build and strong and robust network

Systems Engineer

National Identification Authority (Head Office. Accra, Ghana)
Accra, Ghana
09.2011 - 12.2013
  • Setting up and configuring ICS (Industrial Control Systems) for the manufacturing of identification cards
  • Monitoring ICS systems for cutting and shaping National Identification Cards
  • Monitoring power supply to all systems to make sure system Ups holds power enough to work while waiting on generator power when there is power outage
  • Checking network cables at all levels to make sure they are in perfect condition, connected well before the ICS start working
  • Troubleshooting ICS when there is a jam in the process
  • Configuration and updating network systems including servers, network computers and devices
  • Trouble shooting across all levels in the network in connection problems, server connection, PC to network connection
  • Monitoring network frequently for malfunction and threats

System Engineer

Cyber link limited (Takoradi, Ghana)
Takoradi, Ghana
07.2010 - 09.2011
  • Troubleshot hardware including motherboards of PC, PCI, NIC, servers, PC memory upgrade, HDD replacement (SATA/IDE), industrial printer servicing
  • PC operating system installations and configuration of Windows, Unix, Mac, Linux (Ubuntu)
  • Skills in applications including Microsoft Office (Powerpoint, Excel, Outlook, Word) and Adobe reader
  • Configured networks, troubleshooted network connections, network cables and HVAC systems

Education

Bsc. - Information Technology

University of cape coast
cape coast, Ghana
06.2012

Skills

  • Windows
  • Mac OS
  • Android
  • Linux (Ubuntu/Centos)
  • Red Hat
  • SQL
  • DynamoDB
  • Postgres
  • Virtualization
  • Cloud Computing
  • Active Directory
  • RHEL IDM
  • Windows Server 2008/2012
  • AWS
  • Azure
  • GCP
  • Microsoft Office 365
  • Website Development
  • Ansible
  • Chef
  • Terraform
  • Vault
  • Docker
  • Kubernetes
  • Jenkins
  • Perl
  • Python
  • Bash
  • Json
  • PowerShell
  • Security Management
  • DNS with Active Directory
  • IDM RHEL
  • DHCP
  • OSPF
  • IDS
  • IPS
  • GIT
  • Firewalls
  • SSL/TLS
  • VPSN
  • Risk Assessment
  • Infrastructure Security Policies
  • Penetration Testing
  • Cryptography

Certification

  • AWS Certified Solutions Architect
  • AWS Sysops Associate
  • AWS Developer
  • AWS Cloud Practitioner
  • Network +, N10-007
  • Network +, N10-006

Training

  • Networking +, 01/01/17
  • Network Security, 09/01/16
  • Cyber Security, 08/01/16
  • Building an Effective ICS/SCADA Networks Security Strategy, 06/01/16
  • New Threat Vectors for ICS/SCADA Networks, 04/01/16

References

  • Jose Torres, Tusimple, San Diego, California, IT Manager, 951-987-6188, Jose.torres@tusimple.ai
  • Emmanuel Yaw Dadzie, Fannie Mae, Washington, DC, Infrastructure Manager, 301-536-8981, Emmanuel.dadzie@va.gov
  • Servrin Sabeng, Endeavour Mining, Linux Engineer/Tableau Developer, 862-306-9693, spooky2g89@icloud.com

Accomplishments

  • Built software infrastructure from scratch with two startup companies
  • Developed customized command line integration with terraform
  • Wired entire network cable connection in a whole new office space and configured switches and routers
  • Best Engineer Award with Safehealth Systems 2021

Affiliations

  • I like watching Marvel Movies
  • I like working on cars
  • I am very handy, i build stuff out of nothing
  • I automate my home with centralized control system for cameras, doors, lights etc

Languages

English
Native/ Bilingual
Fante
Native/ Bilingual

References

References available upon request.

Timeline

Manager/Senior Devops

SafetyChain-contract
01.2021 - 07.2021

Senior Cloud Architect/Principal Engineer

IBM
01.2021 - Current

AWS/azure Solutions Architect/cloud Engineer

IBM/Mercedes Benz(contract)
01.2021 - 01.2022

Director of SRE/Devops

Safe Health systems
09.2020 - 01.2021

Lead Senior Devops/SRE

SafeHealth Systems
09.2020 - 12.2020

Senior DevOps Engineer/SRE

Apple (contract)
07.2020 - 09.2020

Lead Senior DevOps/SRE Engineer

Cymatic Security
07.2019 - 05.2020

DevOps Engineer/SRE

Platform Science, San Diego, California
01.2019 - 07.2019

Systems/Cloud Engineer

Tusimple San Diego, California
01.2018 - 01.2019

Systems Engineer

Fannie Mae (Washington, DC remote contract)
08.2017 - 01.2018

Systems Administrator

Endeavour mining/Adamus Resources (Nzema, Ghana)
05.2015 - 02.2017

Systems/Cloud Engineer

Enterprise Insurance (Takoradi, Ghana)
01.2014 - 04.2015

Systems Engineer

National Identification Authority (Head Office. Accra, Ghana)
09.2011 - 12.2013

System Engineer

Cyber link limited (Takoradi, Ghana)
07.2010 - 09.2011

Bsc. - Information Technology

University of cape coast
Aaron A Annan