Summary
Overview
Work History
Education
Skills
Timeline
Generic

Srikanth Soma

Dallas,US

Summary

Sr. Cloud Platform Engineer and DevOps professional with 9+ years of experience designing and implementing scalable, secure cloud infrastructures across AWS, Azure, and GCP. Specialized in automation, infrastructure as code (Terraform, Jenkins, Docker), and cloud-native security aligned with ISO 27001, SOC 2, PCI-DSS, and GDPR standards. Experienced in deploying robust monitoring and observability solutions using Datadog, CloudWatch, and SignalFx to enhance incident response and operational visibility. Proven expertise in CI/CD pipeline development, risk mitigation, and fostering best practices in cloud governance, DevSecOps, and compliance automation.

Overview

9
9
years of professional experience

Work History

Sr. Cloud Platform Engineer - AWS

NIKE
06.2023 - Current
  • Designed and enforced AWS cloud security controls aligned with ISO 27001, SOC 2, PCI-DSS, and GDPR standards, ensuring compliance across multi-account environments.
  • Configured and managed AWS-native security services including AWS Config, Security Hub, IAM Access Analyzer, WAF, CloudTrail, GuardDuty, and KMS to detect, monitor, and remediate compliance gaps.
  • Implemented intrusion detection frameworks using GuardDuty, integrating with CloudWatch Alarms, SNS, and Slack for real-time alerts on anomalous activities (e.g., SSH brute-force, port scanning, IAM misuse).
  • Automated incident response workflows using Lambda functions to remediate GuardDuty findings (e.g., security group isolation, IAM revocation).
  • Developed security automation scripts to detect non-compliant resources and auto-remediate using AWS Config Rules, CloudWatch Events, and Lambda.
  • Centralized risk and compliance visibility using AWS Config Aggregators, Security Hub, and integrated findings into enterprise-level dashboards for compliance tracking and remediation workflows.
  • Wrote reusable Terraform modules for Infrastructure as Code (IaC) to automate provisioning of AWS resources such as EC2, Lambda, VPC, S3, EKS, RDS, and security services, ensuring standardized deployments.
  • Designed and deployed EKS clusters on AWS using Terraform, implementing RBAC, Pod Security Policies, Network Policies, and managing service meshes using Istio and Envoy for traffic routing, observability, and blue-green deployments.
  • Built CI/CD pipelines using GitHub Actions, Jenkins, and GitLab CI, embedding security gates, automated scans, and quality checks to accelerate deployment cycles.
  • Integrated GitHub Advanced Security (GHAS), SonarQube, and Veracode SAST/SCA into CI pipelines for automated secret scanning, code quality enforcement, and vulnerability detection during pull requests.
  • Developed custom Regex patterns and OPA Conftest policies to block insecure Terraform plans (e.g., open security groups, disabled logging) and flag risky coding patterns across scanning tools.
  • Automated scanning workflows using GitHub Actions reusable YAML templates, ensuring consistent security enforcement across 30+ repositories.
  • Tuned Veracode and SonarQube configurations to reduce false positives and prioritize actionable vulnerabilities, enhancing team adoption and accelerating remediation.
  • Deployed OSSEC/Wazuh agents on EC2 instances for host-based intrusion detection (HIDS), integrating alerts with CloudWatch Logs and SIEM platforms for centralized monitoring.
  • Implemented idempotent Ansible playbooks to manage service dependencies and validate system states during deployment cycles, ensuring environment consistency.
  • Designed and implemented Airflow-based data ingestion pipelines, enhancing data file monitoring, processing efficiency, and ensuring data accuracy across platforms.
  • Built Datadog dashboards to monitor application latency, error rates, resource saturation, and leveraged Datadog APM and logs with anomaly detection for real-time incident response via PagerDuty and Slack.
  • Tuned Datadog log ingestion pipelines to filter noisy logs, reducing ingestion costs while maintaining observability.
  • Collaborated with cloud security and platform teams to establish cloud governance policies, automate security control implementations, and document process flows to support audits and GRC reviews.
  • Led compliance reviews of cloud deployments, ensuring proper usage of KMS encryption, least-privilege IAM roles, and network ACLs, enhancing security posture across AWS environments.
  • Fostered a culture of best practices in cloud security and DevOps, mentoring teams on secure coding practices, infrastructure automation, and shift-left security principles.
  • Developed and optimized CI/CD workflows integrating security scanning and quality gates, reducing deployment times while ensuring robust security and compliance.

Sr. Cloud Platform Engineer - Azure

Bank of America
11.2022 - 05.2023
  • Designed and implemented Infrastructure as Code (IaC) on Azure using Terraform, automating the provisioning of compute, storage, and networking resources with reusable Terraform modules.
  • Architected multi-environment Azure infrastructure using Terraform workspaces, ensuring environment isolation, resource separation, and streamlined environment management.
  • Integrated Terraform with CI/CD pipelines (Jenkins, GitLab, Azure DevOps) to enable automated and consistent infrastructure deployments across multiple environments.
  • Collaborated with cross-functional teams to establish cloud governance policies and enforce best practices for Azure resource management, enhancing compliance and operational efficiency.
  • Monitored and optimized Azure infrastructure performance and cost using Azure Monitor, Azure Advisor, Network Watcher, and Traffic Analytics, achieving improved resource utilization and cost savings.
  • Developed and maintained security automation scripts for vulnerability scanning, compliance checks, and automated remediation aligned with NIST, PCI-DSS, HIPAA, and ISO 27001 standards.
  • Demonstrated ability to troubleshoot and resolve infrastructure issues related to Terraform and Azure by leveraging Azure Monitor logs, Diagnostic Settings, Network Watcher, and Application Insights.
  • Conducted security audits, penetration testing, vulnerability assessments, and security code reviews to identify and mitigate risks across Azure and Terraform-managed environments.
  • Proficient in conducting various security testing methodologies such as penetration testing, vulnerability assessments, and security code reviews to identify security risks and vulnerabilities in applications and infrastructure.
  • Implemented security best practices for Azure and Terraform, including IAM role-based access controls, secure storage policies (Azure Key Vault, Storage Account Encryption), and infrastructure compliance automation.
  • Experience in monitoring and troubleshooting network-related issues in Azure using Azure Network Watcher, NSG Flow Logs, Traffic Analytics, and Azure Firewall Diagnostics, alongside Terraform.
  • Designed and deployed end-to-end architecture for customer-facing applications on Azure Kubernetes Service (AKS), leveraging Terraform for infrastructure provisioning and scaling workloads.
  • Managed AKS (Azure Kubernetes Service) clusters for container orchestration and workload distribution, integrating Terraform for IaC deployments in Azure environments.
  • Implemented Azure-specific security best practices, including Azure AD role-based access controls, Conditional Access Policies, Azure Security Center monitoring, and Azure Policy enforcement.
  • Created CI/CD pipelines for automated infrastructure and application deployments on Azure, incorporating blue-green deployment strategies using Azure Traffic Manager and Azure Front Door to minimize downtime.

Sr. AWS Cloud Platform Engineer

NIKE
04.2021 - 10.2022
  • Monitored AWS infrastructure health and cost optimization using tools like CloudHealth, SignalFx, and enforced resource tagging standards through CloudCheckr/Cloud Red for infrastructure governance.
  • Developed Ansible playbooks to automate security patching and configuration management across AWS environments, enhancing compliance and operational consistency.
  • Containerized microservices using Docker, and deployed applications on ECR, EKS, and ECS, enabling scalable and efficient workload management.
  • Collaborated with cross-functional teams to deliver end-to-end AWS infrastructure solutions, including VPC networking design, troubleshooting, and infrastructure automation for data engineering workflows.
  • Designed and implemented high-availability, fault-tolerant architectures on AWS using Terraform and CloudFormation, ensuring resilient infrastructure deployments.
  • Deployed infrastructure to support Apache Airflow workflows for data engineers, ensuring smooth orchestration of ETL pipelines and resolving deployment issues.
  • Implemented blue-green deployment strategies on AWS for customer-facing applications, reducing deployment downtime and enhancing release safety.
  • Researched and implemented new solutions on AWS to improve platform resilience and scalability, resulting in significant uptime improvements and enhanced application reliability.
  • Built and optimized CI/CD pipelines using Jenkins, automating deployment processes for applications and infrastructure, accelerating release cycles, and reducing manual intervention.
  • Leveraged AWS monitoring and cost optimization tools to drive resource efficiency and cost savings, improving overall infrastructure utilization and expense management.
  • Collaborated with networking and platform teams to troubleshoot AWS VPC networking issues, ensuring rapid resolution and maintaining operational continuity.
  • Maintained detailed infrastructure documentation, ensuring clarity, adherence to best practices, and enabling smooth handoffs across teams.

Sr. AWS Cloud DevOps Engineer/SRE

7-Eleven
03.2019 - 04.2021
  • Designed and implemented Infrastructure as Code (IaC) using Terraform and the Serverless Framework to provision and manage highly available, fault-tolerant, and scalable microservices across AWS Lambda and Azure Functions.
  • Developed and maintained CI/CD pipelines in Azure DevOps for Node.js application services, supporting automated build, test, and deployment workflows on Azure and AWS.
  • Implemented comprehensive monitoring solutions using AWS CloudWatch, Datadog to track application performance metrics, including latency, throughput, 4XX/5XX error rates, and infrastructure metrics such as CPU, memory, and network utilization.
  • Created custom dashboards in SignalFx, New Relic, and Datadog to visualize application and infrastructure health, enabling real-time insights for engineering and operations teams.
  • Configured proactive alerting and automated notifications to quickly detect and respond to system and application failures, improving incident response times and reducing mean time to resolution (MTTR).
  • Troubleshot performance and reliability issues across cloud services, identified root causes, and developed preventive solutions to enhance system stability and resilience.
  • Created and managed AWS WAF rules to secure customer-facing APIs hosted on API Gateway, protecting applications against common web exploits and ensuring compliance with security standards.
  • Developed Docker files to containerize application services and configured GitLab CI/CD pipelines to build, tag, and deploy images to Amazon ECR, enabling consistent and efficient container-based deployments.
  • Implemented secure secrets management using AWS Systems Manager (SSM) to protect and manage application secrets, encryption keys, and tokens across AWS services, including EC2 instances, ECS containers, and Lambda functions.
  • Configured and managed Apigee X to deliver advanced security and performance features, including OAuth 2.0 authentication, rate limiting, and response caching for API traffic.
  • Integrated Apigee X with API gateways and backend services, configuring policies to route and redirect traffic across hybrid and multi-cloud environments.
  • Developed Terraform modules to deploy a highly available, fault-tolerant, and scalable three-tier web application for 7NOW Delivery on AWS. Leveraged ECS for compute, CloudFront for caching and serving static assets, AWS WAF for external threat protection, and KMS for encrypting sensitive PCI/PII data at rest with automated failover, Built GitLab CI/CD pipelines to automate deployments.
  • Configured VPC peering connections between AWS VPC and MongoDB VPC to enable secure, private connectivity for application services, and implemented VPC Flow Logs to monitor and audit network traffic.
  • Developed CloudWatch scheduled rules to trigger Lambda functions that call 7NOW store APIs and update MongoDB with inventory data, supporting event-driven inventory updates.
  • Enabled comprehensive logging for both application and infrastructure components, configuring centralized log collection to support troubleshooting, auditing, and compliance across AWS services and workloads.

Sr. AWS Cloud Platform Engineer

NIKE
03.2016 - 08.2019
  • Designed and deployed self-healing architectures on AWS using Terraform and CloudFormation, integrated with Jenkins CI/CD pipelines to automate infrastructure provisioning and application deployments for Big Data platforms.
  • Developed AWS Systems Manager (SSM) automation documents to enforce security patch baselines and compliance across large-scale data processing environments in production.
  • Configured Jenkins with plugins like JUnit and SonarQube for code quality checks, test coverage reports, and performance metrics, enabling robust DevOps workflows for Big Data applications.
  • Developed AWS Lambda serverless functions for automated cleanup of unused and underutilized AWS resources, reducing operational costs for data lake and analytics workloads.
  • Integrated Big Data tools (S3, Athena, Snowflake, Hadoop) with Apache Airflow to orchestrate complex ETL pipelines, enabling scalable and automated data workflows across cloud-native platforms.
  • Implemented NIST Cybersecurity Framework-based security controls for AWS Big Data environments, ensuring secure and compliant data processing pipelines.
  • Automated orchestration of distributed computing platforms including Apache Airflow, Hadoop, JupyterHub, and Databricks, enhancing data pipeline scalability and reliability.
  • Configured and managed AWS security services (IAM, AWS Config, CloudTrail, Security Hub) to enforce best practices for data security and governance in cloud-based Big Data ecosystems.
  • Designed containerized CI/CD pipelines using Docker and Ansible for building scalable data analytics platforms, streamlining deployment processes for data engineers and platform teams.
  • Developed Ansible playbooks to enforce security configurations for AWS Data Analytics services, aligning with enterprise compliance standards.
  • Led cross-functional collaboration with Data Engineering and Platform teams to integrate Apache Airflow with various data tools (Snowflake, Tableau, Box), improving workflow automation, data accessibility, and operational efficiency.

Education

Master of Science - Computer Science

Oklahoma Christian University
Edmond, OK
01.2015

Bachelor of Science - Computer Science

Jawaharlal Nehru Technological University
India
01.2012

Skills

  • Cloud Platforms: AWS, Azure, GCP
  • IaC & Automation: Terraform, CloudFormation, Ansible, Jenkins, GitHub Actions
  • Security: GuardDuty, AWS Config, Security Hub, WAF, IAM, KMS, SonarQube, Veracode, GitHub Advanced Security (GHAS)
  • Containerization & Orchestration: Docker, Kubernetes (EKS, AKS), Istio, Envoy
  • Monitoring & Observability: Datadog, CloudWatch, SignalFx, New Relic
  • Programming & Scripting: Python, Shell Scripting
  • CI/CD Tools: GitLab CI, Azure DevOps, Jenkins, GitHub Actions

Timeline

Sr. Cloud Platform Engineer - AWS

NIKE
06.2023 - Current

Sr. Cloud Platform Engineer - Azure

Bank of America
11.2022 - 05.2023

Sr. AWS Cloud Platform Engineer

NIKE
04.2021 - 10.2022

Sr. AWS Cloud DevOps Engineer/SRE

7-Eleven
03.2019 - 04.2021

Sr. AWS Cloud Platform Engineer

NIKE
03.2016 - 08.2019

Master of Science - Computer Science

Oklahoma Christian University

Bachelor of Science - Computer Science

Jawaharlal Nehru Technological University

Similar Profiles

CREATE PROFILE
Srikanth Soma