Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic
Surya J

Surya J

Irving,NY

Summary

8+ years of experience in Cloud Engineering automating Infrastructure as Code, DevOps CICD pipelines, and Patch Automation processes. Experience on Azure cloud platform and its security and IAM features like Conditional access policy, MFA (Multifactor authentication), Identity protection, Azure Entra ID Roles and administration. Developed and integrated applications in Enterprise applications, app registrations and implemented Single sign on (SSO). Expertise in Device registration (Azure AD register, Azure AD Join, Hybrid Azure AD Join). Knowledge and experience in the implementation of Windows Hello for business, including its trust types, such as key trust, Certificate trust, and Cloud Kerberos trust. Hands on Experience in PTA (Pass Through Authentication) & PHS (Password Hash Synchronization), Microsoft Intune, RBAC, PIM, Virtual Machines, Azure AD Connect, Active Directory Federation Services (ADFS). Experience on AWS Cloud platform and its features that include EC2, VPC, EBS, ELB, S3, RDS, EBS, Cloud Watch and In- depth understanding of the principles and best practices of Software Configuration Management (SCM) processes, which include compiling, packaging, deploying and Application configurations. Designed AWS Cloud Formation templates to create custom sized VPC, Subnets, NAT to ensure successful deployment of Web applications and database templates and expertise in architecting secure VPC Solutions in AWS with the help of Network ACLs, Security groups, public and private network configurations. Hands on experience in setting up database in AWS using RDS, storage using S3 bucket and configuring instance backups to S3 bucket to ensure fault tolerance and high availability in Dev, QA and Prod environments. Experience in working with Amazon Web Services (EC2/AWS) - Web consoles, APIs, Security Groups and Extreme proficiency in Cloud Computing embracing Azure IaaS, PaaS based offerings leveraging Windows Azure, Agile project management. Designed and configured Azure Virtual Networks (VNets), subnets, Azure network settings, DHCP address blocks, DNS settings, security policies and routing. Wrote Ansible playbooks and securing a server with Ansible and Provisioning, deployment with Ansible and Worked on developing Ansible Go Scripts for automating regular tasks. Wrote Ansible playbooks for installing Tomcat, JBoss, Nginx, WebLogic, and WebSphere for configuring load balancers and fail over. In depth understanding of the principles and best practices of Software Configuration Management SCM processes, which include compiling, packaging, deploying and Application configurations. Proficient in Hudson and Jenkins for continuous integration and end-to-end automation, as well as Apache Maven and Apache Ant for writing Pom.xml and Build.xml files. Experience working with Chef and Ansible for configuration management and application deployments and creating Ansible playbooks to provision Apache webservers, Tomcat servers, MySQL, and Mongo DB database servers. Good experience on DevOps tools such as Chef, Ansible, Jenkins, Maven, ANT, GIT, Docker and DevOps/Agile operations process and tools area (Code review, unit test automation, Build & Release automation, Environment, Service, Incident and Change Management). Administration of Production, Development and Test environment’s carrying Windows, Ubuntu, Red Hat Linux, and CentOS servers. Working on version control systems like Subversion, and GIT and used Source code management client tools like GitBash, GitHub, Git GUI and other command line applications etc. Design and Deploy Google cloud Platform Solutions using Google services like computer engine, cloud storage buckets, persistent disks, cloud load balancer, auto scaling groups, cloud deployment manager, stack driver, cloud IAM and DNS. Good understanding of OpenShift platform in managing Docker containers and Kubernetes Clusters along with installing of Docker using Docker toolbox. Created Docker images using Docker file. Proficiently experienced in Amazon Web Services (AWS) cloud platform and its services like EC2, S3, VPC, VPN, Dynamo, EBS, ELB, SNS, Glacier, Auto-Scaling, IAM, Route53, AMI, Security-Groups, CloudFront, CloudWatch, OpsWork, and CloudFormation through AWS management console and AWS CLI (Command Line Interface). Experience in Migration from okta to Azure which includes assessment and planning, Azure AD Configuration, Data Migration, Application integration, SSO, MFA, Testing, Go-live and post migration support, security, and compliance. Deploying artifacts such as JAR, WAR using build automation tools like Ant, Maven and Gradle to write pom.xml and build.xml and used MAVEN repository using NEXUS Tool to share snapshots and releases. Installing, upgrading, and configuring SUSE, Solaris, Dell and HP x 86 server, Centos, VXVM, SVM Red Hat Linux using Kickstart Servers and Virtualization with VMWare vSphere ESXi, vCenter. Designed to ensure the confidentiality, integrity, and availability of PHI and Mandates safeguards to protect PHI, such as encryption, access controls, and audit trails. Experience working on HIPPA (Health Insurance Portability and Accountability Act), FEDRAMP (Federal Risk and Authorization Management Program), FIPS (Federal Information Processing Standards), FTI (Federal Tax Information).

Overview

9
9
years of professional experience
1
1
Certification

Work History

Sr. Cloud/DevOps Engineer

LTI Mindtree
08.2022 - Current
  • Delivering IAM solutions for the concerns faced by end users, troubleshooting and mitigate issues
  • Analyzing end user environment and providing feasible infrastructure solution to maintain high availability
  • Provide security measures to safeguard the resources from Hackers and Intruders
  • Imparting end-user understanding of features and services provided by Azure AD Roles & Administrations, Office 365
  • Application integration with Azure AD (Entra ID) SSO – Configuration, troubleshooting SSO based enterprise applications and self-developed registered apps
  • Management of corporate devices by configuring Device Registration features like, Hybrid Azure AD join, Azure Ad join, and Azure Ad registered
  • Managing users and groups for security concerns
  • Enabling and managing Multifactor authentication for the end user using Azure MFA or on-premises MFA Server
  • Analyzing Audit and Sign-in reports for the user and Expertise in Deploying and achieving Seamless SSO using Azure Ad Connect
  • Imposing security policies for the end users using Conditional Access policies
  • Interpreting and analyzing the risk events for the users through Azure Ad Identity Protection
  • Configuration and Troubleshooting Active Directory Federation Services
  • Configuration and Managing Password-less sign-in features using Windows Hello for Business, FIDO2
  • Expertise in Azure AD roles and Administrators
  • Synchronizing devices using Azure AD Connect
  • Experience in working on ServiceNow tool
  • Giving knowledge training sessions to engineers who recently joined in my project and used to conduct technical bash for engineers to resolve any roadblock queries/issues
  • Expertise in trust types like key trust, Certificate trust and Cloud Kerberos trust in WHFB and in PTA (Pass through Authentication) & PHS (Pass Hash Synchronization) Authentication methods
  • Hands on experience in Azure Cloud services, PaaS, Azure storages, Azure Data Bricks, Azure service bus & worked on Azure PowerShell cmdlets to create, test, deploy Azure cloud platform services using PowerShell
  • Experienced with Microsoft Intune which deals with MDM & MAM and worked on security features like RBAC (Role Based Access Control) and PIM (Privileged Identity Management)
  • Experience in baseline policies which are default policies applied at an initial stage of creating a Tenant before conditional access polices were created and single global admin lockout issues
  • Implemented Security Assertion Markup Language (SAML) protocols, establishing secure communication between different platforms
  • Also, Implemented other protocols like OIDC, Oauth 2.0
  • Established standards for encryption, security protocols, and computer systems used by federal entities and contractors using FIPS and streamlined cloud security assessment and monitoring across government agencies, fostering secure cloud adoption using FedRAMP
  • Involved in Development and Implementation of CI/CD pipeline involving Jenkins, Ansible, Terraform and Docker containers to complete the automation from commit to deployment
  • Integrated Jenkins with Nexus, SonarQube and used CI/CD within Jenkins on Docker container environment, utilizing Docker for the runtime environment for the CI/CD system to build, test and deploy in AWS and private cloud (on-prem)
  • Also, Implemented CI/CD process using CDP process for global development team, allowing for dozens of code updates per hour with zero downtime
  • Carried out the setup for master slave architecture to improve the Jenkins performance and Built end to end CI/CD Pipelines in Jenkins to retrieve code, compile applications, perform tests and push build artifacts to Nexus using Nexus Artifactory plugin
  • Worked with Kubernetes to provide a platform for automating deployment, scaling, and operations of application containers across clusters of hosts and managed containerized applications using its nodes, Config maps, selectors, and services
  • Used Jenkins pipelines to drive all microservices builds out to the Docker registry and then deployed to Kubernetes, Created Pods and managed using Kubernetes
  • Manage Kubernetes with Kubectl and Manage from Kubernetes UI, deal with Cluster Managements on Kubernetes using Ansible and also manual configuration using Kubeadm
  • Scheduled, deployed, and managed container replicas onto a node cluster using Kubernetes
  • Monitored the Kubernetes dashboard, nodes with Prometheus, Grafana and Used Grafana for container level Monitoring
  • Installed configured, Monitoring tool such as Splunk, Nagios, AppDynamics for Resource Monitoring/ Network Monitoring / log trace Monitoring.

DevOps/AWS Cloud Engineer

Dell Technologies, Inc.
08.2019 - 07.2022
  • Supporting and managing client’s infrastructures on AWS
  • Setting up Amazon EC2 instances, Virtual Private Cloud (VPC), Security groups, Elastic Load Balancers, S3 buckets, using AMIs and monitoring using Cloud Watch
  • Used Security Groups, NACLs, Internet Gateways, NAT instances and Route Tables to build a secure zone environment for organizations in AWS public cloud
  • Automated cloud deployments using chef, python, and AWS Cloud Formation Templates
  • Setup and build AWS infrastructure various resources, VPC EC2, S3, IAM, EBS, Security Group, Auto Scaling, and RDS in Cloud Formation JSON templates
  • Implemented a Continuous Delivery pipeline with Docker, Jenkins and GitHub and AWS AMI’s
  • Worked with Docker- docker hub, pulling images from docker hub, running containers based on an image
  • Experience in building automated CI and Cd pipeline with AWS CodePipeline, Jenkins, and AWS CodeDeploy
  • Creating Dockerfile to manage customized containers, port redirect, container volume management, docker inspect, docker commit to capture file changes/settings into a new image and submitting the image to docker hub
  • Designed AWS Cloud Formation templates to create custom sized VPC, subnets, NAT to ensure successful deployment of Web applications and database templates
  • Deploying and managing applications in Docker, Kubernetes, Jenkins and storing the artifacts in Artifactory for various on- premises and microservice applications
  • Expertise in building Jenkins jobs to create AWS Infrastructure by pulling Terraform code from GitHub repositories, ability to work closely with teams, to ensure high quality, timely delivery of builds & releases
  • Experience in Administration/Maintenance of Source Control Management Systems such as Git and Sub Version (SVN)
  • Created tags and branches, fixed merge issues and administered software repositories
  • Worked in Agile development team to delivered end to end CICD product in an open-source environment using Chef
  • Experienced in working on DevOps /Agile operations process and tools area (Code review, unit test automation, Build & Release automation Environment, Incident and Change Management) including various tools
  • Expert with Installation of Linux and Windows OS such as RHEL 5.x/6.x/7, CentOS, SUSE Linux, Ubuntu
  • Installed RHEL using Kick start with Pre-Installation & Post-Installation Scripts, PXE & Azure Templates
  • Configuring and Administering NFS, DNS, NIS, DHCP, NIS+ and LDAP on Linux server environment
  • Knowledge of networking concepts (DNS, TCP/IP, UDP, HTTP, SSH, OSI layers, Client/Server architecture and Firewalls)
  • Experience in Debugging APIs using Splunk logs and made performance analysis through AppDynamics and Nagios for Resource Monitoring/Network Monitoring/Log Trace Monitoring
  • Build Jenkins pipelines to drive all micro services builds out to the Docker registry and then deployed to Kubernetes, Created Pods and managed using Kubernetes
  • Managed the Kubernetes platform by securing various Namespaces, packaged the Kubernetes deployment using Helm and Charts, developed Docker files for various Middleware like Tomcat, WebSphere and JBoss
  • Experience in maintaining applications by Monitoring logs information, Resources usage and performance and get the Health and Security notifications from AWS nodes by using Monitoring tools like Splunk, ELK (Elasticsearch, Log Stash, and Kibana), Nagios and AppDynamics, Datadog and created monitors, alarms & notifications for EC2 hosts using CloudWatch
  • Experience Achieving High Availability with the help of monitoring tools like (SPLUNK, ELK) and automated Logstash (ELK Stack) as a part of Server Build and building Elasticsearch (ELK Stack)
  • Installed and configured Jenkins with SonarQube and GIT with the aid of installing GIT plugins and constructing the Artifacts making use of Maven and storing the construct Artifacts into Nexus repository and deploying it to WebSphere server
  • Implemented Jira with Maven release plugin for tracking bugs and defects and created ANT and Maven POMs to automate the build process and integrated them with tools like SonarQube, Nexus
  • Also, Demonstrated ability to design and implement scalable and high-performance solutions on GCP, leveraging services such as Compute Engine, Kubernetes Engine, and Cloud Load Balancing
  • Experienced in implementing security best practices and compliance standards on GCP, including encryption, Identity and access management (IAM)
  • Closely working with Developers, QA, Performance, UAT testers, IT Team
  • Provided 24
  • 7 support on call.

DevOps Cloud Engineer

Charles Schwab
03.2017 - 07.2019
  • Troubleshooting issues on Ansible, Red Hat satellite servers, Chef and Azure portal
  • Resizing the servers and adding storage on cloud servers through PowerShell and Azure portal
  • Knowledge of Ansible and Puppet
  • Bootstrapping nodes with knife and automating using Chef Recipes, Cookbooks, test- kitchen, and chef specs Refactored Chef and Ops Works for Azure
  • Chef server deployment and setup, Chef client node bootstrapping for provisioning, Chef recipe development using Knife command-line tool, customized Ruby scripts to create Chef cookbooks, and Chef server configuration to begin Chef Nodes
  • Working as Cloud Administrator on Microsoft Azure, involved in configuring virtual machines, storage accounts, resource groups using ARM templates
  • Worked on remote login to Virtual Machines to troubleshoot, monitor and deploy applications
  • Experienced with deployments, Maintenance and troubleshooting applications on Microsoft Cloud infrastructure AZURE
  • Deployed VMs as scale sets (VMSS), availability sets (AVsets), with it, the application will have the scalable ability to grow up
  • Experience with Chef and Ansible to automate repetitive tasks and provision Red Hat Linux server setups
  • Lead the rewrite of a massive Chef Code base to make cookbooks composable and testable, and to facilitate the migration from Ubuntu to CentOS
  • Evaluating testing of Chef Recipes - Concept of Test-Driven Development for Infrastructure as a Code
  • Worked with the Enterprise Job Scheduling tool - CA Workload Automation, administration/ upgrades/patching
  • Worked with Ansible to develop scripts to automate deployment of physical and virtual Environments
  • Experience in using Ansible to manage Web Applications, Config Files, Data Base, Commands, Users Mount Points, and Packages
  • Used Ansible to assist in building automation policies and deployment configuration automation on production Servers
  • Created Ansible playbooks, which are the entry point for Ansible provisioning, where the automation defined through tasks using YAML format and Run Ansible Scripts to depending on provision to servers
  • Used IAM to apply policies and responsibilities to users and groups as needed
  • Designed EC2 high-availability setup for application and database servers using ELB and Auto-scaling
  • Used Cloud Watch for monitoring AWS cloud resources and the applications that deployed on AWS by creating new alarm, enable notification service
  • Worked on Jenkins and GIT for smooth code release
  • Jenkins integration with GitHub private repositories—built Maven and Ant automation tools and Artifact repository for pushing successful build code
  • Involved in source control management with GitHub and GitLab Enterprise level repositories
  • Regular activities include configuring user’s access levels, monitor logs, identifying merge conflicts and managing master repository.

Linux/System Administrator

Amerispace
07.2015 - 02.2017
  • Installed, Configured, and Deployed the Red Hat Linux enterprise server 5.x, 6.x versions, tuning, upgrading, and loading patches
  • Setup Kickstart server for quicker installation and ease of adding additional servers
  • Experienced in OS upgrades and Patching of AIX servers from 5.3 to 6.1 and Solaris and LINUX
  • Good exposure in doing resource upgrade in Solaris servers having zones, Linux servers running on VMs and AIX servers
  • Installed, configured, and updated Linux machines, with Red Hat, Debian, and CentOS
  • Rapid-provisioning and configuration management for CentOS using Kickstart and Puppet
  • Installation/Configuration of ESXi 3.5, 4.x servers and applying security patches to the ESXi servers and worked with various types of file systems, and volume management solutions: ZFS, LVM, VxVM, and SVM
  • Setting up Splunk's architecture in the organization, developing SPLUNK Queries to create reports, and producing DLP reports with SPLUNK Configured network settings, resolved TCP/IP problems on RHEL 5 & 6 servers, and managed NFS on Sun Solaris
  • Involved with the SSL certificate missing issues and installed certificates from backups
  • Installed, integrated, and tuned LDAP, Apache Tomcat, JBOSS, WebSphere and WebLogic application server
  • Improved Linux NFS kernel server scalability and performance
  • Fixed and backported NFS client bugs
  • Helped build an NFSv4 server from scratch, including work queue infrastructure, RPC layer, and NFSv4 state tracking
  • Created Storage Group, Zones, Volume groups, and RAIDs using EMC Utility and NetApps snapshot for backup and recovery
  • Configure RAID 1 and RAID 5 Storage Systems with Veritas File System and Volume Manager 5.0
  • Provided 24/7 on call support on Linux Production Servers
  • Responsible for maintaining security on Redhat Linux.

Education

Skills

  • Cloud: AWS, Microsoft Azure, GCP
  • Operating Systems: Sun Solaris 11/10, Red Hat Linux 5x/6x/7 SUSE 10/11/12, Ubuntu, OEL, CentOS
  • DevOps: Chef, Puppet, Jenkins, Vagrant, Docker, Kubernetes
  • Web Application: Tomcat, Apache, WebSphere, JBoss
  • Databases/Languages: Oracle, DB2, MySQL, Cassandra, MongoDB, SQL 2008/2012/2014, Shell, Perl, Ruby
  • Backup Management: VERITAS Netback up 4x/5x/6x, Solstice Disk Suite, tar, dd
  • Software: VERITAS Volume Manager 3x/4x, WinSCP, FTP, SSL, VERITAS Cluster Services, Cisco CNR
  • Azure Services: IAM, Azure Active Directory, on-premises, Intune, RBAC, PIM, WHFB, Azure AD Connect, ADFS

Certification

  • Azure Fundamentals (AZ-900)
  • Identity and access Administrator- Associate (SC-300)
  • Azure Security engineer- Associate (AZ-500)

Timeline

Sr. Cloud/DevOps Engineer

LTI Mindtree
08.2022 - Current

DevOps/AWS Cloud Engineer

Dell Technologies, Inc.
08.2019 - 07.2022

DevOps Cloud Engineer

Charles Schwab
03.2017 - 07.2019

Linux/System Administrator

Amerispace
07.2015 - 02.2017

Similar Profiles

CREATE PROFILE
Surya J