• Responsible for Cloud (AWS) Security architecture, shifting security left, managing multiple aws GovCloud accounts for Government customers, airgap environment emulation for DoD, implementing FedRAMP High security compliance

• provided architectural guidance from high-level design to detailed hands-on implementation of security controls in govcloud and airgap environments.

• Leveraged aws reference architecture to propose a solution to the customer.

Assessed and evaluated customer security needs and proposed reference security architecture.

• Created, built, educated, trained and designed cloud computing architectures for our Defense Department (DoD) and Government customers.

• Responsible OS hardening pipeline in Falcon (CIS Benchmark + STIG + FIPS ) for EKS and EKR nodes and IAM for govcloud.

• Lead the development of new process and tooling that enables a cloud security first approach to capacity delivery - designed and developed image press tool to build CIS harden images and artifact transfer between commercial and Airggap/govcloud environments.

• Security roadmap and implementation SecDevOps toolchain and processes. (SSO, IAM policies and Roles, AWS Lambda, Central Logging, Dome9, Evident.io - CSPM , AWS Inspector, AWS Trusted Advisor, Checkov, Prisma Cloud for container security, AWS System Manager, Qualys, Golden AMI, Encryption using KMS, Incident Response Plan and Playbooks, Splunk, Qualys, AWS Guarduty, Security Hub, Shield, WAF, CloudFront, AWS Macie and AWS Config).

• Build SecDevOps team and culture from ground up. Managed, hired and mentored CloudOps/SecOps team for Verizon Smart Community (VSC) projects.

• Responsible for full SecOps/CloudOps ownership and managing 30 aws accounts (Including AWS GovCloud) across organization for 6 VSC products.

• Created AWS Best practices blueprint across Organization and implemented Security as part of DevOps pipeline.

• Security roadmap and implementation SecDevOps toolchain and processes. (SSO, IAM policies and Roles, AWS Lambda, Central Logging, Dome9, Evident.io, AWS Inspector, AWS Trusted Advisor, AWS System Manager, Qualys, Golden AMI, Encryption using KMS, Incident Response Plan and Playbooks, Splunk, Qualys, AWS Guarduty, Security Hub, Shield, WAF, CloudFront, AWS Macie and AWS Config).

• SRE: Designed Central logging solution for AWS CloudTrail, CloudWatch, VPC flow logs and System logs. Implemented monitoring system using Splunk and PagerDuty to detect/alert security incident.

• Implemented HA/DR best practices for VSC products.

• DevOps: IaaS code implementation using Terraform/Cloudformation for VSC products. Designed and implemented complete automation process to provision infrastructure using CI/CD.

• Implemented CloudHealth for billing and cost optimization and reduced AWS bill to half.

• Help team to implement NIST 800 standards and CJIS compliance for VSC Public Safety products.

• Managed DevOps/Infrastructure team and filled in implementation and support (devops) gaps

• Responsible for full DevOps ownership: CI/CD Pipeline using Jenkins, Container as a Service infrastructure and Orchestration using Mesos/Marathon platform, AWS Cloud IaaS Management(Terraform), Monitoring.

• Designed and Architected central logging solution for client using BigData technology Kafka and Hadoop.

• Transformed complex manual efforts into simple, automated, data-driven, user experiences for better decision-making and competitive advantage.

• Directed team to automate environment creation for Kafka, Hadoop Cluster using AWS Cloudformation, SRE best practices and Configuration management using Ansible.

• Managed a team of senior engineers to implement the key components of the product according to specifications, defined and enforced CI/CD pipeline (Jenkins), SCM, Dev Ops and Infrastructure (Iaas) strategy across organization and agile technology across team.

• Lead and facilitated internal understanding of Devops process and DevOps toolchain management.