# Macdonald Macwan > Cloud Security Architect ( 7 X AWS, 3 X Azure Certified ) | Airgap Location: San Francisco, California, United States Profile: https://flows.cv/macdonald • Senior technology leader with over 20 years of experience in project management, analysis and architecture with a focus on Cloud, DevOps, Security, CI/CD, Infrastructure, SRE, containerization, Data Warehousing, IOT and BigData. • Lead and own accountability for the design of business and IT vision, Multi Cloud Architecture, application functionality, implementation strategies, project planning and presentations. • Lead and drive rapid brainstorming sessions to quickly assess current state complexities in DevOps and SecOps processes, Infrastructure strategy to identify architectural challenges and automation opportunities for future state IT solutions. • Create and present clear, visually illustrative, decision options with trade-offs for future state business functional requirements, solution blueprints, and application designs to drive understanding and enable rapid project decisions. ## Work Experience ### Principal Software Engineer (PMTS) @ Salesforce Jan 2019 – Present | San Francisco Bay Area • Responsible for Cloud (AWS) Security architecture, shifting security left, managing multiple aws GovCloud accounts for Government customers, airgap environment emulation for DoD, implementing FedRAMP High security compliance • provided architectural guidance from high-level design to detailed hands-on implementation of security controls in govcloud and airgap environments. • Leveraged aws reference architecture to propose a solution to the customer. Assessed and evaluated customer security needs and proposed reference security architecture. • Created, built, educated, trained and designed cloud computing architectures for our Defense Department (DoD) and Government customers. • Responsible OS hardening pipeline in Falcon (CIS Benchmark + STIG + FIPS ) for EKS and EKR nodes and IAM for govcloud. • Lead the development of new process and tooling that enables a cloud security first approach to capacity delivery - designed and developed image press tool to build CIS harden images and artifact transfer between commercial and Airggap/govcloud environments. • Security roadmap and implementation SecDevOps toolchain and processes. (SSO, IAM policies and Roles, AWS Lambda, Central Logging, Dome9, Evident.io - CSPM , AWS Inspector, AWS Trusted Advisor, Checkov, Prisma Cloud for container security, AWS System Manager, Qualys, Golden AMI, Encryption using KMS, Incident Response Plan and Playbooks, Splunk, Qualys, AWS Guarduty, Security Hub, Shield, WAF, CloudFront, AWS Macie and AWS Config). ### Principal SecDevOps Architect @ Verizon Jan 2018 – Jan 2019 | San Jose • Build SecDevOps team and culture from ground up. Managed, hired and mentored CloudOps/SecOps team for Verizon Smart Community (VSC) projects. • Responsible for full SecOps/CloudOps ownership and managing 30 aws accounts (Including AWS GovCloud) across organization for 6 VSC products. • Created AWS Best practices blueprint across Organization and implemented Security as part of DevOps pipeline. • Security roadmap and implementation SecDevOps toolchain and processes. (SSO, IAM policies and Roles, AWS Lambda, Central Logging, Dome9, Evident.io, AWS Inspector, AWS Trusted Advisor, AWS System Manager, Qualys, Golden AMI, Encryption using KMS, Incident Response Plan and Playbooks, Splunk, Qualys, AWS Guarduty, Security Hub, Shield, WAF, CloudFront, AWS Macie and AWS Config). • SRE: Designed Central logging solution for AWS CloudTrail, CloudWatch, VPC flow logs and System logs. Implemented monitoring system using Splunk and PagerDuty to detect/alert security incident. • Implemented HA/DR best practices for VSC products. • DevOps: IaaS code implementation using Terraform/Cloudformation for VSC products. Designed and implemented complete automation process to provision infrastructure using CI/CD. • Implemented CloudHealth for billing and cost optimization and reduced AWS bill to half. • Help team to implement NIST 800 standards and CJIS compliance for VSC Public Safety products. ### Senior DevOps Manager @ Skava Jan 2017 – Jan 2018 | San Francisco Bay Area • Managed DevOps/Infrastructure team and filled in implementation and support (devops) gaps • Responsible for full DevOps ownership: CI/CD Pipeline using Jenkins, Container as a Service infrastructure and Orchestration using Mesos/Marathon platform, AWS Cloud IaaS Management(Terraform), Monitoring. ### Senior Architect @ Persistent Systems Jan 2016 – Jan 2017 | San Francisco Bay Area • Designed and Architected central logging solution for client using BigData technology Kafka and Hadoop. • Transformed complex manual efforts into simple, automated, data-driven, user experiences for better decision-making and competitive advantage. • Directed team to automate environment creation for Kafka, Hadoop Cluster using AWS Cloudformation, SRE best practices and Configuration management using Ansible. ### Technical Implementation Manager @ Charles River Development Jan 2014 – Jan 2015 | Greater Boston Area • Managed a team of senior engineers to implement the key components of the product according to specifications, defined and enforced CI/CD pipeline (Jenkins), SCM, Dev Ops and Infrastructure (Iaas) strategy across organization and agile technology across team. • Lead and facilitated internal understanding of Devops process and DevOps toolchain management. ### DevOps Manager @ Fidelity Investments Jan 2012 – Jan 2014 | Merrimack NH • Responsible for implementing DevOps processes horizontally across organization and training multiple groups. • Authored complex multiyear statement of work and implementation plan for each client to engage professional service team to build out solutions. • Defined and enforced AWS cloud best practice across organization and introduced advanced cloud technology such as AWS EC2, Cloud Formation, Cloud watch, S3 and EBS services. ### Lead Software Engineer @ Fidelity Investments Jan 2010 – Jan 2011 | Greater Boston Area • Acted as a mentor for DevOps team, assisted DevOps engineers in all aspects of the software life-cycle, including: definition, design, implementation, testing and delivery, assigned and prioritized project related task. ### Software Engineer @ Fidelity Investments Jan 2006 – Jan 2009 | Greater Boston Area • Designed and architected multiple data warehousing and MDM projects and delivered multiyear complex key initiative using Informatica, Java, shell, perl scripts, Splunk, SQL/PL SQL, T-SQL. ### Lecturer/Mentor @ R.C.Technical Institute Jan 2001 – Jan 2004 | Gujarat, India • Conducted different departmental needs assessments to determine viability of architecting a new software integration process. • Developed a technology infrastructure and capacity/cost forecast for university technical projects. ## Education ### Master of Science (M.S.) in Computer Engineering California State University, Chico ### Bachelor of Science (B.S.) in Electronics and Communications Engineering Sardar Patel University ## Contact & Social - LinkedIn: https://linkedin.com/in/macdonaldmacwan --- Source: https://flows.cv/macdonald JSON Resume: https://flows.cv/macdonald/resume.json Last updated: 2026-04-12