Professional Resume

Summary

I like to make a difference by solving problems. That is why I love working with cloud, security, and automation technologies, as these will help leadership save money, enable the business to succeed, and improve my team's quality of life.

Work History

Lead Engineer (VP) – NextCapital, a Goldman Sachs Company

May 2017 – Present

I lead DevOps engineers to help manage and architect our AWS infrastructure, automate deployments, refine development processes, collaborate with peers, and guide newer team members. Over the years, notable work includes:

Setup cross-account access for services with VPC endpoints services and Lattice
Building ECS Clusters from code with Docker and Terraform.
Architecting an ALB-based infrastructure to support internal macro and micro services.
Setting up an automation orchestration, build and deployment framework powered by Ansible.
Implementing SendGrid event processing with Go, Ruby, SNS, SQS and API Gateway.
Increasing build and delivery reliability by adding acceptance tests based on InSpec and PyTest.
Moving Chef into a master-less implementation, removing blockages for parallel deployments.
Mechanizing deployments via AWS CodeSuite.
Ported our CloudFormation VPC code into Terraform to ensure repeatability and reusability.
Deployed JFrog Artifactory to support package-based deployments.
Standardized AWS resource naming to ensure service consistency.

Development Configuration Operations Engineer – Connecture

July 2015 – April 2017

I ensure agility and compliance through infrastructure code, release management automation, and public cloud security while working in concert with Product, Development, and QA. In the end, I was able to:

Establish event-driven automation with Python and Lambda.
Instituted a compliant messaging and caching system based on Redis.
Implement a lightweight secrets system that leverage instance roles, Credstash, DynamoDB and KMS.
Create a deployment environment based Ansible, Packer, CloudFormation, and Rundeck.
Architect and established an infrastructure supporting Tyk API gateway services.

Consultant – Synnefo Technology Solutions, a Forsythe Company (Now Sirius solutions)

December 2014 - June 2015

I create automated solutions for medium to large organizations, implementing the following:

An open-sourced Puppet architecture based on best practices.
A streamlined template and deployment process in a Windows 2003-2008 migration.
A re-factored RHEV/VMWare training lab infrastructure implemented via Ansible.

Cloud Systems Engineer - Ex Libris Group, a ProQuest Company

October 2013 - November 2014

I develop automation and monitoring tools that manage up to 2,500+ servers in five datacenters worldwide.

Contractor – ESPG Corporation

April 2013 - October 2013

I support AT&T's OpenStack-based deployments as well as a HIPAA-compliant image storage solution.

Lead Systems Engineer - Sears Holdings Corporation

February 2012 - April 2013

I administer Sears Holdings' private cloud, an environment that spans about 2000+ servers. Noteworthy successes include:

Designing and deploying a high-available Puppet automation framework.
Engineering a new cloud release based on Ubuntu Server 12.04 LTS server.
Building out a DR-enabled VDI solution to support critical applications in time for the holiday season.
Extended functionality of internal cloud to include cloning, resizing, and snapshotting.
Instituted CPU affinity on most of the production hypervisors, thus stabilizing I/O heavy VSIs in the cloud.

Senior Systems Administrator - AT&T

November 2008 – February 2012

Manage Java-based data applications on AT&T wireless network as well as orchestration services on AT&T's cloud platform. My achievements include:

A reliable and scalable monitoring solution based on Cacti and DRBD.
A suite of Rails apps that track workflows, parse authentication data, search mobile device IPs, and monitor configuration state.
An automation framework that deploys operation tools across platforms.

Academics

Bachelor of Science in Information Technology - Western Governors University

January 2013 – April 2015

I returned to college via a non-traditional accelerated track and successfully graduated ahead of schedule.

Computer Science Major - Los Angeles City College

September 1993 – April 1996

I attended after high school, left to take advantage of roles in the exploding ISP and hosting industries.

Technologies, Tools, and Skillsets

I touch a lot of tech over the years, through work, education, and experimentation. Here are some of them I have taken up.

Automation and Infrastructure as Code

Terraform, CloudFormation, Ansible, Chef, Packer, AWS CDK, Lambda, System Manager, Spinnaker, Puppet, Helm, Kustomize

Databases and Datastores

RDS/MySQL, MongoDB, Redis/ElastiCache, XML, YAML, JSON, DynamoDB, Parameter Store, PostgreSQL

Development - Languages

Python, Shell (Bash, ZSH), Ruby, Go, NodeJS, JavaScript, TypeScript, Perl, Rust, PHP

Development - Tooling

AWS Code Suite (CodePipeline, CodeBuild, CodeDeploy, CodeCommit), GitHub Actions, Jenkins, Git, JFrog (Artifactory, Pipelines), Google Cloud Artifact Registry, PyTest/TestInfra, InSpec, ChefSpec, RSpec, Unittest(Python), Go test, Tekton/Openshift Pipelines, GitLab CICD, ArgoCD, OpenShift Pipelines

Distributed Computing - Cloud Services

Amazon Web Services (AWS), Google Cloud, Azure, Digital Ocean

Distributed Computing - Virtualization and Containers

OpenShift/Kubernetes, Openshift/KubeVirt Virtualization, Docker/Podman, OVirt/RHEV

Events and Messaging

AWS (SNS, SQS, SES, Event Bridge), Slack, SendGrid, Postfix, Kinesis, Beanstalkd

Monitoring and Observability

NewRelic, ElasticSearch/OpenSearch, CloudWatch, VictorOps/Splunk OnCall, SumoLogic, Grafana, Nagios

Operating Systems

Linux (Red Hat, CentOS, Rocky Linux, Ubuntu, Amazon, Alpine, Busybox), Windows, Mac OS, IRIX, Solaris

Security Tools

Amazon Inspector, CloudTrail, AWS KMS, CVEscan, AWS WAF, ClamAV, Checkov, Steampipe firewalld/netfilter, auditd, AIDE, OpenSCAP, Tang/Clevis, LUKS, SELinux, Squid, Credstash, OSSEC, Google Cloud IAM

Services

Apache, AWS ELB/ALB/NLB, API Gateway, Cognito, Nginx, STONITH, Pacemaker, multipath, DNSmasq, Puma, Tomcat, Ping Identity, HAProxy, Tyk, CrushFTP, AWS Transfer Service, DNS(Route 53/Bind), Ansible Automation Platform Controller (Ansible Tower), Ansible Private Automation Hub (Galaxy), Velero

Storage and Filesystems

CloudFront, S3, RAID, LVM, iSCSI, XFS, ext4, NFS/EFS

Certifications

As a continuous learner, I used certifications as an objective external validation of my technical progress.

Musings and Mutterings through the Machines