Summary
Overview
Work History
Education
Skills
Websites
Certification
Timeline
Generic

Avinash Baroth

Charlotte,NC

Summary

11 Years of professional experience in the IT industry as a Cloud DevSecOps engineer. Extensively worked towards Cloud migrations, Infrastructure automation, Applications and Security management, by designing and implementing highly scalable and robust solutions and worked towards simplifying deployment patterns with secure CI/CD pipelines for multiple cloud environments.

Skilled in identifying opportunities for technological enhancements and implementing effective solutions. Excels in adapting to fast-paced environments and driving technological advancements. Enthusiastic team player ready to contribute to company success.

Overview

14
14
years of professional experience
1
1
Certification

Work History

Sr Cloud DevSecOps Engineer

FedPoint
09.2023 - Current
  • Worked on setting up AWS cloud platform from scratch by working with the Business and IT stakeholders to align with the business goals.
  • Enabled AWS Control tower and Landing Zone Accelerator (LZA) and automated AWS account creation and setup process with all the account level resources like security, network, custom resources, global, IAM controls across the Organizational units and accounts.
  • Utilized AWS MAP program by using three phased approach to migrate on-premises workloads to AWS and utilized nOps to get real time visibility for via MAP credits.
  • Leading AI Accelerator Engineering project and assisted in enabling AWS Bedrock foundational models (FM) like Claude, Titan LLMs for Code Conversion and other AI use cases.
  • Implemented Retrieval Augmented generation (RAG) pipeline using Bedrock Knowledge Bases with Vector embedding stored in OpenSearch Serverless.
  • Configured IAM policies and VPC endpoints like OpenSearch server less for secure Bedrock model access.
  • Served as the single point of accountability for various programs stakeholders across multiple IT cloud projects. Participate in all aspects of the Software Development Life Cycle (SDLC) including Agile Development process (backlog/scrum).
  • Designed AWS network topology VPC, TGW, DNS, DX and automated Palo Alto firewall Combined design with autoscaling groups setup using terraform as Infrastructure as Code (IaC) and deployed all required resources.
  • Worked with all Lines Of Business Directors and Finance team and created a roadmap to establish cloud financial governance and built a cloud FinOps function for cost transparency, optimize cloud spend and forecast accuracy.
  • Implemented detective guardrails using Cloud custodian policies and AWS Config and developed Service control policies (SCPs) specific to various line of businesses and applied at AWS organizational units.
  • Enabled NIST 800-53, FedRamp, CIS, and PCI controls in AWS Security hub and worked on mitigating security findings to meet ATO guideline for the cloud infrastructure.
  • Written Cloud formation templates to create service catalog products for the secure by design and maintained sandbox, nonprd and prod portfolios across AWS OUs.
  • Worked closely with Enterprise architect in modernization of Applications. Developed Event-Driven Micro-services architecture designs and migrated 20plus applications to the Cloud using AWS Server-less services.
  • Written GitHub workflows to deploy various IaC components like Cloudformation templates and terraform modules a container based applications to deploying to Amazon ECS.
  • Onboarded GitHub (GHE) account and managed GitHub Organization as owner, and assisted in migrating 200+ SVN and CodeCommit repositories to the Github.
  • Established GitHub OIDC trust with the AWS accounts and automated IAM roles creation to grant access to the workflows with Terraform module.
  • Developed and implemented Software Release Management strategies for various applications deployed to cloud by aligning with the application tech leads and business analysts.
  • Improved deployment and configuration of SERVER-LESS components like lambda, ECS, ECR, EventBridge, SNS, and SQS, API Gateway, DynamoDB, AWS Transfer Family, CloudWatch, and Kafka resources with SAM templates.
  • Created documents on the build and release process and order of activities for all releases, and how to articles on DevOps practices and processes as user guide for developers.
  • Developed CI/CD Framework for AWS workloads by setting up AWS code pipelines, CodeDeploy from scratch using AWS Cloud Formation templates to deploy Devops and application resources across AWS accounts and On-premise.
  • Improved legacy pipeline process by including automated testing framework using and Security stage for SAST, SCA, DAST scans of 120+ projects binary source code and internally developed web applications by integrating with Veracode scanning.
  • Enabled AWS Inspector, to run scans on AWS resources and used checkov in pipeline processes for IaC cloud formation templates scanning to make sure IaC templates are compliant with AWS best practices.

Lead Cloud DevSecOps Engineer

New York Power Authority
08.2022 - 09.2023
  • As a member of the Enterprise review board, reviewed and built architectural frameworks that were inline with AWS best practices with the Well Architecture Framework.
  • Maintained cloud infrastructure services to ensure adherence with Enterprise Architecture, IT security policies, and best practices in cloud security.
  • Automated AWS and Azure Cloud platform workloads using Terraform, and created Terraform modules for infrastructure as Code (IaC), and refactored Monolithic Terraform configurations.
  • Designed AWS Organization Structure to manage accounts and created AWS Service Catalog products and portfolios for IaC.
  • Identified cloud cost abnormalities and provide insights into its financial impact and developed solutions for supporting needed changes for cloud cost optimization.
  • Identified orphan and underutilized cloud resources in AWS, and Azure environments and recommended solutions that reduced quarterly spend by $45,000.
  • Managed Kubernetes charts using Helm, created reproducible builds of the Kubernetes applications, managed Kubernetes manifest files and releases of Helm packages.
  • Worked closely with Data services team and assisted in designing and implementing data pipelines using AWS services such as S3, Glue, DMS, RedShift and EMR.
  • Implemented AWS step functions to automate and orchestrate the Amazon SageMarker related task such as publishing data to s3, training ML model and deploying it to production.
  • Setup the AWS QuickSight ((QS)account and created QS data sources, and data sets and generated reports and dashboards in QS Analytics.
  • Developed automation code for building 100+ pipelines, Kubernetes clusters, and cloud infrastructure, maximizing 60% efficiency, performance, and security through the deployment process.
  • Created Azure DevOps pipelines and maintained Agent pools for various platforms to support application deployments and to provision infrastructure resources in the Resource Groups.
  • Utilized Fortify’s SAST solution to help deliver SDLC shift to left model by setting up automated scans on hundreds of repositories that are built via CICD pipeline. Integrated Fortify on Azure build pipelines.
  • Created service hook for Azure Devops with Jenkins when code commit is made to Azure repos, also worked on migrating Jenkins pipelines to Azure pipelines.
  • Monitored Application performance using Splunk, created indexes specific to application.
  • Worked closely with Splunk support engineers on configuring end-to-end Splunk ITIS service analyzer for applications and created Dashboards to monitor application, and DB servers.
  • Improved support processes, monitor standards, and established Service Level Agreements for the cloud services platform by working with ITSM team.
  • Worked with lines of businesses to implement savings opportunities within their cloud footprints and applications.
  • Used Ansible, packer templates and AWS image builder service to create hardened AMIs for AWS workloads with CIS benchmarking and cyber tools agents.
  • Implemented site-to-site private VPN over AWS direct connect to encrypt data in transit to meet the Zero Trust Framework. Configured ELB, ALB, general networking principles, firewalls, routing technologies and DNS (Route 53).
  • Created and developed customize CloudFormation templates to deploy RedHat OpenShift clusters and IBM ACE CP4I in the AWS cloud and supported in migration of 230 middleware integration message flows.
  • Effective Change Management using Change Control tools like (Jira, Service Now, etc).
    Effective Incident Control Management using tools like Remedy, ServiceNow, and JIRA. (Recording Incident, Impact to customer, RCA, CRQ, Corrective Preventive Actions, Generating Service Exception Report).

Sr. Cloud DevOps Engineer

Liberty Mutual Insurance
02.2016 - 07.2022
  • Designed, built, and deployed a multitude applications utilizing almost all the AWS stack focusing on high-availability, fault tolerance, and auto-scaling with Cloud watch monitoring.
  • Built AWS cloud footprint around business units, maintained 5,000 plus cloud resources in 40Plus AWS accounts cross multiple regions.
  • Conducted 1000 plus office hour meetings as Cloud DevOps SME to help GRS, Underwriting, and Claim Center development teams with the cloud solutions and develop applications build and deployment pipelines.
  • Automated the release pipeline to achieve zero touch deployments using Bamboo. Utilized Kubernetes and Docker for the runtime environment of the CI/CD system to build, scan, and deploy.
  • Configured and maintained Bamboo build and deployment pipelines to implement the CI/CD process and integrated the tools with Ant and Maven to schedule and trigger the pipelines.
  • Worked with MAVEN for building the application, has written MAVEN scripts and shell scripts to automate the build process. Used gradle and maven for building applications and written structured pom which can be consumed by Bamboo.
  • Developed and maintained Cloud solutions using AWS services (EC2, VPC, S3, DynamoDB, Elastic Cache, SNS, SQS, ECS, EFS, DirectConnect (DX), Transit Gateway, RDS, CloudFormation, API Gateway, Lambda, EMR and Redshift).
  • Coordinated and assisted developers in establishing and applying appropriate branching, labeling/naming conventions using GIT, SVN source control.
  • Package, test, configure, and deploy software applications (Test Driven Development, CI/CD, and DevOps).
  • Configured Jfrog artifactory management repositories to keep version-controlled artifacts for build and deployments.
  • Retired on-premise datacenter in the Canada region by migrated 70 applications and backup servers out of the datacenter into AWS cost which resulted in $ 4 million cost saving.
  • Established the change control in response to approved issues and maintained the revision management.
  • Experience in deploying and monitoring micro-services on various platforms like AWS EKS and Kubernetes. Developed Kubernetes Pod definitions, deployments and used Helm charts to version control complement deployment strategies.
  • Designed roles and groups for users and resources using AWS Identity Access Management (IAM).
  • Coordinated with Underwriting, Claim Center dev teams for designing and development of effective Enterprise Content Management (ECM) Alfresco deployment solutions in cloud environment to manage 8.5 billion records.
  • Involved and experience in Data Lake project includes big data stacks, EMR clusters, RedShift, Hadoop, AWS Glue, AWS Athena, Parque, Spark, and Hive.
  • Developed CICD framework for data lake projects, automated creation of EMR cluster, Glue Tables creations, and developed cost optimization solution on the EMR cluster management.
  • Worked with cloud architect team and supported multiple application teams by delivering AWS solutions, Cost analysis, DR Setup, Performance analysis, and built cloud forge micro-services and automated cloud management.
  • Provided highly durable and available data by using S3 data store, versioning, lifecycle policies, and create AMIs for mission critical production servers for backup and cross region implementation.
  • Developed and maintained Disaster Recovery solutions (Cross Region Replication, Same Region Replication, and Cloud to on-premises) to meet business and regulatory requirements.
  • Provided technical assistance for designing and development of customized SaaS solutions.
  • Assisted Scrum team in preparing the Sprint backlog and extensively worked in Scrum environment with active involvement in daily meetings.
  • Used JIRA, and Remedy to track issues, releases and for Change Management.
  • Worked with development/testing, deployment, systems/infrastructure, and project teams to ensure continuous operation of build and test systems.
  • Monitored application and system performance using New Relic, and monitored logs using Splunk, and Sumo logic for a better understanding and operation of the system.

Linux Engineer

Cheric Information Network Technologies Pvt Ltd, India
06.2011 - 07.2013
  • Installation, Maintenance, Administration and troubleshooting of Linux OS, Sun Solaris 9,10 and Red hat 9, AS 3.0 servers on various hardware platforms that include Sun 4800, V480, 280R, 4500, 3500, Dell 6400, 2400, 1800 etc.
  • Performed automated installations of Operating System using Jumpstart for Solaris and Kick-start for Linux.
  • Extensively worked on hard disk mirroring and stripe with parity using RAID controllers.
  • Performing Patching/Upgrading/Rebuilding/Live upgrading Solaris or Linux Servers.
  • Developed, customized and build packages on Solaris and RPMs, YUM and Tar balls on Linux for deployment on various servers through Software Development Life Cycle.
  • Worked with Apache and developed several UNIX scripts to automate web tasks.
  • Effective Source Control Management using tools like SVN and GIT.
  • Maintained the Tags, Branching and merging the code in the parallel development of two phases and applied the vendor patches to the Trunk and All branches in Subversion Repository.Documenting the process of code promotion, defect tracking and user guide for Subversion. Maintained users’ security on SVN.
  • Network trouble shooting using ndd, Trace route, net stat, ipconfig and snoop.

Education

Master of Computers Science - Information Security Systems

University of The Cumberland’s
Williamsburg, KY
08.2019

Master of Business Administration -

Arkansas State University
Jonesboro, AR
12.2015

Skills

  • Amazon Web Services (AWS)
  • Microsoft Azure
  • GITHub Actions
  • Azure DevOps
  • Bamboo
  • Jenkins
  • AWS CodePipeline
  • UDeploy
  • Aurora
  • MySQL
  • DynamoDB
  • PostgreSQL
  • MongoDB
  • Ansible
  • Puppet
  • Chef
  • Shell
  • Bash
  • Terraform
  • Go
  • Python
  • Groovy
  • RHEL
  • Ubuntu
  • Docker
  • EKS
  • ECS
  • Kubernetes
  • Helm
  • Openshift
  • GIT
  • GitHub
  • Bit Bucket
  • CodeCommit
  • Azure Repos
  • BGP
  • DNS
  • DHCP
  • VPC
  • Direct Connect
  • TGW
  • Route53
  • Oracle WebLogic
  • Tomcat
  • Apache
  • JBoss
  • Splunk
  • Sumologic
  • New Relic
  • Jira
  • ServiceNow
  • Packer
  • Consul
  • Nginx

Certification

AWS Certified Solutions Architect Professional

Timeline

Sr Cloud DevSecOps Engineer

FedPoint
09.2023 - Current

Lead Cloud DevSecOps Engineer

New York Power Authority
08.2022 - 09.2023

Sr. Cloud DevOps Engineer

Liberty Mutual Insurance
02.2016 - 07.2022

Linux Engineer

Cheric Information Network Technologies Pvt Ltd, India
06.2011 - 07.2013

Master of Computers Science - Information Security Systems

University of The Cumberland’s

Master of Business Administration -

Arkansas State University

Similar Profiles

CREATE PROFILE
Avinash Baroth