Acho Eni
Design
Maryland , United States
Skills
DevOps
About
AWS CLOUD's skills align with Consultants and Specialists (Information and Communication Technology). AWS also has skills associated with System Developers and Analysts (Information and Communication Technology). AWS CLOUD has 11 years of work experience.
View more
Work Experience
AWS Cloud Engineer | Splunk Engineer - Captivator Technology Contract
Leveraged
February 2016 - May 2020
- EC2 Lifecycle Manager to create snapshots of EBS Volumes on and detective guardrails. * Managed Splunk Cluster Infrastructure (Installations and Configurations) using terraform, Ansible created Ansible playbooks to automatically install packages from a repository, to change the configuration of remotely configured machines and to deploy new builds. * Supported automated CI/CD processes for applications with Jenkins. * Built and managed dev and testing environments, assisting developers in debugging application issues on containers, monitored and troubleshot failed builds in various pipelines. Architected and configured Dev/Stage/QA environments in AWS (VPC, subnets, security groups, EC2 instances. * Configured VPC peering, subnet static routing, transit gateway, review Security Group * Policies, customized and developed guardrails, policies, centralized policy enforcement, tagging policies and a well architected multi account environment. * Enforced IAM best practices like MFA access key rotation, role-based permissions, and * NACLs, S3 bucket policies, ACLs, lifecycle rules on S3 buckets for easy accessibility, archiving and cost optimization. * Managed AMI, snapshots volumes and resource upgrades (e.g., CPU, Memory, EBS) * Assist with designing and implementing automation infrastructure for configuration management and orchestration deployment using Ansible. * Assist to design and implement highly available, scalable, and secure AWS Infrastructures using IAC tools such as Terraform. * Optimized cost through reserved instances, selection, and changing of EC2 instance types based on resource need, S3 storage classes and S3 lifecycle policies, leveraging Autoscaling, etc. * Designed and implemented Splunk-based best practice solutions. * Created Splunk Search Processing Language (SPL) and Regular expressions. * Created, maintained, supported, repaired, customized System & Splunk applications, search queries and dashboards. * Deployed new Splunk systems and Monitor Splunk internal logs from the monitoring Console (MC) to identify and troubleshoot existing or potential issues. * Creation of indexes, forwarder & indexer management, Splunk Field Extractor IFX, Search head Clustering, Indexer clustering, Splunk upgradation. * Installed and configured Splunk Enterprise environment on Linux, Configured Universal and Heavy forwarder. * Installed and configured Splunk clustered search head and Indexer, Deployment servers, Deployers. * Experienced in configuration of the Splunk input and output configuration files. Installed, configured, and managed Splunk Enterprise Security, created complex dashboards, forms, and visualizations. * Edited simple XML to create dashboards that use tokens. * Created Knowledge Objects, regex statement and Splunk instances. * Created Script to save old data into AWS Glacier. * Created users and roles, architecture planning, replication factor, search factor. * Correlated events from a Network, OS, Anti-Virus, IDS/ IPS, Firewalls or Proxies and analyzing them for possible threats, using complex SPL. * Installed and configured multiple Splunk apps and Add-ons including DB Connect, AWS Splunk App, Cisco Network App, Tanium, Palo Alto, Okta, Microsoft Active Directory. * Supported Splunk Premium Apps; Splunk ES * Configured hot, warm, and cold buckets to hold data for extended period. * Onboarded data from network equipment, endpoint protection, switches, and intrusion detection systems. * Provided Information Security Operations Center (ISOC) support, analyzed a variety of network and host-based security logs (Firewalls, NIDS, HIDS, Syslog, etc.), Application security scans and assessments.
Splunk Engineer - Northrop Grumman Contract
AWS/DevOps
May 2014 - February 2016
- * Installed and administered GIT source code tool and ensured the reliability of the application as well as designed the branching strategies for GIT. * Responsible for design and maintenance of the Subversion/GIT Repositories, views, and the access control strategies. * Extensive use of AWS CLI to automate backups of ephemeral data-stores to S3 buckets, * EBS and created custom AMI's for mission critical production servers as backups. * Working with DevOps practices using AWS, Elastic Bean stalk and Docker with Kubernetes. * Changing the AWS infrastructure Elastic Beanstalk to Docker with Kubernetes. * Implemented Continuous Integration and Continuous deployment using various CI Tools like Jenkins and Nexus. * Implemented Software provisioning and configuration management using ansible playbooks. * Wrote Ansible Playbooks with Python SSH as the Wrapper to Manage Configurations of AWS nodes and tested Playbooks on AWS instances using Python. Run Ansible Scripts to Provision and manage Dev Servers. * Developed scripts in Python to package log files and send them to a remote server. * Deployed applications to Application servers in an agile continuous integration environment and automated the whole process. * AWS Connect integrated with other AWS services such as Amazon s3, Amazon Kinesis, and Amazon Redshift, as well as third-party applications, such as Salesforce, Zendesk, and ServiceNow. * I have leverage and recommended AWS Connect can easily scale up or down to meet the changing needs of the environments in terms of scalability and giving the ability to add or remove agents as needed. * Leverage the Flexibility nature of AWS Connect to configured and support a wide range of contact center scenarios, including inbound and outbound voice, chat, and email. * Helped Designed, tested, and built Clustered Multisite Splunk Infrastructure. * Created Security documentations including Splunk Installation and Verification Instructions, Splunk Security Plan, Splunk Security SOP, Splunk Governance, Splunk Operational Support Instructions, Splunk Backup/DRP, Splunk Data onboarding procedure, * Configured Splunk to use internal certificates to encrypt Splunk-to-Splunk communication and forwarder-to-Splunk communications web SSL certificates. * Configured indexer auto-discovery for both dedicated and non-dedicated universal forwarders. * Use SAML configurations for single sign-on on all Search Heads and Monitoring Consoles, and LDAP configurations for all other Splunk servers. * Installed, customized and configured dozens of Splunk Apps and Add-ons from Splunk Base, including Apps for AWS, Box, PingFederate, Wombat, Cisco ISE, IronPort, McAfee, Active Directory, Avecto, Cylance, Symantec DLP, Venafi, Qualys, F5, CyberArk, ServiceNow, Bluecoat Proxy, Tanium, Sourcefire, Palo Alto, VMWare, Azure, Microsoft Office 365, Splunk App for CEF, F5 Remote Access, Virtual Desktop Service * Continuous monitoring and troubleshooting of Splunk infrastructure. * Configured and managed centralized syslog servers, over 1500 universal forwarders, and scripted inputs, ingesting over 1Terabytes of data daily. * Created dashboard panels for use Security cases including Authentication, Web, Vulnerabilities, Change Analysis, Network Traffic, Network Sessions, Intrusion Detection, Operation, Data Loss Prevention, Malware, Certificates, File Transfer, Email, Databases, and Cloud.
Linux Administrator - Blue Canopy
January 2013 - February 2014
- * Performed regular administrator activities like user creations, file system creations, network troubleshooting, access management. * Assisted with Installation, configuration and connecting RHEL servers. * Experienced in Virtualization (VMware ESXi 5.5, Hyper-V, and Oracle Virtual Box). * Hardening, and patching both Red Hat 6 and Solaris servers and upgrading new releases on standalone servers (using single user mode), and on production servers. * Used Puppet and Ansible as automation tools for application management and OS management. * Configure Apache, Tomcat, Nginx (Proxy + load Balancer), MySQL server on Red Hat 6 for virtual and web hosting, install and configure samba for quick publishing using third party web page maker. * Monitored and Maintained system configuration and log files and system error with password recovery and performance tuning, perform fault isolation and root-cause analysis of recurring issues. * Responsible for data management using Red Hat utilities for archiving, compression backup and restoration. * Experienced in Server monitoring, capacity planning, application monitoring with the help of Nagios, Cacti, Zabbix, Puppet, Splunk. * Assisted in implementing environment control mechanisms in server room to help increase life span of servers. * Monitored ticket trafficking with REMEDY and performed troubleshooting, maintenance, and operations of OS's. * Experienced in implementing and maintaining a LAMP stack web service environment; Apache Tomcat /MySQL/PHP. Handled installation and configuration of SQUID Web proxy. * Installation and configuration of DNS, DHCP, Active Directory, Print Server, Remote * Access, and VPN, Mail servers, file sharing and network drive mapping on Windows Server 2003. * Assist in creating AWS ec2 instances and creating user accounts as requested by developers.
AWS Cloud Engineer | Splunk Engineer - Deloitte Contract
May 2020 - Present
- * Architected and configured Dev/Stage/QA environments in AWS (VPC, subnets, security groups, EC2 instances. * Designed secure, cost-optimized, highly available and fault-tolerant architecture. * Designed and implemented Splunk-based best practice solutions. * Used Splunk Search Processing Language (SPL) and Regular expressions. * Created, maintained, supported, repaired, customized System & Splunk applications, search queries and dashboards. * Used Jira to plan, track, support and close requests, tickets, and incidents. * Used Terraform to provision and manage infrastructure resources by automation. * Terraform to maintain state files that reflect the current state of the infrastructure. * Deployed new Splunk systems and Monitor Splunk internal logs from the monitoring Console (MC) to identify and troubleshoot existing or potential issues. * Creation of indexes, forwarder & indexer management, Splunk Field Extractor IFX, Search head Clustering, Indexer clustering, Splunk upgradation. * Installed and configured Splunk Enterprise environment on Linux, Configured Universal and Heavy forwarder. * Installed and configured Splunk clustered search head and Indexer, Deployment servers, Deployers. * Expertise in using Terraform to create scripts to launch cloud infrastructure and manage, implemented all infrastructure deployments by maintaining clean Terraform code using Workspaces and modules and Hands on experience on Terraform for building, changing, and versioning infrastructure safely and efficiently. * Configured self-healing architecture, fail-over routing policies, multi-AZ deployment of EC2 instances, ELB health checks, Auto scaling, and other disaster recovery models. * Optimized cost through reserved instances, selection, and changing of EC2 instance types based on resource need, S3 storage classes and S3 lifecycle policies, leveraging Autoscaling, etc. * Experienced in configuration of the Splunk input and output configuration files. Installed, configured, and managed Splunk Enterprise Security, created complex dashboards, forms, and visualizations. * Edited simple XML to create dashboards that use tokens. * Created Knowledge Objects, regex statement and Splunk instances. * Created Script to save old data into AWS Glacier. * Customized and developed guardrails, policies, centralized policy enforcement, tagging policies and a well architected multi account environment. * Enforced IAM best practices like MFA access key rotation, role-based permissions, and NACLs, S3 bucket policies, ACLs, lifecycle rules on S3 buckets for easy accessibility, archiving and cost optimization. * Architected a secure infrastructure with a client VPN Endpoint to allow users to access resources to critical applications. * Managed AMI, snapshots volumes and resource upgrades (e.g. CPU, Memory, EBS) * Setup databases in RDS or within Linux EC2 instances. * Implemented access controls, biometric systems, single sign-on (SSO) configuration, smartcard authentication and NTFS permissions. * Implemented IPsec, Remote access deployment using RADIUS and TACACS+. * Encryption using both symmetric and asymmetric methods. * Maintained and managed certificates and Public Key Infrastructure (PKI). * Implemented business continuity Planning (BCP) for disaster recovery plan (DRP) and Data Loss Prevention (DLP). * Used Access Data Forensic Took Kit to scan compromised hard drives. * Assisted in implementing environment control mechanisms in server room to help increase life span of servers. * Setup secure mobile and BYOD devices using Mobile Device Management (MDM), Microsoft Intune Cloud. * App control using Mobile Application Management (MAM), geotagging and geofencing Inspection, IOS, Firewall and bandwidth. * Used Retina, Microsoft Baseline Security Analyzer (MBSA) and Nessus tools to scan rogue hosts, vulnerability assessment, Operating system hardening and penetration testing using Knoppix STD, Cisco Router and switching configurations; Spanning Tree Protocol (STP), VLANs and interVLANs, Trucking, switch security, remote access, route summarization, Open shortest path first (OSPF), EIGRP, DHCP, ACL, NTP, PPPoE, SNMP, Logs and NetFlow. * Setup Firewall rules, networks Security and hardening of instances using CIS benchmark and STIG. * Implementation of NFS, SAMBA file servers and SQUID proxy servers. * Created users and roles, architecture planning, replication factor, search factor. * Correlated events from a Network, OS, Anti-Virus, IDS/ IPS, Firewalls or Proxies and analyzing them for possible threats.