Close this

Ajay Kumar

Development
tx, United States

Skills

Cloud Computing

About

Ajay Kumar's skills align with Consultants and Specialists (Information and Communication Technology). Ajay also has skills associated with System Developers and Analysts (Information and Communication Technology). Ajay Kumar has 7 years of work experience.
View more

Work Experience

Cloud Engineer

TECHEAD
January 2017 - March 2020
  • Roles & Responsibilities: * Experience of working with Azure Monitoring, Data Factory, Traffic Manager, Service Bus, Key Vault, Azure Firewall, Custom RBAC roles and ARM Templates. * Worked on various Azure services like Compute (Web Roles, Worker Roles), Azure Websites, SQL Azure, Storage, Network services, Azure Active Directory, API Management, Scheduling, Auto Scaling, and PowerShell Automation. * Deployed Azure IaaS virtual machines (VMs) and Cloud services (PaaS role instances) into secure VNets and subnets. * Used Azure Express Route to establish connections to Microsoft cloud services such as Microsoft Azure, Office 365, and Dynamic 365. * Working as a technical leader alongside customer, business, development and infrastructure teams. * Collaborate with Application, development and quality engineers to identify and resolve critical performance issues with our offerings and help guide Cloud and Hybrid solutions. * Work with the team to organize and break down epics and user stories, identify tasks, provide estimates and execute to meet scheduled targets based on Design Created as an Architect. * Provide effective documentation and presentations of the requirements and architecture of the system while adapting conversations to match the audience's level of technical understanding. * Translate business needs into engineering user stories providing the context necessary for full understanding, negotiation and facilitation of engineering questions * Experience migrating or transforming legacy customer solutions to the cloud in partnership with MSP Or Inhouse Teams. * Leading technical and design discussions with IT executives to help enterprises speed up their adoption of new technologies and practices. * Administrating and supporting company's Azure Kubernetes infrastructure, ensuring it is secure, resilient and performance and responsible for complete DevOps activities and coordinating with development team. * Working as Kubernetes Administrator, involved in configuration for web apps, Azure App services, Azure Application insights, Azure Application gateway, Azure DNS, Azure traffic manager, App services. * Involved in establishing connection from Azure to On-premises datacenter using Azure ExpressRoute for Single and Multi-subscription connectivity. * Designing, Implementing and Configuring Azure Infrastructure as Per Microsoft Standards and creating Architecture patterns. * Responsible in restricting access to Developers using Custom/MS default RBAC roles in order to restrict users to create resources without proper request and approval process and save cost. * Implemented Cost Control on Cloud and Computed the Cost of Cloud Components, Shared the Best Option to Management based on implementing Enterprise costing like Apptio, Azure Cost Center and Cloudyn. * Implemented Catalog technique to utilize Reserved Instances to save the Cost in Millions based on the reports from Enterprise costing tools Cloud health. * Implemented Azure Firewall that is a managed, cloud-based network security service for protection of Azure Virtual Network resources for high availability and unrestricted cloud scalability. * Implemented Azure Web Application Firewall using the Templates to protect Web Vulnerabilities and attacks like SQL Injection cross-site scripting protection etc. * Lead an Enterprise Cloud adoption project for moving the workload from on-premises data center to Azure cloud in multiple phases like assessment, cost computing, refactoring of infrastructure for cloud compatibility. * Leading the Presentation on proposed Architecture in Architecture review Board and Security Review Board Based on IT for IT framework. * Responsible for implementing Azure Application Gateway to replace F5 which helped saving around three hundred thousand dollars in terms of appliance and support of F5. * Worked on Azure CLI/PowerShell for managing Azure resources. * Defining the guidance to assess the security of the solution and getting it cleared from security review board by Providing the details on security on Application and Implementing Correct VNet, Subnet, UDR, NSG and Firewall Rules. * Leading Dev/Ops team for Setting up CI/CD pipeline using Git and automating the deployment of code using Azure DevOps (Formerly VSTS). * Proactivity exploring new technologies for Enterprise portfolio and conducting POCs as per management * Assist the management and delivering of large projects involving Teams and 3rd Party Vendors * Continuing to develop relationships with Teams, Vendors for Successful implementations of projects with in organization. * Work with company's Infrastructure, Cloud Engineers, DevOps and operations team to deploy and support the product in production. * Deployed Sample app services, web api, App Gateways, VNet, Subnets, NSG's and other azure resources for POC using automated Deployments. * Successfully designed and configured Azure Virtual Networks (VNets), VNET Peering, subnets, Azure network settings, DHCP address blocks, DNS settings, and security policies and routing. * Expert in deploying Azure IaaS virtual machines (VMs) and Cloud services (PaaS role instances) into secure VNets and subnets. * Designed Azure resource tagging standards and cloud governance standards. * Created Technical solution documentation using Microsoft Visio. * Documented App to Infrastructure Architects using Visio for Missing Architecture for Enterprise Architect Team * Implemented Azure Key Vault for securely storing and accessing secrets for anything that we want to tightly control access to, such as API keys, passwords, or certificates. * Created Custom VM Image on Azure and have them in Azure Private image gallery for Future Infrastructure Deployment using sysprep method CIS hardened. * Computed the Cost of Cloud Components and Shared the Best Option to Management based on Costing Pros and Cons. * Configured Express Route private peering to Setup the Integration of Corporate Network with Microsoft Azure Network and Configured peering and VNet-to-VNet between different regions as well as between different Subscriptions. * Experience working with Azure Datalake Gen1 and Datalake Gen2 and setting up the Access Controls ACL permissions to restrict Service Principal or the user to get access to other Folders/Files. * Have experience with setting up the Azure Data Factory V2 Pipelines/configuring the Cloud based Integration Runtime. * Configuring Inbound and Outbound Rules on Network Security Group for Implementing Proper Network access for VM Hosted in Azure. * Configured Firewall Rules for PaaS offerings for Components like SQL DB, SQL DW DB, Data Store, and Data Factory, etc available on Azure Market Place and Integrated with Active Directory. * Designed, and Enabled Azure AD on Azure Portal to Track Sign in and Sing Out on Portal along with Multi-Factor Authentication Enterprise wide. * Configured AD sync in collaboration for Enterprise AD team to set up the AD Sync for Azure AD and On-Prem AD Server. * Provisioning Windows, Linux System along with Configuration in Azure Cloud using ARM template. * Designed the Hardening policy for windows and Linux OS systems as per CIS standards. * Implemented Recovery Services Vault in Azure for Azure Backup of Virtual Machine hosted in IaaS and On Prem. * Installed and Configured the Azure Data Factory Integration Runtime for Uploading the data file to Azure. * Configuring the Azure VM to Receive the OS updates from Update Management to Apply Latest Windows OS patches. * Configuring and Setting up Azure Security Center and Management policies for Entire Azure Subscriptions for Vulnerability assessment, alerts and Errors and resolving those according to SLA. * Installed and Configured the Azure Data Factory Integration Runtime for Uploading the data file to Azure. * Configuration and Implementing Application firewall rules on Azure, NSG Firewall Rule for Service endpoint in PaaS and IaaS Azure offering for secure use of Cloud Environment. * Leading the database administration on Cloud IaaS and PaaS platform and implemented the security, DR, backup, Restores and privileged account for Database technologies like SQL server, MySQL, PostgreSQL. * Created custom script to for the template while creating VM using custom CIS hardened image to install SQL and provision users and install Trend Micro Antivirus on the fly. * Implemented Azure Machine Learning workspace so the user can build, test and deploy predictive analysis on the data. * Implemented adlstool for Datalake for applying ACL permissions which saved a lot of time for applying permissions to 1 Million files took less than 10 min, which typically takes days if we use portal or PowerShell. * Implemented Azure Bot Service and Bot Framework provide tools to build, test, deploy, and manage intelligent bots, all in one place. Using modular and extensible framework provided by the SDK, tools, templates, and AI services developer were able to create bots that use speech, understand natural language, handle questions and answers. * Good hands-on experience in converting a vast majority of Classic resources to ARM (Azure Resource Manager) model.

Cloud Engineer

MCD
March 2020 - Present
  • Roles & Responsibilities: * Developed strategy along with Customer collaboration on migration and discovery of the legacy servers and dependencies. * Worked on Service Now tool for tickets/incidents and did initial triage to determine the priority of the issues * Experienced in Data Transformations, Data Loading, Database Modeling and Performance Tuning. * Identify stakeholders to develop and document organizational requirements for the present DC details and dependencies on different modalities * Knowledge and understanding of Azure VMWare solutions * Created assessments for Azure readiness. * Analyze and create assessments on the present data center and give recommendations to Infrastructure specs like data discovery and collection of CMDB from ServiceNow. * Design end-state architecture, migration plan, validation plan, back-up plan, roll-back plan and cutover plan and assist in the development of the migration project plan. * Configured failover and Azure Site Recovery * Good knowledge and understanding of protection groups of VMWare along with scope replication from one location to another. * Plan and schedule cutover and decommissioning of legacy environment which are migrated to the Azure Cloud. * Developed solutions that meet the client's requirements and constraints. * Performed all non-emergency disruptive maintenance, repairs, and upgrades (operating system upgrades, server refresh, installs etc.) during non-business hours or as coordinated. * Conducted Lift and Shift Migration that helped customer seamless migration and cost saving. * Leverage azure RI (reserved instances) and Hybrid Licensing for cost saving. * Worked with Terraform Templates to automate the Azure Iaas virtual machines using terraform modules and deployed virtual machine scale sets in production environment. * Written Templates for Azure Infrastructure as code using Terraform to build staging and production environments. Integrated Azure Log Analytics with Azure VMs for monitoring the log files, store them and track metrics and used Terraform as a tool, Managed different infrastructure resources Cloud, VMware, and Docker containers. * Creating and managing Network security Groups for Virtual machines and Virtual Networks for security purposes. * Ensuring security and compliance of cloud environment. * Responsible for managing, maintaining, monitoring, and securing (including data security) on all servers including installations, upgrades, patches. * Involved in Cloud Security Infrastructure and design for client's in-house Azure Applications * Perform cloud security risk assessment for cloud applications already in Azure * Performed security assessment on a newly proposed Azure AD structure * Automated monthly patch maintenance of all Windows Servers using update management. * Responsible provisioning Azure Databricks and spinning up the Clusters and Implemented SCIM for Azure Databricks to create users using Active Directory Groups in Databricks workspace * Experience in monitoring Databricks, cost optimization and performance. * Implemented terraform scripts for setting up the CICD pipelined for deploying the Infrastructure in dedicated vnets. * Implemented Cloud security controls in SecOps including but not limited to Encryption, Tagging, Container security, Golden AMI policy, NSG management, Service Endpoints, DDoS, Integrating 3 rd party services such as QRadar, Qualys

Education

Master's in computers and information Systems