Close this

Arslan Younis

Development
New York, United States
Skills
DevOps
About
Arslan Younis's skills align with Programmers (Information and Communication Technology). Arslan also has skills associated with Consultants and Specialists (Information and Communication Technology). Arslan Younis has 8 years of work experience.
Work Experience

Sr. DevOps Engineer

CompoSecure
September 2021 - Present
  • Worked on supporting a Fintech application which stores various cryptocurrency coins and supports NFC connection to allow safe storage of digital customer assets. The application utilized NFC to verify connection to a cold-storage digital wallet. Utilized Web3 technology to support transfer of major coin types such as BTC, ETH, Litecoin, etc. • Exposure to blockchain and various crypto ledgers and providers. Supported implementation of open source blockbook API solution to replace Alchemy. • Created custom Terraform scripts and modules for the creation of AWS and Azure services and infrastructure • Utilized Terraform import to import existing resources and modernize the existing AWS environment. • Proficient in creating and managing Kubernetes(EKS and AKS) resources such as pods, deployments, services, and ingress controllers using YAML manifests and Helm charts. • Experience in setting up Kubernetes monitoring and logging using tools like Prometheus, Grafana, and ELK stack. • Proficient in implementing Kubernetes security best practices such as network policies, RBAC, and pod security policies with respect to various industry standards such as CIS/PCI. • Implemented varios Kubernetes deployment strategies such as blue-green deployment, canary deployment, and rolling update. • Created various Python scripts for automating various tickets, handling daily tasks, and hardening existing resources. • Scripted various Lambda functions in Python to handle service to service communication utilizing triggers, events, etc. • Troubleshooting and debugging Kubernetes issues using kubectl logs, events, and debugging tools. • Implemented and managed Jenkins pipelines for continuous integration and deployment of software applications. • Configured various Jenkins plugins, including Git, Docker, and Kubernetes, to streamline the CI/CD process. • Collaborated with development teams to create automated tests to help reduce manual testing efforts. • Conducted performance testing and optimization of Jenkins pipelines, improving build times by 30% and reducing infrastructure costs. • Integrated Jenkins with third-party tools such as JIRA and Slack, creating a more streamlined and transparent development workflow. Integrated Slack with various other applications for alerting • Developed and maintained Jenkins pipeline scripts using Groovy and other scripting languages. • Develop a deep understanding of client legacy application environments (not containerized) while working closely with clients on modernization efforts to containerize application • Collaborate with Architects, Engineers and Product Owners to leverage the legacy knowledge and help architect and build out a modernized deployments and jenkins pipelines. • Troubleshooted and resolved Jenkins pipeline issues, including build failures, issues with plugins, and conflicts, to ensure timely delivery of software releases. • Managing IAM users, groups, permissions, and roles for resource access management and security. • Creating object lifecycle policies to manage S3 object storage classes for optimizing storage and costs. As well as EBS volume lifecycle policy for data backups and rollbacks • Managed Azure Storage solutions, including Blob, File, and Table storage, optimizing data storage costs and improving data retrieval performance. • Setup WAF rules to harden application security, adding exceptions to rules such as allow and block policies, modified WAF rules which were blocking HTTPs requests. • Established and maintained a real-time security monitoring system with Imperva's technology, reducing response time to security incidents by 50%. • Integrated Imperva's DDoS protection into our network infrastructure, successfully defending against multiple large-scale DDoS attacks. • Implemented Azure Security Center and Azure Policy for advanced threat detection, security posture management, and compliance enforcement. • Managing and configuring Route 53 for DNS routes including configuring resource records for domain mapping. • Creating and deploying Cloudformation templates to provision and manage AWS services such as EC2, S3, subnets, IAM, as well as third party security tool integrations such as ArcticWolf, Tenable, etc • Monitoring infrastructure metrics and setting up alerts utilizing Cloudwatch and Cloudtrail. • Designed and implemented a multi-region, high-availability architecture in Azure, leveraging Azure Load Balancers, Traffic Manager, and Azure Site Recovery for disaster recovery. • Deployed and managed Azure virtual networks (VNets), implementing Network Security Groups (NSGs), and Azure Firewall for secure and isolated network environments. • Created custom Azure Monitor alerts and dashboards for real-time performance monitoring, utilizing Log Analytics and Application Insights for advanced troubleshooting. • Orchestrated complex deployments using Azure DevOps pipelines, incorporating Infrastructure as Code (IaC) principles with tools like Terraform or ARM templates. • Managing VPC, Vnet, subnets, and routing tables for network access including configuring public and private subnets. • Managing and addressing CSPM utilizing Security Hub alerts based on CIS, PCI, AWS Foundational, and others • Setup AWS VPN, with access to VPC's attached to a NAT gateway and limited to private IP CIDR ranges restricting access through public IP addresses. • Migrating applications from Azure to AWS, re-pointing DNS, modifying scripts, storing and migrating sensitive data • Experience working with AWS Organizations (SS0) in a multi account structure including but not limited to utilizing Cloudtrail, Firehose, VPN, Cloudformation StackSets, permission sets • Setting up and utilizing System Manager (SSM) to patch virtual machines and EKS nodes. • Deploying to demo, staging, prod environments, running regression tests after successful deployments, Scaling pods up and down based on load and deployment issues. • Automating pod deployments based on specifying parameters and images to clusters, configuring Manager and Worker nodes communication for kubernetes infrastructure. • Creating custom docker files and docker compose files for launching containers and testing in QA/PROD. • Monitoring containers and pods using Splunk and creating automated alerts for high priority incidents. • Configuring and provisioning servers by creating and deploying Ansible playbooks(static and dynamic). • Perform independent GIT code reviews and execute various tests on infrastructure developed by self and other junior team members on the project. Leaving comments and suggestions for improvements in code as well as best practices to ensure repo will be modular in the long run. • Build and configure delivery environments supporting jenkins API plugins, secrets, credentials, and dependencies, in an agile environment • Deliver end-to-end automation of deployment, monitoring and infrastructure management in a cloud environment • Creating and modifying re-usable terraform scripts to create security conscience resources. Utilizing modules, vars, statefiles, outputs, etc • Setting up environment variables for communication between multiple applications. • Experience working with and deploying python virtual environment versions. • Setting up automation for OS upgrades with respect to Python virtual environments and dependencies. • Automating system administration tasks utilizing python scripts for build packages importing OS Module. • Created dynamic ansible playbooks to harden VMs according to company standards as well as industry recognized CIS benchmarks • Configuring VM's utilizing ansible to prepare a backend server to host applications by pulling dependencies from Jfrog, cloning repositories, packaging code, etc • Utilizing ansible to manage, patch, create new users, deploy security agents to servers • Managing Github repositories, pushing, pulling, cloning, and merging branches including managing git workflow. • Utilizing branching strategies such as dev, features, hotfix, collaborating with the development team. • Troubleshooting Jenkins pipelines upon build failures, checking logs, fixing version tags, etc • Manage and troubleshoot Jenkins plugins to ensure compatibility with other softwares. • Deploying and configuring Nagios for constant monitoring of network bandwidth and memory usage. • Providing agile support operations solutions for the Software Development Lifecycle (SDLC). • Collaborating alongside Development, QA, and Engineering teams to manage releases for our sprints.

DevOps Engineer

Cloud
June 2016 - August 2021
  • Experienced working with various web applications to support largescale media, also assisted in migration efforts from on-prem to multi-cloud environment. • Managed Azure Active Directory, Azure AD B2B, and Azure AD B2C implementations for seamless identity and access management. • Vertically and Horizontally scaling VMs utilizing Auto Scaling Groups based on various metrics and custom target groups • Designed and implemented Azure hybrid cloud solutions, seamlessly connecting on-premises infrastructure with Azure using Azure ExpressRoute and Azure VPN Gateway. • Integrated Azure Security Center to ingest Azure WAF logs and alerts, enabling real-time monitoring and timely incident response. • Develop solutions following established technical design, documentation, application deployment strategy and quality infrastructure with respect to existing methods and compliance standards. • Developed custom WAF policies in Azure to safeguard web applications against SQL injection, cross-site scripting (XSS), and other common web vulnerabilities, resulting in a 35% reduction in security incidents. • Creating and managing S3 buckets, utilizing several storage classes(standard, infrequent-access, glacier, one-zone). • Creating and deploying Cloudformation templates to provision and manage AWS services such as EC2, S3, subnets, IAM, as well as integration to third party security tools such as ArcticWolf, Tenable, etc • Migrating from on premises servers to AWS Cloud and Azure using various cloud native services. • Managing and operating MySQL, MariaDB, PostgreSQL databases deployments utilizing RDS. • Configuring firewalls using Network ACL to manage inbound and outbound traffic to VPC subnets. • Horizontally scaling instances utilizing Auto Scaling Groups based on various metrics and custom target groups • Configuring elasticache with edge locations to improve the performance of web servers and applications . • Deployed updates using Jenkins, and resolved issues by communicating with multiple dev teams. • Working on mission critical applications and assisting the development team with deploying applications. • Managing several services associated with Linux systems(NFS, SMTP, FTP, NTP, TFTP, DNS, PXE, DHCP). • Creating and managing storage and partitions using LVM, and configuring snapshots for backups. • Deploying, managing, provisioning, troubleshooting applications and web servers(apache, https, nginx, tomcat). • Setup static NFS server and established connection with client servers, created scripts to create connectivity between existing server and new clients • Utilizing nginx as a load balancer and a reverse proxy for all internally hosted web applications. • Resolving networking issues existing within the different layers of the OSI Model. • Troubleshooting system by interrupting boot process and entering single user and rescue mode. • Writing bash scripts to automate system tasks such as backups, manual processes, and creating build packages. • Installing and provisioning VMware ESXi hypervisor on bare metal servers, including network setup, access permissions, and spinning up virtual machines for multiple teams and environments. • Monitoring systems and setting up alerts using Nagios, with NRPE plugins and resolving any issues. • Writing, revising, and collaborating on documentation on Atlassian Confluence regarding team processes.
Education

College of Staten Island

BSEE
January 2013 - June 2017