Chukwuebuka Ben Israel
Development
DE, United States
Skills
DevOps
About
CHUKWUEBUKA BEN ISRAEL's skills align with Consultants and Specialists (Information and Communication Technology). CHUKWUEBUKA also has skills associated with Programmers (Information and Communication Technology). CHUKWUEBUKA BEN ISRAEL has 10 years of work experience, with 2 years of management experience, including a low-level position.
View more
Work Experience
Senior Security Engineer/SecOps/Cloud Engineer Contractor
Food and Drug Administration
March 2023 - Present
- March 2023 - Present Conducted comprehensive compliance scanning and security control implementations in line with NIST-800-53 guidelines, leveraging Rapid7 InsightVM and Veracode for enhanced vulnerability management. Developed and implemented automations for system and network operations, utilizing Python, Ruby, Bash, Groovy scripts languages for orchestration of GCP resources, optimizing operational workflows and enhancing scalability. Implemented and maintained continuous compliance strategies, integrating Cloud Custodian and Azure Security tools for cloud environment security management. Integrated Terraform with compliance scanning tools such as Cloud Custodian and Azure Security for continuous compliance management in alignment with NIST-800-53 guidelines. Developed Terraform scripts to automate infrastructure provisioning and configuration management, enhancing scalability and operational efficiency. Designed and maintained robust monitoring and logging solutions on GCP using Stackdriver Logging, Monitoring, and Trace, coupled with custom Python scripts, for real-time threat detection and incident response. Incorporating InsightAppSec, InsightCloudSec, and Splunk for robust security coverage. Maintained and optimized Identity Access Management systems, ensuring secure access controls and user authentication processes. Developed secure deployment modules using Infrastructure as Code practices, specifically Terraform, Hashicorp Vault, achieving repeated and reliable deployment processes. Analyzed SIEM events and alerts, employing InsightIDR for effective security incident detection and response. Led incident response initiatives, effectively managing security breaches and mitigating risks. Detected and addressed anomalous behavior using AWS Config, Guard Duty, and Inspector, enhancing system security and threat detection capabilities. Implemented Single Sign-On (SSO) technologies, streamlining user authentication and access management. Implemented GCP-native security controls and configurations to ensure continuous compliance, integrating tools like Forseti Security and Google Cloud IAM for efficient access management and policy enforcement to enforce least privilege access and strengthen overall security posture. Actively participated in change management processes, ensuring smooth and secure transitions during system upgrades and modifications.
DevSecOps/DevOps Lead Contractor
General Dynamics Information Technology
April 2021 - February 2023
- April 2021 - February 2023 Works with security team to support scans and patching of systems/services. Works with DevSecOps team to support CI/CD pipelines. Development of a robust Kubernetes Networking framework and REST API to support critical programs such as United States Health and Human Services (HHS) & CMS, leveraging GCP's Kubernetes Engine (GKE) and Istio for enhanced network security and communication. Develops Cloud Formation templates for automation of infrastructure as code and python-based tooling. Performs basic administration of PaaS, SaaS, and self-managed solution components (e.g., DataBricks, Snowflake, Splunk). Supports the management of a diverse cloud environment spanning AWS, Azure, and GCP, utilizing technologies such as EKS, CloudFormation, Terraform, Python, and Ansible to orchestrate infrastructure and deploy applications. Implements automation solutions using Cloudbees Jenkins and Apigee for efficient resource management and application delivery. Oversees infrastructure integration on AWS, Azure, and GCP, including installing, configuring, testing and maintaining operating systems, application software, system management tools, and Database Administration.
Senior DevSecOps Engineer
CGI Federal
April 2020 - August 2022
- Implement several common continuous deployment use cases using AWS & Azure technologies, including blue/green deployment and A/B testing. Responsible for automating platform deployments, including DEV, TEST and PROD; in GovCloud environments. Provide hands-on support for CI/CD and other automation initiatives (e.g. Ansible, Apigee API Manager, Jenkins or similar technologies). Deploy updates, fixes and patches as needed. Monitor all systems for health (e.g. Datadog, Prometheus, Cloudwatch, Tenable Nessus, Grafana, Nagios etc.). Formatting Big Data for presentation and visualization using Tableau & ELK. Experience with open technologies like Jenkins, Gradle, Maven, DevSecOps and related Infrastructure as Code (IaC) tools, including Docker, Kubernetes, Elasticsearch ECS, OpenShift, Jenkins, GitHub, Foreman, Git, CrowdStrike, Qualys, Palo-Alto Panorama, Lacework, and others. Solid understanding of and experience with provisioning and managing infrastructure as well as applications in cloud environments. Experience with security within DAST and SAST with Prisma Cloud, Aqua Security, TwistLock, Veracode, SonarQube, &Tenable Nessus Automation of functions using Lambda and Messaging services RabbitMQ, Apache Kafka (e.g. Python BOTO3 Scripting & Automation)
Software Development Contractor
12 Solutions LLC
March 2021 - March 2022
- Part of the Cloud Services Division (Agile Environment) that provides support for data management, availability, and access controls of overall Jenkins shared Library CI/CD on AWS and GCP. • Extensive Uses infrastructure as code to script, deploy, and maintain infrastructure and services. Utilizes configuration management to assist the team in patching servers and deploying software updates across multiple environments. Experience with working closely with Release Management teams as well as Automation Testing teams. Overseeing Software Development lifecycle; GitHub code peer-review, publication, and merger Experience in leading and evolving CI/CD processes leveraging the DevSecOps frameworks working in an Agile environment. Vulnerability management using key industrial security tools and best practices; OWASP top ten, NIST, CIS, OSI, PCI DSS, CISA, etc. Hands-on experience working in the field of SecOps; utilizing tools like Veracode, Twistlock, Sonatype Nexus Repository, Foreman, & IaC tools Terraform and Ansible. Understanding programming languages such as Bash, Python, and Groovy.
DevSecOps Engineer
Tripoint Solutions - National Institute of Health (NIH NITAAC)
August 2019 - August 2020
- Develop and maintain Infrastructure as Code (IaC) using both AWS Cloud Formation and HashiCorp Terraform Experience using Jenkins & AWS Code pipeline with testing and scanning into a fully automated CI/CD deployment to a Dev, Testing, & Production environments Worked with containerization of environments, using Docker, Kubernetes, HELM, AWS EKS, ECS, and AWS Fargate Built Automation processes for blue-green & Canary deployment using Terraform, Golden Images, and AWS Autoscaling processes Maintained an up-to-date environment using AWS Systems Manager with managed and custom XML, JSON and YAML for configuration Developed and maintained basic serverless functions using Lambda and Messaging services Experience using Postman, SwaggerHub, and Apigee & Veracode for API management, SonarQube, Katalon acceptance testing, HashiCorp Boundary, Hashicorp Vault, AWS OpsWork, Trend Micro Deep Security intrusion and system integrity monitoring and Fortify, Atlassian Tool Admin, Monitoring and Tracing using Jaeger (Open Telemetry & Prometheus alternative)
DevSecOps Engineer
Tripoint Solutions - National Institute of Health (NIH NITAAC)
June 2018 - September 2019
- Worked on configuration management, Git Branching strategy design, and developing DevOps solution architecture in the Cloud Develop ETL Crawlers for working with Data formatting for Migration to Cloud Data warehouse and Data Lake creation Using RBS Aurora Database with MYSQL, SQL Server, PostgreSQL Experience with working closely with Release Management teams as well as Automation & Smoke Testing teams Experience with test automation tools such as Tape, Mocha, Jasmine, Selenium, Protractor, Karma, JUnit, JSUnit, and Katalon Studio Experience in leading and evolving CI/CD processes leveraging the DevOps frameworks working in an Agile environment Worked with Linux & Windows Server platforms - Ubuntu, Centos, RHEL 6,7,8.x, SUSE, AWS Linux Infrastructure and Application security using SaaS tools like Tenium endpoint security, OWASP, and Checkmarx application security testing
Analyst
JP Morgan Chase & Co
January 2017 - June 2018
- Participated in the Architecture Review process from the DevOps space, strong interpersonal and communication skills to interact with different end users whether internally or externally Designed and Developed Resiliency Risk and Controls frameworks aligned to Cloud based applications including controls assessment and testing criteria supporting Internal, External, and Hybrid Cloud services Successfully decomposed business services to identify reusable core technology services using micro-services and API design structures, SpringBoot & Docker Custom Machine Images, Messaging, and decoupled services Hands on experience with AWS cloud platform services such as: S3, EC2, VPC, CloudFormation, ELB, AWS Auto Scaling, Route 53, ECS, RDS, Dynamo DB, ECS-EKS, API Gateway, Systems Manager, and securing AWS services, using AWS Identity Management System (IAM), Key Management System (KMS), AWS Web Application Firewall (WAF), Guard Duty, Inspector, Security Hub from a security perspective, and CloudWatch and CloudTrail for monitoring and audit purposes Design, analyze, and secure APIs using Apigee APi manager
Analyst
JP Morgan Chase & Co
January 2015 - December 2016
- Driving communication and collaboration on firm-wide strategic initiatives and impactful changes through weekly Architecture forums, understanding business requirements in order to design business and technical services (capabilities) Coordination of technology resiliency regulatory and audit activities to and improve action plans and reporting Agile development methods using tools such as: Git, Kubernetes, Gradle, JIRA, Maven, Ansible, Docker, SonarQude, CHEF, Puppet, and Jenkins for continuous integration and continuous delivery
Analyst
JP Morgan Chase & Co
December 2013 - January 2015
- December 2013 - January 2015 • Production and substantiation of a varied range of risk reports across Market Risk • Implemented ad-hoc portfolio analysis as requested by risk management, delivering both tactical and strategic enhancements to underlying report production processes • Implement and embed robust Quality Assurance control checks through the reporting process • Actively partnered with Lines of Businesses to provide contextual commentary to internal GLRM teams on current and pending activity and their effect on management reporting, regulatory reporting, forecasting and stress testing processes.
Education
