Certifications

About Founder

SENIOR DEVSECOPS ENGINEER

Accomplished security and DevOps professional specializing in deploying and managing secure applications across cloud providers using containers or VMs (EC2). Proficient in Linux environments, Bash scripting, and DevOps tools including Jenkins, Git, Docker, and Kubernetes. Streamlines software development processes to accelerate time-to-market for organizations. Motivated and detail-oriented professional committed to delivering high-quality work in fast-paced, dynamic environments. Technical leader with the expertise to support an organization’s success.

CORE COMPETENCIES

• DevSecOps
• Cybersecurity
• Cloud Computing
• Agile Methodology
• Risk Assessment
• Security Testing
• Compliance Auditing
• Identity / Access Management
• Network Security

TECHNOLOGY STACK

• Azure, Amazon Web Services, and IBM Cloud CLI
• Elasticsearch, Logstash, Kibana, Kafka, Opensearch
• Kubernetes and Docker containers
• Python (Intermediate)
• Jenkins/ArgoCD
• Bash scripting on all Linux flavors (Expert)
• vSphere VM management
• Tenable, WAF, Splunk, QRadar

PROFESSIONAL EXPERIENCE

Veeam • Atlanta, GA • Aug 2023 – Present

Senior DevSecOps Engineer, Corporate Technology team

Worked under the Chief Information office to maintain operations of enterprise applications and infrastructure. I leveraged my technical expertise to align standards and technology stacks across various departments and help drive the development of secure-by-design applications. I am a huge advocate of automation to an extent that it does not over-complicate processes or becomes the subject that needs resources.

• Vulnerability scanning, research, and patching on infrastructure of the entire company. Generate reports and present trends to various stakeholders and managers
• Publish numerous documentations to help subsequent teams with processes and best practices
• Ensure Continuous Compliance by developing and executing vulnerability remediation plans and timely fixes.
• Assess and improve gaps by identifying and mitigating potential risks associated with system integration
• Enhance CI/CD pipelines to improve security scans; reducing the burden on security team during prod deployment

38North Security • Washington, D.C • March 2023 – July 2023

Fedramp Consultant, Infra Security Engineering team

As a Fedramp consultant, my main responsibility was to help bridge the knowledge gap between SRE and the development team I was part of. I spent most of my time collaborating with different team members to help unblock issues and deliver on priorities.

• Collaborate with cross-functional teams to integrate security practices and benchmarks into the development and deployment pipeline
• Support a microservice-based middleware platform, assess vulnerabilities, tuning improvements.
• Proactively interact with key client management to gather information, resolve problems, and make recommendations for improvements
• Manage and lead secure cloud design, deployment, configuration, and implementation strategies based on NIST 800-53
• Orchestrate changes in highly regulated commercial and government environments
• Suggest and implement CI/CD optimization that resulted in cutdown of build time from 5 mins to 20 seconds
• Configure and tune monitoring stack using Telegraf and Grafana for host and container level continuous monitoring

IBM • Atlanta, GA • Jul 2018 – March 2023

Sr. DevOps and Compliance Engineer, IBM X-Force Threat Intelligence (Aug 2020 – March 2023)

Introduced processes, tools, and methodologies to balance needs and mitigate risk throughout the software development life cycle for IBM X-Force Threat Intelligence. Managed 20+ Kubernetes clusters to ensure operations, security, and ITSS compliance.

• Automated infrastructure deployment using Terraform.
• Deployed and managed Big Data platforms including Elasticsearch/OpenSearch, Kafka, and Kibana.
• Published over 200 early warning reports to IBM X-Force Exchange.
• Deployed and used monitoring stacks including Nagios, Sysdig, Beats, and Grafana.
• Deployed ArgoCD to combat against source code deviation.
• Automated VM management using tools including Ansible (AWX) and BigFix.
• Conducted threat research on Zero Day payloads in Sandbox environments.

Key Accomplishments:

• Reduced compliance patching effort by 30% and increased CIS compliance score by leveraging a configuration management tool, Ansible AWX, to create a host inventory and tag each based on OS for over 200 VMs.
• Deployed resources 10x faster and saved $150K annually by using terraform to standardize resource configuration for production and development. Created a cluster utilization dashboard to establish baseline and defined limits.

Security Engineer, IBM Security (Jul 2018 – Aug 2020)

Created tests to identify issues with software before product launch. Designed and performed automated and manual tests. Managed full end to end testing on security products that run on Qradar SIEM.

• Constructed and ran complex DB queries (AQL, psql, sqlite3) for script development.
• Participated in design planning meetings to provide input on scope definition and edge case scenarios.
• Used internal tools to generate syslogs for machine learning test data and performance testing.
• Wrote, reviewed, and published bash and python scripts to optimize development overhead.
• Served as Lead QA for ensuring support of containerized apps on Kubernetes cluster and IBM Cloud.

Key Accomplishments:

• Reduced the time to perform tests by 86% (from one week to one day) by leveraging Selenium to automate testing. Enabled QA to write better and newer tests with time saved through automation.
• Saved three hours in test environment setup and increased test coverage by 38% after deploying a new tool.

EDUCATION

Bachelor of Science, Computer Science specialise in Infosec | Jackson State University

CERTIFICATION, AWARDS, & AFFILIATION

Certified Kubernetes Application Developer | The Linux Foundation

CompTIA Security+ Certification | CompTIA

IBM DevSecOps Explorer | IBM

IBM Cloud Kubernetes Service Badge | IBM