Cloud Architect
Current➢ SME for governance and security for all production customer facing or customer supporting systems, including Azure, AWS, GCP, ecommerce platforms, and distribution vendors. Project and technical lead for several successful initiatives to improve our security posture, including SSO, automated user provisioning, improved account auditing, centralized audit logging, and alerting. Business processes surrounding these activities were also revamped to reduce friction and improve compliance. ➢ SME for cloud cost management. Built a tool that exports raw cost data from cloud providers, normalizes it, and assigns several additional business relevant dimensions for reporting. ETL tool is written in python deployed to Kubernetes as a daily cron job, data is stored in MySQL hosted in same, and reporting is done via Microsoft PowerBI.➢ Migrated all workloads from four production and two non-production data centres to Azure using Azure Migrate. Amenable workloads have been cloudified, remainder have been right-sized and reserved instances purchased. Project took four months of planning and three months to execute, reduced overall costs, and aligned infrastructure with business initiative to migrate our platform to a microservice architecture in Kubernetes.➢ Wrote terraform modules for internal teams to automate and enforce correct deployment topologies and security standards for several different recurring workloads. Reduced timelines for deployments by the managed services team from weeks to hours. Modules include enforcement of tenant level security standards, IAM permission and role assignments, network and network security configurations, infrastructure including virtual machines, Kubernetes clusters, PaaS offerings like Azure DB and Azure App Service, as well as templated Ansible for virtual machine hardening to CIS benchmarks