Professional Experience

In this role I provided consultancy services to Hillman RDS over a six-month period. I performed a full audit of their cloud infrastructure, and provided an improvement strategy that documented their greatest risks and misconfigurations within an AWS environment built by developers inexperienced in infrastructure. Key contributions included,

• Demonstrating standards and best practices to leadership, peers, and pupils.
• Advising leadership, peers, and pupils on proper Agile practices, including instruction in the use of kanban boards and properly managing and tracking Jira tickets.
• Implementing automation to track and eliminate wasteful spend in an AWS Organization.
• Demonstrating the value of modern security standards including permissions guardrails, the concept of least privilege, the risks of exposing internal resources, the value of credential rotation and storage, and leveraging SSO in an AWS Organization through IAM Identity Center.
• Instructing developers and teammates on the proper use of git including repository and branching strategies, and automation through integration with GitHub and AWS Developer Tools.
• Improving documentation through collaboration to record and implement automation for repeatable practices, and documenting specialized tasks to expand team knowledge.
• Deprecating non-managed or abandoned infrastructure and redeploying through Terragrunt, including Grafana monitoring and aggregation and AWS Backup infrastructure.
• Providing measurable cost savings through eliminating deprecated resources and right-sizing application infrastructure.

In this role I worked with national and international teammates and teams to deploy and maintain application infrastructure for ephemeral and immutable workloads, hosted in and connected to AWS. I implemented IaC practices in AWS with Terraform and Terragrunt, CloudFormation, Ansible, and AWS Developer Tools to build a multi-account deployment pipeline for an AWS Organization containing at least 50 accounts. Additional notable achievements include,

• Strengthening collaborative efforts between teams supporting internal and external application infrastructure in a Windows and Linux environment, by maintaining and sharing well-documented communication lines and workload efforts.
• Working with international teams to support insourcing projects deployed through IaC, such as TE’s Your-TE and customized JCA applications.
• Working in-depth with customers to right-size applications and implement auto-scaling to manage costs and application availability.
• Improving the granularity of monitoring and alerting through CloudWatch and Datadog.

In this role I worked with a small team to maintain mission-critical application infrastructure built on Docker and deployed to multiple OpenShift clusters, leveraging git via Artifactory and Bitbucket to provide on-prem repositories and version control for infrastructure code and dependencies. Key contributions included,

• Improving application integrity by documenting and resolving vulnerabilities using Fortify.
• Reducing false-positives and improving scan results in Fortify through strict maintenance of the application, and working with developers to create customized scanning frameworks.
• Working with team members to bolster Docker application deployments through Artifactory, Bitbucket, Jenkins, and OpenShift.
• Identifying and terminating abandoned resources to reduce waste and expenses.
• Mentoring two Junior DevSecOps Systems Administrators on best practices in deploying and maintaining DevOps and application infrastructure.

In this role I worked on a small cloud team providing support to a variety of international Agile development teams, facilitating deployment and maintenance of all cloud-based applications. Security was at the forefront of the operation to maintain integrity of PHI data and adhere to SOC2 audit requirements. My contributions include,

• Substantially reducing cloud overhead by using automation to identify waste and right-size resources.
• Improving CloudFormation and Ansible automation scripts to decrease deployment and update times for compute, database, storage, and virtual desktop infrastructure.
• Collaborating with the security team to ensure strict adherence to SOC2 guidelines for internal and external services.
• Managing an AD forest for internal and external domains, leveraging PDCs, RW and RO domain controllers, GPOs, WSUS services, and CentOS Linux hosts with SSSD configurations.
• Managing an AWS Organization containing isolated accounts for development, production, disaster recovery, and web hosting resources.
• Creating and maintaining a vast library of detailed documentation of IT and application procedures in GitLab.
• Improving backup and DR stability and reliability through Veeam, leveraging S3 and Storage Gateway services.
• Automating repeatable tasks through Python, PowerShell, and Bash scripting.
• Leveraging monitoring tools such as CloudTrail, CloudWatch, Elastic Stack, Splunk, Zabbix, and Trend Micro to ensure availability and uptime, and to rapidly respond to incidents as fielded.

In this role I worked with infrastructure and network management teams, and building staff in a hub-and-spoke WAN to deploy and maintain compute, storage, network, and telephony resources across the district. My responsibilities and contributions included,

• Expediting remote and on-site support for Windows, Linux, and Mac hosts.
• Managing objects, containers, and policy for resources in an enterprise Active Directory Forest.
• Managing ticket workflows and documentation through SysAid.
• Providing on-site and remote support for district infrastructure, including Cisco telephony and
• networking equipment, Dell and HP desktop, laptop, server, and storage hardware, and Mac desktops and laptops.
• Developing PowerShell and batch scripts to improve automated software deployment.
• Improving management and deployment of MacOS and iOS devices through FileWave MDM.
• Assisting in the deployment of various hardware during site upgrades and building renovations.

I worked as the single resource for IT services in the organization. Responsibilities include but are not limited to managing existing compute, storage, networking, and telephony equipment, managing and updating the organization’s website, and planning and updating the organization’s infrastructure. My contributions included,

• Improving management of server, end user computing, and networking resources via centralization.
• Planning and implementing upgrade projects to improve IT infrastructure.
• Researching and implementing open source and proprietary tools to support IT infrastructure.
• Developing and enhancing the company website while supporting existing content.
• Providing 1st- and 3rd-party platforms technical support.

I worked in a small MSP providing IT infrastructure and security services to a variety of clients. Responsibilities included remote and on-site support. My responsibilities included,

• Centralized management of multiple clients in an MSP application.
• Remote and on-site troubleshooting of infrastructure and applications.
• Imaging and installation of Windows workstations and servers.
• Troubleshooting and repairing various Windows OEM and Mac devices.
• Deployment and management of firewall and PBX appliances.