• Migration of Inventory from on-premise application hosted to AWS Cloud. The team was set up with me and several other vendors. My role within the team was Senior Cloud architect and responsible for security.
•  Designed and developed the AWS cloud architecture for the inventory application. I developed the roadmap along with another colleague for the implementation of the on-premise migration to AWS cloud.
• Developed Network architecture, segmentation and security in relation with Cloud. Developed and finalize security related SOPs and also ADRs(architectural decision records for every component such as IAC, CICD, Choice of container, RDS, Observability-monitoring of Application and infra logs) as we progressed.
• Developed architecture with appropriate IAM roles and policies, TLS/SSl certificates, NACL security groups, VPCs, data encryption at rest and in transit. Used AWS Config and AWS security hub for automating compliance and enforcing security. Based on the plan for disaster and recovery configured AWS Backup.
• Designed and implemented the Aws Devops(based on Stride).Worked with Jenkins, ArgoCD and the AWS devops tools. I automated security testing and monitoring, hardened images as per CISO benchmark, vulnerability management, sonar qube was integrated in devops for code quality among other tools.
• Configured WAF, Ensured measures against Injection, broken authentication, data exposure, XXE, security misconfiguration, XSS, Insecure digitalization and against existing vulnerabilities. Worked with AWS Boto3 code for pipelines and lambda functions use for AWS WAF.
• Improvised the existing AWS Cloud Security posture management (CSPM) for the client. Worked on Soc2 and Soc3 reports.
• Set up the red panda cluster and transferred the data between Apache Kafka streaming MSK(AWS MSK serverless) and red panda.
• Designed and developed the AWS cloud architecture for IOT data processing and data ingestion. Developed the roadmap and workplan for the same.
• Application maintenance of microservices (based on Kafka). This was hosted on EKS cluster. Worked with Prometheus and Grafana for AWS EKS monitoring.
• Setup of AWS OpenSearch using Terraform. Migrated from Elastic search to AWS OpenSearch in different environments.
• Integration Oracle Fusion Analytics integration with AWS S3 data.
• Using Power BI for getting reports from different business areas of Oracle ERP.
• Integrated Oracle Analytics cloud with different databases on cloud.
• Automated Power BI reporting for periodic data reporting and publishing. Integrated Palantir with Power BI.

Automotive sector ? Responsible for setting up security for AWS cloud WAF.

My role: My role within the team was the Senior Cloud security architect and also responsible for implementation.

• Designing and developing a multi-region custom solution for the customer using AWS Firewall Manager.
• Responsible for architecture and implementation of the project.
• Designed and developed the AWS cloud architecture for transport data pipelines. Developed also the architecture for data ingestion.
• Executed the planned migration.
• Setup and deployment of Azure AKS cluster, IAC setup using Terraform.
• Used AWS Database Migration Service.
• Deployed Mobile Apps using AWS Amplify.
• Configured AWS Firewall Manager / network security policies and routing.
• Network security (outgoing and Mitigation of DDOS threats at different layers( Worked with AWS security hub).

FMCG Company in Netherlands.

My role: My role within the team was the Senior Cloud security architect and also responsible for implementation.

• Worked on developing terraform code on approximately 10 different architectures pertain from usual business cases ranging from basic to advance data engineering use cases which included MLOPs.
• Setup and deployment of Azure AKS cluster, IAC setup using Terraform.
• Deployed Windows VM, Bastion host, worked also with Arm templates apart from Terraform.
• Worked with multiple factors such as Attack surface exposure, managing security controls and auditing (Azure Soc1 and Soc2).
• Based on the CSPM, I along with my team configured Azure components.
• Developed and presented POCs and related knowledge sharing.
• Established a taxonomy of indicators of compromise (IOCs) and share this detail with other security colleagues, including the security operations center (SOC), information security managers and analysts, as well as counterparts within the network operations center (NOC).

BMW Project - Migration of sales portfolio management system from on-premise application hosted on OpenShift to AWS Cloud. The team was set-up with me and my colleagues from Iteratec doing architectural support, a team from CapGemini (maintaining the on-premise application) and BMW colleagues (project supervision). My role within the Iteratec team was the AWS lead consultant.

Designed and developed the AWS cloud architecture for BMW for Sales Portfolio application. I developed the roadmap along with another colleague for the implementation of the on-premise migration to AWS cloud.

Implemented the new architecture and implementation of the planned migration

It involved careful comparison for the choice of tools from the variety of available options from AWS for CICD, choice of container, choice of database, User access and management, Observability, setting up AWS OpenSearch and Database migration services. Implementation of Kubernetes with AWS EKS cluster in the BMW base setup, which involved monitoring and logging.

• Responsible for designing the complete DevOps ? CICD, setting up AWS EKS with Kubernetes for hosting of the sales application, database migration to Aurora serverless, setting up monitoring dashboards using CloudWatch.
• Used Terraform for IAC, developed pipelines for AWS OpenSearch, AWS Aurora and as required for new pipelines.
• Mitigation of DDOS threats at different layers(application and network).
• Implemented security for application as well as the network(outgoing and incoming), securing both subnet and vpcs.
• Created calculated health checks and and Created cloudwatch alarms and notifications related to health check parameters.
• Shield advanced subscription - created ACL ? related rules, Faced many challenges as all the tools of AWS were new to team members - I helped them overcoming numerous challenges in the implementation during the course. One of the challenges was choosing the appropriate tool for choice of the container, this involved mapping the BMW application requirements to the different options in AWS. 

During my time at Networx I worked on different projects for different clients and was involved in bidding for projects. Due to my background in security I was also able to mitigate and provide services related to network security.

Microservices development using Java for processing of real-time traffic data coming from tom-tom API from Kafka (consumers and producers). I also developed the POC for same using Aws SNS, SQS and Lambda functions.

• Managed/configured/created security groups, network ACL?s, internet gateways and route tables to make secure zone in AWS public cloud.
• Data transformation, data loading, designing data structures, data extraction, data -archiving, designing and implementing data strategy after establishing data-governance strategy
• Worked with Kinesis data streams (with Spark), Kinetic Analytics
• Managed CI/CD pipelines (complete devops process) Python(pyspark) code (functional programming) migration from on prem cluster to AWS. Working with both classic and cloud devops
• Used AWS Cloud formation and Terraform for IAC - based on customer preferences.
• POC for user management using Dreamio for BI tools such as Celonis, rapidminer and Microstrategy.
• Used Enterprise architect for HLD, LLD for application architecture and documentation and Knime for report designing
• Data consumer/processor (data transformation) Integration of Oracle and Mongo DB with Kafka topics
• Created and configured elastic load balancers and auto scaling groups for traffic distribution, fault tolerance and high availability
• Created S3 buckets in the AWS environment for different business data storage needs, also configured lifecycle policies
• Developed Cloud Formation Templates (CFT) in YAML and JSON format to build the AWS services - custom VPC, subnets, NAT
• Created and configured elastic load balancers and auto scaling groups for traffic distribution, fault tolerance and high availability
• Used AWS Beanstalk for deploying and scaling web applications(java) and used Aws Lambda
• Created topics in SNS to send notifications to subscribers as per the requirement
• Managed/configured/created security groups, network ACL?s, internet gateways and route tables to make secure zone in AWS public cloud
• Proposal writing for machine learning projects (ML Ops) based on AWS and Azure. Data model design, Data importer for conversion of data into Postgres

Joined Sopra Steria as the projects were related to Cloud migration.

As a senior IT Consultant, I performed the following tasks for different clients for two different projects.

Client: Deutsch Bank

• Java Applications (Batch processing) - Java Application development, Architecture, Code analysis - High level design, low level design for Deutsche Bank banking applications. Elstar API integration with Oracle Database., AWS CodeCommit
• Project management for different projects.
• Network security documentation.
• Python converter for data extraction from XML, Sales force integration with Kafka
• POC for lambda architecture and kappa architecture using Apache Kafka, Hadoop, and Spark
• Salesforce integration with Kafka
• Data migration and data integration Solutions design for the Deutsche Bank
• Reports development

Client: Finanz Informatik (Onsite)

application and data architect, managing development tasks delivery.

• Data transformation, data loading, designing data structures, data extraction, data -archiving, designing and implementing data strategy after establishing data-governance strategy
• Creating of POCs on cloud ? AWS, Azure and GCP
• Designed and administration of scalable, available, and fault tolerant systems on Azure Services
• Worked with Azure Data Lakes, Azure Data Factory, HDInsight Responsible for database partitioning, database optimization, and building pipelines between structured and unstructured databases
• Managed big data infrastructure - MapReduce Framework, Hadoop, YARN
• Created Parameterized Report, Dashboard Report, Linked report and Sub Report by year, quarter, month, and week (Azure databricks)
• Requirements gathering scoping and refinement and thereby managing functional specifications to be used for unit, functional, integration, UAT and stress testing
• Leading support identifying bugs (minor or core). architecture, HD Insights on Kafka, Power BI configuration for Mobile Apps
• Designed Azure data flows, worked with Azure data lake Gen2 for importing lead generation data from Salesforce
• Managed application related to Data migration, Optimized the applications
• Configured Azure VNets, network settings, External load balance, Azure resource manager - Azure MDS (sql server)
• Developed data cubes, dimensions using MS SQL Server Analysis Services (SSAS)
• Scrum Meetings with clients and internal and external communication between client and internal teams
• Mapping and translation of functional requirements into actual technical requirements and tasks
• Functional Analysis, Development and Administration- Complex problem into subtasks, release management (3-week sprint)

As a technical project manager, I was responsible for product development of log analyser and a financial product- loan management system and helped with the developing the internal systems.

For the loan management System, I was responsible for:

• BI integration and core BI reports development with the standard product. Mainly reports linked to financial data
• Product management for a big IT product (java based) for a non-banking financial product for loan management
• Responsible for release management, support and vendor management
• Process optimization related to support, development, testing and quality teams for bug fixing and enhancements
• Managed/configured/created security groups, network ACL?s,
• Managed client expectations related to product features and timely delivery
• Using Informatica power center designed and responsible for the ETL process

I developed Log Analyzer from scratch ? Log Analzyer was a Utility for

(Stepwise - parsing, rule-based pattern search and evaluation and data selection -extraction, transformation for a visual representation for facilitating problem identification for network troubleshooting and security issues)

• Developed the log analyzer to analyze huge log files from routers and switches within seconds there by facilitating problem identification for troubleshooting routers and switches
• Also provided application support for stream-lining bug fixing at the temporary and core level

As a support officer I was responsible for designing and developing application and data warehouse for facilitating online plant germplasm exchange - this included legal mechanisms for generating online standard material transfer agreements, I also developed GIS maps using data from the transactional database.

Based on above I conceptualized and developed the global system which had the following components:

• Identity management solution (personal identifiers) for the Treaty and for stakeholders
• Shopping system for Germplasm
• Datawarehouse for the transactional data
• BI reporting on the transactional and historical data
• Developed API for remote invisible authentication

• As an IT consultant I was responsible for migrating, configuring servers and databases, applications developed BI services (Sharepoint), Sql Server.

• As a consultant I was responsible for Application Development ? Testing and Business Intelligence.
• Projects: Oracle Ebusiness Suite 11.5.8 Implementation
• Initially I was responsible for testing and mapping the test data matrix in HRMS, PO, Grants, Procurement and Finance.
• Thereafter I developed customized modules (OAF) and AOL and developed BI reports for cross modular scenarios across different Oracle modules.
• Worked with SQL, developed data cubes for enabling smart BI reporting.

• As a consultant I deleiverd IT trainings to clients on java, application and databases, also data migration using SSIS from SQL server 6.5 to Sqlserver7 to SQl server 2000.

• I delivered trainings and managed office infrastructure.

• Intern Developer. Technology: Oracle 8i, Magic software. 
• I developed a property finder application using Magic software ? 4GL tool.