Chaitanya Bojja

chaitanyab2289@gmail.com
hthttps://www.linkedin.com/in/chaitanyabojja/
786-461-7826

Professional Summary
 Around 12 years of progressive experience as a Principal Cloud and DevOps Engineer in Design,
Architect, Cloud Migration Specialist, Hadoop DevOps, SRE, System Administration,
Configuration Management, DevSecOps, CI/CD, infrastructure automation pipeline of high traffic
large scale distributed systems of On-Premise, Hybrid Cloud and Mobile applications
 Strong knowledge on Setup, Configure, Administer, Manage and Monitor of Big Data
frameworks (CDH, HDP, AWS EMR, GCP Data Proc and HDInsight’s) Services over Linux
Platforms.
 Design, Architect and Implement Cloud Migration Solutions for Batch, Legacy, Serverless,
Hadoop workloads, Micro services (containerized) architecture Applications for AWS EKS, Azure
AKS and GCP GKE and K8s Community Edition and OpenShift
 Strong experience on Implementing Terraform and Cloud formation templates as Infrastructure
as a Code for GCP, Azure and AWS Public Cloud solutions for various use cases.
 Strong experience on implementation of CNCF Projects like etcd, Istio, Helm, CNI for K8s along
with K8 HADR, log analytics, monitoring of services with Prometheus
 Worked on installation, configuration and administration of CentOS 7, RHEL 7 for Kubernetes,
Open shift and Docker Swarm
 Experience writing applications using Multi-Threading, Concurrency, Core Java, J2EE, RESTFUL
Web Services.

 Practical Experience in Install, Configure, Automation of Configuration Management tools like

Chef, Puppet, Salt and Ansible.
 Highly skilled at supporting web and application servers (Apache, Nginx, NodeJS, JBoss, Tomcat)
and Hands-on experience with installing and managing MySQL and MongoDB servers.
 Experience in building and managing Splunk, Sumologic, ELK (Elastic Search, Logstash and
Kabana) stack for search, analytics and centralized logging.
 Used AWS amplify/S3 to deploy React based apps.
 Experience building AWS serverless applications using Java/Node JS and AWS SAM.
 Strong experience developing front end applications using React JS and Redux libraries using
Typescript/Javascript.

 Excellent understanding of reference models like OSI Model protocol suite (IPv4, IPv6, all
supported IEEE standard protocols), TCP/IP protocol suite (IP, ARP, TCP, UDP, SMTP, FTP TFTP,
SSH, DNS)
 Installed and managed Middleware tools through Chef, Ansible Puppet such as WebSphere
Application Server 7.x/8.x, JBOSS GA7/EAP6, IBM IHS, Apache, Nginx and Tomcat.
 Expertise in Administer, configure and monitor of Apache Httpd, SMTP, DHCP, NFS, LDAP, DNS,
Postfix, send mail, FTP, Remote Access, Security Management & Security troubleshooting skills.
  Installed, Configured, Managed Monitoring Tools such as AppDynamics, New Relic, Nagios,
Zabbix for Application Performance Monitoring and System service monitoring
 Practical experience in Bash, Groovy, Python, Yaml, Json
 Installation, Configuration and Management of RDBMS and NoSQL tools such as Dynamo,
MySQL, HBase, PostgreSQL, MongoDB and Cassandra

Skill Set

Operating Systems LINUX (RHEL 7, Ubuntu 16, CentOS 7)

Scripting Languages Shell, Perl, Groovy Ruby DSL, Python,Java
RDBMS/NoSQL Oracle, MySQL, Mongodb, Redis, Hbase, Cassandra
Version Control Systems SVN, TFS, GIT
Continuous Integration tools Jenkins, CruiseControl, Teamcity, Bamboo, Urbancode
Build and Packaging tools MSBuild, Gradle, Ant, Maven, SonarQube, Codacy
Web/Application Servers Apache, JBOSS/Wildfly, Tomcat , WAS, Nginx, NodeJS, HAProxy
Cloud AWS, Azure, GCP
Artifactory Nexus 2.0, Artifactory
Logging and Data Analytics ELK, Splunk, Sumologic, Loggly
Monitoring/Graphing Nagios, Sensu, Prometheus, Newrelic, Graphana, AppDynamics
Message brokers RabbitMQ, SQS, Kinesis, Kafka, Active MQ
Virtualization/IT Automation Vagrant, Packer, Consul, Terraform, Docker, Chef 12, Puppet 5,
Ansible, Kubernetes, Openshift, etcd, Helm, Kops
Big Data Platform Stacks CDH 6 (Cloudera), HDP 2.6, (Hortonworks), AWS EMR 6.0, Azure
HDInsight, GCP DataProc
Security AD, LDAP and Kerberos
Hadoop Services Yarn, HDFS, Hive, Impala, Kafka, Zookeeper, Hbase
NoSQL Cassandra, Mongo DB, Redis, Hbase
Azure Expertise:  IaaS, PaaS, VM Migrations, VNet, Traffic Manager, Azure Cloud
Services, SQL Azure, Active Directory, Data Factory, Data Lake, HDInsights, ExpressRoute, Synapse,
DataLake, app service, functionapp, monitor, databricks, eventHub, eventgrid, keyvault, AKS, service
bus,

Education Experience:
Completed, Bachelor of Technology in Computer Science and Engineering from JNTU, Hyderabad in
2009
PROFILE:

Cloud and DevOps Architect, Southwest Airlines, Dallas, Texas Jan 2020 – till date

 Implemented AWS Control Tower, Landing zone, Idp (PingFederate ) with coginto and AD
integrated with AWS for user management
 AWS Organizations, Central governance and management across AWS accounts
 AWS Guard Duty, Managed threat detection service
 Ensured that security requirements and considerations are woven into the development of each
system
 Review and interpret Systems Security Plans
 Review cloud services and provide recommendations on agency approval
 Identify gaps in system compliance against NIST controls
 Provide recommendations to achieve security compliance
 Conduct security engineering reviews of systems that are preparing for ATO assessment
 Use Network security policies to restrict cluster level access, Use CIS benchmark to review the
security configuration of Kubernetes components (etcd, kubelet, kubedns, kubeapi),
 Properly set up Ingress objects with security control, Protect node metadata and endpoints
Minimize use of, and access to, GUI elements, Verify platform binaries before deploying
 Restrict access to Kubernetes API, Use Role Based Access Controls to minimize exposure
Exercise caution in using service accounts e.g. disable defaults, minimize permissions on newly
created ones, Update Kubernetes frequently
 As a DevSecOps implementation and I am responsible for software development, recognizing
the security threats, and configuring the network infrastructure, so should have up-to-the-
minute details of cybersecurity threats and the latest software. possess knowledge of the
implementation of risk assessment techniques and the latest security best practices.
 Code analysis: The codes are delivered in small pieces so that any vulnerabilities can be easily
recognized and resolved.
 Change management: The change management process enhance the efficiency and speed of
the process and determine whether the changes made is good or bad. 
 Compliance training: This training requires you to be get ready for the audit at any instance. 
 Threat investigation:  This component in DevOps approach assist you to identify the threats in
the process along with the code update and respond quickly to it.
 Vulnerability assessment: Recognizes the latest vulnerabilities with the code analysis and how
quickly they could be resolved.
 Security training: It requires you to train the team with set of guidelines.

 Minimize host OS footprint (reduce attack surface), Minimize IAM roles, Minimize external
access to the network, Appropriately use kernel hardening tools such as AppArmor, seccomp
 Setup appropriate OS level security domains e.g. using PSP, OPA, security contexts, Manage
Kubernetes secrets, Use container runtime sandboxes in multi-tenant environments (e.g. gvisor,
kata containers), Implement pod to pod encryption by use of mTLS
 Minimize base image footprint, Secure your supply chain: whitelist allowed registries, sign and
validate images, Use static analysis of user workloads (e.g.Kubernetes resources, Docker files)
Scan images for known vulnerabilities
 Perform behavioral analytics of syscall process and file activities at the host and container level
to detect malicious activities, Detect threats within physical infrastructure, apps, networks, data,
users and workloads, Detect all phases of attack regardless where it occurs and how it spreads
Perform deep analytical investigation and identification of bad actors within environment
Ensure immutability of containers at runtime, Use Audit Logs to monitor access
 Extensive Knowledge and hands-on experience implementing PaaS, IaaS, SaaS style delivery
models inside the Enterprise (Data center) and in Public Clouds using like AWS, Google
Cloud, and Kubernetes etc.
 Created dynamic routing/load balancing capability enabling large application scaling, used
ingress rules and Ingress Controllers - Nginx.
 Setup Log Metrics, Alerting and monitoring using GCP Stackdriver .
 Gitlab migration, CICD pipeline implementation, Integrate and writing custom scripts and
templates
 Implemented Network policies for K8s
 Design, Implemented Cloud infra using AWS Cloud Formation Templates and later migrate to
Terraform 12
 Adopted CAF and Developed Migration strategy for Azure and GCP as a Geo Redundant Solution
by performing Discovery, Assessment, and Implementation stages
 Auto generate of Terraform Templates with Python and Java Modules and provision GCP
services
 Secure, Control and Govern policies for AWS, Azure and GCP Platforms
 Design, Architect and Implement of Kubernetes Managed service of GKE/ Open Source version
for .Net Core services
 Defined K8 Application Deployment Lifecycle with Kops, Helm, etcd, Istio, ELK, Prometheus
 Install, configure and setup of TICK stack suite for Application Performance Metrics
 Led migration of Virtual Machines to Azure Virtual Machines for multiple global business units.
 Prepared capacity and architecture plan to create the Azure Cloud environment to host
migrated IaaS VMs and PaaS role instances for refactored applications and databases.
 Created recommendations on how to duplicate a subset of on premise machines to the Azure
Infrastructure as a Service (IAAS) offering which will be used for disaster recovery. This analysis
included the specifics to synchronize on premise data with SQL Server and SharePoint instances
hosted in VMs.
 Configured VMs in availability sets using Azure portal to provide resiliency for IaaS based
solution and scale sets using Azure Resource Manager to manage network traffic
 Designed and configured Azure Virtual Networks (VNets), subnets, Azure network settings, DHCP
address blocks, DNS settings, security policies and routing.
 Deployed Azure IaaS virtual machines (VMs) and Cloud services (PaaS role instances) into secure
VNets and subnets.
 Exposed Virtual machines and cloud services in the VNets to the Internet using Azure External
Load Balancer.
 Provided high availability for IaaS VMs and PaaS role instances for access from other services in
the VNet with Azure Internal Load Balancer.
 Implemented high availability with Azure Resource Manager deployment models.
 Designed Network Security Groups (NSGs) to control inbound and outbound access to network
interfaces (NICs), VMs and subnets.
 Setup Azure Virtual Appliances (VMs) to meet security requirements as software based
appliance functions (firewall, WAN optimization and intrusion detections).
 Leveraged VNET system routes and underlying route table that holds Local VNet Rules, On-
premise Rules, Internet Rules and IP Forwarding as design basis.
 Designed User Defined Routes with custom route tables for specific cases to force tunneling to
the Internet via on premise network and control use of virtual appliances in the customer’s
Azure environment.
 Associated routes with VNets via the route table per relationship constraints.
  Managed IP Forwarding for VMs and role instances acting as virtual appliances.
 Implement stream analytics with azure synapse, azure function app, azure databricks, azure
datalake and azure monitor services for enterprise analytics platform
 Implemented ELK, Grafana solutions for Logging, Monitoring of Micro services logs, errors, RTT
and other metrics

Cloud and DevOps Architect, Ericsson, Dallas, Texas Apr 2017 - Dec
2019

 Implemented KOPS, KubeSpray tools to provision K8 Cluster and Helm packages to deploy
applications Kubernetes Cluster
 Design, Architect, Implement IBM SoftLayer Data center, VMWare migration to AWS and GCP
 Design Infra for Smart Data Catalog tool over HDP 2.6, CDH 5.10, EMR and HDInsight’s and
DataProc
 Designed and implemented Multinode executor Azkaban workflow scheduler to improve
efficiency
 Integrated Atscale with DataLake (Hbase, MySQL, Redshift)
 Gluster FS implementation using Consul, Vault and Terraform
 Designed, Implemented Ansible Playbooks for Infra creation of GCP DataProc
 Integrated Zoomdata and Tableau for Data Visualization to Data Lake
 Implemented Data Security and Authz over Data Catalog tools with AD, LDAP and Kerberos
 Implemented openshift container platform for microservices architecture of application
 Elasticsearch Migration
 KMS Implementation and automated key rotation for Server and Client side encryption
 Designed apps Using API Gateway, Cloudfront, S3, Lambda, Kinesis, Dynamo and RDS
 Config management with Chef and ansible
 Lead and implemented Docker Container Implementation with Kubernetes
 Administering, Performance tuning of ES 5
 AWS EMR migration from Cloudera, Hortonworks Hadoop platform
 Implemented Landing zones, cognito, Okta SSO, IAM,
 Implemented Github semantic Versioning and fixed tag and auto deploy and rollback issues
 ELK and Splunk querying, alerts, dashboarding
 Design and Setup Infrastructure for Hortonworks Hadoop platform
 Elasticsearch Primary/Secondary cluster configuration in Prod as DR solution
 Setup Monitoring of System/App level services with Cloudwatch, Newrelic, Stackdriver,
Prometheus, Sensu and nagios, published all these metrics to grafana

Lead Cloud and DevOps Engineer/Architect, Inside View Technologies, SFO, CA Jun 2015- Aug
2017
 Implemented Master AMIs for Application setup in Prod by using of AWS IAM roles, Cloudwatch
monitoring, JAVA stack, Jetty 8, RDS services
 Elasticsearch snapshot and validation automation
 KMS and AWS IAM roles implementation for application as all environments
 Created REST endpoints for microservices using Spring Boot/Java.

 LDAP migration from openldap to Jumpcloud as directory as a service

 Setup and configured chef as Infrastructure management as a code and migrated servers from
Rightscale from Dev to Prod
 Setup and migrated Deployment process from Rightscale to Jenkins/Nexus and Rundeck
Integration
 Introduced graphing solutions for Nagios with pnp4 and Grafana
 Setup infrastructure for New applications from scratch with all services from chef by rewriting
scripts and process with chef policies
 Setup Route53 DNS across multiple AWS accounts
 Migration of infrastructure from CISCO savvis DC to AWS along with JBOSS to jetty migrations
 Configured, Administered Atlassian BitBucket and integration with JIRA and LDAP
 Environment readiness and Auto Scaling with Chef using VPC, EC2, S3, Elasticache, Route53,
LDAP, Monitoring, Log analytics
 Implemented CI/CD build and deploy pipelines with GIT, Maven, Jenkins, Nexus, Run deck,
Ansible and Chef
 Lead the effort from the Cloud/Infrastructure team in setting up infrastructure for different
environments (like Dev, QA, Pre-prod and Production) that meet up the requirements, on metal
and AWS cloud (EC2 and VPC)
 Design and build high available and scalable infrastructure components like app (Nginx and
Nodejs), DB(MongoDB), Messaging(RabbitMQ) on AWS VPC ensuring security compliance and
high uptime.
 Automated infrastructure provisioning and code deployments on AWS EC2 and VPC using Chef,
Rundeck, Jenkins jobs and custom bash scripts.
 Devised and successfully executed migration of existing services from EC2 to VPC.
 Built, deployed and managed configuration automation framework using Chef on EC2 and VPC
 Develop and implement cookbooks on Chef.
 Design, build and manage ElasticSearch Cluster.
 Built and managed code repositories on Git and SVN.
 Proof-of-Concept on different tools like Gitolite, Gitlab. Devised and implemented a successful
rollout to production.
 Built and deployed Icinga monitoring solution to monitor the health and uptime of the
infrastructure and services
 Database query log processing in Perl
 Subversion and GIT server administration and replication in AWS Cloud
 Configured Build and Deployment Pipeline Using Maven/Jenkins/Nexus/Rundeck
 Infrastructure automation using Configuration Management system - Chef.
Sensu for monitoring Infrastructure Integrated with Akamai CDN for accelerating the Website.
 Built alerting systems using Pagerduty and Pingdom, Enforced Vagrant based development for
the developers on team.
  Experience with Sybase, MS-SQL, MySql data replication scripts, Database performance tuning
and Object oriented database design principles

Sr DevOps Engineer, Walmart Labs, Sunnyvale, California Sep 2013 - May 2015

 Lead the effort from the Cloud/Infrastructure team in setting up infrastructure for different
environments (like Dev, QA, Pre-prod and Production) that meet up the requirements, on metal
and AWS cloud (EC2 and VPC), Proof-of-Concept on VPC. (Subnets, DHCP Option sets etc)
 Design and build high available and scalable infrastructure components like app Messaging
(Rabbitmq), Redis high availability, using ELK Cluster on AWS VPC ensuring security compliance
and high uptime.
 Automated infrastructure provisioning and code deployments on AWS EC2 and VPC using Chef,
Jenkins jobs and custom bash Built, deployed and managed configuration automation
framework using Chef on EC2 and VPC
 Involved in designing and deploying multitude applications utilizing almost all of the AWS stack
 (Including EC2, Route53, S3, RDS, Dynamo DB, SNS, SQS, IAM) focusing on high-availability, fault
o tolerance and auto-scaling in AWS Cloud Formation.
 Configured AWS IAM and Security Group in Public and Private Subnets in VPC.
 Created AWS Route53 to route traffic between different regions.
 Designed AWS Cloud Formation templates to create custom sized VPC, subnets, NAT to ensure
 Successful deployment of Web applications and database templates.
 Implemented automated local user provisioning instances created in AWS cloud.
 Setup and build AWS infrastructure various resources, VPC EC2, S3, IAM, EBS, Security Group,
Auto Scaling, and RDS in Cloud Formation JSON templates.
 Configuring and Networking of Virtual Private Cloud (VPC) Written Cloud Formation templates
and deployed AWS resources.
 Implemented rapid-provisioning and life-cycle management for Linux using Amazon EC2, Chef,
and custom Ruby/Bash, python scripts.
 Written Chef Cookbooks for various DB configurations to modularize and optimize end product
 Configuration, converting production support scripts to Chef Recipes and AWS server
provisioning using Chef Recipes

Sr DevOps Engineer, JPMorgan Chase, Columbus, Ohio Mar 2011- Sep 2013
 Expertise in Enterprise repository management tools like Nexus, Artifactory etc.
 Deployment automation for Enterprise Applications to WebSphere, Jboss, Apache, Tomcat with
Rundeck and UDeploy.
 Install, Configure, Setup Distributed Mode of Jenkins to handle large Scale Applications
 Installed and administer Atlassian tool set including JIRA, Confluence, Fisheye and Crucible.
 Written pre-commit, post-commit, post-receive hooks in SVN for Linux environment using shell
 Re-structured the development methodology with respect to SVN and proposed best branching
strategies in SVN
 Generated Ant, Maven, Perl & UNIX scripts for build activities in QA, Staging and Production env
 Worked on the transition project, which involves migration activities from Ant to Maven in order
to standardize the build across all the applications. 
  Experience in planning, installing, configuring & administering WebSphere Application Server
Experience in SSL Cert (Iplanet certs, IHS certs, WebLogic certs, WebSphere certs, SAN certs etc.)
installing/renewal.
 Installing, configure and Patching SVN servers, Responsible for Administration of Collabnet SVN
and Multi Site and Setup the SVN Multisite environment, Responsible for periodic work checks
and backups and Monitor health, disk space and optimize performance.
 Implemented rapid-provisioning and life-cycle management for Linux using VMWare, Chef, and
custom Ruby/Bash scripts.
 Worked with Chef Environment, Installing Workstation, Bootstrapping Nodes, setting up chef
server, bundling recipes into cookbooks and uploading them to Chef-server.
 Integrated Jenkins with tools such as GIT, Bitbucket, Artifactory, Chef to implement CI/CD
pipeline.
 Performed SVN to GIT/Bit Bucket migration and managed branching strategies using GIT
workflow. Managed User access control, Triggers, workflows, hooks, security and repository
control in Bitbucket.
 Proficient in setting up and configuring Baselines, Branching, Merging, and Backup through GIT
and SVN, Bitbucket.
 Managed Jfrog repository for the current project. Have hands on experience with Bitbucket.
 Experience in installing and configuring Splunk tool 3.x and 4.x versions on Linux machines.

Middleware/Build and Release/Configuration Engineer, GEICO, Hyderabad Aug 2009- Mar 2011
 Migrate SVN repositories to Git and administrate Gitlab to manage Git repositories. 
 Build and improve the reliability and performance of cloud applications and cloud infrastructure
deployed on Amazon Web Services.
 Install and configure Apache, Nginx, Drupal, and WordPress on Ubuntu and Amazon Linux
instances.
 Involved in Installing Jenkins on a Linux machine and created a master and slave configuration to
implement multiple parallel builds through a build farm.
 Deployed using Admin console into WebLogic Application Servers. 
 Maintained configuration files for each application for build purpose on different environments. 
 Used Jenkins to perform automated Builds and Deployments. 
 Expert in User Management and Plugin Management for Jenkins. 
 Deployed the applications to Tomcat Application Server and static content to apache web
servers. 
 Expertise in End-to-End, Build, Release Management process for the various clients using
Jenkins, Ant, Maven, Gradle.
 Managed and optimize the Continuous Delivery tools like Jenkins.
 Involved in Red hat Linux patching using Repository servers and perform Linux kernel upgrade
on x86 HW.
 Good knowledge in virtualization using VMWARE ESX 3.5, 4.0 for Red hat Linux and Solaris x 86
platforms.
 Installed and configured Red Hat Linux Kickstart and Solaris jumpstart Servers.
 Installing of puppet master, agents, writing manifests and pushing them to agents for
Application deployments as part of CI/CD practices.
 Used Puppet to oversee Web Applications, Configuration Files, Data Base, Commands, Users
Mount Points and Packages.
 Worked on Installing Puppet master and puppet agents on multiple nodes. Added all the nodes
to master and managed various node groups.
 Automated to manage tens of thousands of VMs across multiple cloud platforms using puppet.
 Developed a continuous deployment pipeline using Jenkins, puppet, and Ruby/shell scripts
 Experience in migration of consumer data from one production server to another production
server over the network with the help of Bash and Perl scripting. 
 Experience with Linux/UNIX environments and scripting for Build & Release automation.
 Knowledge on Perl/Unix/Linux shell scripting. Knowledge of operating system, network, and
compiler concepts.
 Experience with build tools Ant and Maven for writing build.xmls and pom.xmls respectively.