Professional Documents
Culture Documents
Chaitanya Bojja
Chaitanya Bojja
Chaitanya Bojja
chaitanyab2289@gmail.com
hthttps://www.linkedin.com/in/chaitanyabojja/
786-461-7826
Professional Summary
Around 12 years of progressive experience as a Principal Cloud and DevOps Engineer in Design,
Architect, Cloud Migration Specialist, Hadoop DevOps, SRE, System Administration,
Configuration Management, DevSecOps, CI/CD, infrastructure automation pipeline of high traffic
large scale distributed systems of On-Premise, Hybrid Cloud and Mobile applications
Strong knowledge on Setup, Configure, Administer, Manage and Monitor of Big Data
frameworks (CDH, HDP, AWS EMR, GCP Data Proc and HDInsight’s) Services over Linux
Platforms.
Design, Architect and Implement Cloud Migration Solutions for Batch, Legacy, Serverless,
Hadoop workloads, Micro services (containerized) architecture Applications for AWS EKS, Azure
AKS and GCP GKE and K8s Community Edition and OpenShift
Strong experience on Implementing Terraform and Cloud formation templates as Infrastructure
as a Code for GCP, Azure and AWS Public Cloud solutions for various use cases.
Strong experience on implementation of CNCF Projects like etcd, Istio, Helm, CNI for K8s along
with K8 HADR, log analytics, monitoring of services with Prometheus
Worked on installation, configuration and administration of CentOS 7, RHEL 7 for Kubernetes,
Open shift and Docker Swarm
Experience writing applications using Multi-Threading, Concurrency, Core Java, J2EE, RESTFUL
Web Services.
Excellent understanding of reference models like OSI Model protocol suite (IPv4, IPv6, all
supported IEEE standard protocols), TCP/IP protocol suite (IP, ARP, TCP, UDP, SMTP, FTP TFTP,
SSH, DNS)
Installed and managed Middleware tools through Chef, Ansible Puppet such as WebSphere
Application Server 7.x/8.x, JBOSS GA7/EAP6, IBM IHS, Apache, Nginx and Tomcat.
Expertise in Administer, configure and monitor of Apache Httpd, SMTP, DHCP, NFS, LDAP, DNS,
Postfix, send mail, FTP, Remote Access, Security Management & Security troubleshooting skills.
Installed, Configured, Managed Monitoring Tools such as AppDynamics, New Relic, Nagios,
Zabbix for Application Performance Monitoring and System service monitoring
Practical experience in Bash, Groovy, Python, Yaml, Json
Installation, Configuration and Management of RDBMS and NoSQL tools such as Dynamo,
MySQL, HBase, PostgreSQL, MongoDB and Cassandra
Skill Set
Education Experience:
Completed, Bachelor of Technology in Computer Science and Engineering from JNTU, Hyderabad in
2009
PROFILE:
Cloud and DevOps Architect, Southwest Airlines, Dallas, Texas Jan 2020 – till date
Implemented AWS Control Tower, Landing zone, Idp (PingFederate ) with coginto and AD
integrated with AWS for user management
AWS Organizations, Central governance and management across AWS accounts
AWS Guard Duty, Managed threat detection service
Ensured that security requirements and considerations are woven into the development of each
system
Review and interpret Systems Security Plans
Review cloud services and provide recommendations on agency approval
Identify gaps in system compliance against NIST controls
Provide recommendations to achieve security compliance
Conduct security engineering reviews of systems that are preparing for ATO assessment
Use Network security policies to restrict cluster level access, Use CIS benchmark to review the
security configuration of Kubernetes components (etcd, kubelet, kubedns, kubeapi),
Properly set up Ingress objects with security control, Protect node metadata and endpoints
Minimize use of, and access to, GUI elements, Verify platform binaries before deploying
Restrict access to Kubernetes API, Use Role Based Access Controls to minimize exposure
Exercise caution in using service accounts e.g. disable defaults, minimize permissions on newly
created ones, Update Kubernetes frequently
As a DevSecOps implementation and I am responsible for software development, recognizing
the security threats, and configuring the network infrastructure, so should have up-to-the-
minute details of cybersecurity threats and the latest software. possess knowledge of the
implementation of risk assessment techniques and the latest security best practices.
Code analysis: The codes are delivered in small pieces so that any vulnerabilities can be easily
recognized and resolved.
Change management: The change management process enhance the efficiency and speed of
the process and determine whether the changes made is good or bad.
Compliance training: This training requires you to be get ready for the audit at any instance.
Threat investigation: This component in DevOps approach assist you to identify the threats in
the process along with the code update and respond quickly to it.
Vulnerability assessment: Recognizes the latest vulnerabilities with the code analysis and how
quickly they could be resolved.
Security training: It requires you to train the team with set of guidelines.
Minimize host OS footprint (reduce attack surface), Minimize IAM roles, Minimize external
access to the network, Appropriately use kernel hardening tools such as AppArmor, seccomp
Setup appropriate OS level security domains e.g. using PSP, OPA, security contexts, Manage
Kubernetes secrets, Use container runtime sandboxes in multi-tenant environments (e.g. gvisor,
kata containers), Implement pod to pod encryption by use of mTLS
Minimize base image footprint, Secure your supply chain: whitelist allowed registries, sign and
validate images, Use static analysis of user workloads (e.g.Kubernetes resources, Docker files)
Scan images for known vulnerabilities
Perform behavioral analytics of syscall process and file activities at the host and container level
to detect malicious activities, Detect threats within physical infrastructure, apps, networks, data,
users and workloads, Detect all phases of attack regardless where it occurs and how it spreads
Perform deep analytical investigation and identification of bad actors within environment
Ensure immutability of containers at runtime, Use Audit Logs to monitor access
Extensive Knowledge and hands-on experience implementing PaaS, IaaS, SaaS style delivery
models inside the Enterprise (Data center) and in Public Clouds using like AWS, Google
Cloud, and Kubernetes etc.
Created dynamic routing/load balancing capability enabling large application scaling, used
ingress rules and Ingress Controllers - Nginx.
Setup Log Metrics, Alerting and monitoring using GCP Stackdriver .
Gitlab migration, CICD pipeline implementation, Integrate and writing custom scripts and
templates
Implemented Network policies for K8s
Design, Implemented Cloud infra using AWS Cloud Formation Templates and later migrate to
Terraform 12
Adopted CAF and Developed Migration strategy for Azure and GCP as a Geo Redundant Solution
by performing Discovery, Assessment, and Implementation stages
Auto generate of Terraform Templates with Python and Java Modules and provision GCP
services
Secure, Control and Govern policies for AWS, Azure and GCP Platforms
Design, Architect and Implement of Kubernetes Managed service of GKE/ Open Source version
for .Net Core services
Defined K8 Application Deployment Lifecycle with Kops, Helm, etcd, Istio, ELK, Prometheus
Install, configure and setup of TICK stack suite for Application Performance Metrics
Led migration of Virtual Machines to Azure Virtual Machines for multiple global business units.
Prepared capacity and architecture plan to create the Azure Cloud environment to host
migrated IaaS VMs and PaaS role instances for refactored applications and databases.
Created recommendations on how to duplicate a subset of on premise machines to the Azure
Infrastructure as a Service (IAAS) offering which will be used for disaster recovery. This analysis
included the specifics to synchronize on premise data with SQL Server and SharePoint instances
hosted in VMs.
Configured VMs in availability sets using Azure portal to provide resiliency for IaaS based
solution and scale sets using Azure Resource Manager to manage network traffic
Designed and configured Azure Virtual Networks (VNets), subnets, Azure network settings, DHCP
address blocks, DNS settings, security policies and routing.
Deployed Azure IaaS virtual machines (VMs) and Cloud services (PaaS role instances) into secure
VNets and subnets.
Exposed Virtual machines and cloud services in the VNets to the Internet using Azure External
Load Balancer.
Provided high availability for IaaS VMs and PaaS role instances for access from other services in
the VNet with Azure Internal Load Balancer.
Implemented high availability with Azure Resource Manager deployment models.
Designed Network Security Groups (NSGs) to control inbound and outbound access to network
interfaces (NICs), VMs and subnets.
Setup Azure Virtual Appliances (VMs) to meet security requirements as software based
appliance functions (firewall, WAN optimization and intrusion detections).
Leveraged VNET system routes and underlying route table that holds Local VNet Rules, On-
premise Rules, Internet Rules and IP Forwarding as design basis.
Designed User Defined Routes with custom route tables for specific cases to force tunneling to
the Internet via on premise network and control use of virtual appliances in the customer’s
Azure environment.
Associated routes with VNets via the route table per relationship constraints.
Managed IP Forwarding for VMs and role instances acting as virtual appliances.
Implement stream analytics with azure synapse, azure function app, azure databricks, azure
datalake and azure monitor services for enterprise analytics platform
Implemented ELK, Grafana solutions for Logging, Monitoring of Micro services logs, errors, RTT
and other metrics
Cloud and DevOps Architect, Ericsson, Dallas, Texas Apr 2017 - Dec
2019
Implemented KOPS, KubeSpray tools to provision K8 Cluster and Helm packages to deploy
applications Kubernetes Cluster
Design, Architect, Implement IBM SoftLayer Data center, VMWare migration to AWS and GCP
Design Infra for Smart Data Catalog tool over HDP 2.6, CDH 5.10, EMR and HDInsight’s and
DataProc
Designed and implemented Multinode executor Azkaban workflow scheduler to improve
efficiency
Integrated Atscale with DataLake (Hbase, MySQL, Redshift)
Gluster FS implementation using Consul, Vault and Terraform
Designed, Implemented Ansible Playbooks for Infra creation of GCP DataProc
Integrated Zoomdata and Tableau for Data Visualization to Data Lake
Implemented Data Security and Authz over Data Catalog tools with AD, LDAP and Kerberos
Implemented openshift container platform for microservices architecture of application
Elasticsearch Migration
KMS Implementation and automated key rotation for Server and Client side encryption
Designed apps Using API Gateway, Cloudfront, S3, Lambda, Kinesis, Dynamo and RDS
Config management with Chef and ansible
Lead and implemented Docker Container Implementation with Kubernetes
Administering, Performance tuning of ES 5
AWS EMR migration from Cloudera, Hortonworks Hadoop platform
Implemented Landing zones, cognito, Okta SSO, IAM,
Implemented Github semantic Versioning and fixed tag and auto deploy and rollback issues
ELK and Splunk querying, alerts, dashboarding
Design and Setup Infrastructure for Hortonworks Hadoop platform
Elasticsearch Primary/Secondary cluster configuration in Prod as DR solution
Setup Monitoring of System/App level services with Cloudwatch, Newrelic, Stackdriver,
Prometheus, Sensu and nagios, published all these metrics to grafana
Lead Cloud and DevOps Engineer/Architect, Inside View Technologies, SFO, CA Jun 2015- Aug
2017
Implemented Master AMIs for Application setup in Prod by using of AWS IAM roles, Cloudwatch
monitoring, JAVA stack, Jetty 8, RDS services
Elasticsearch snapshot and validation automation
KMS and AWS IAM roles implementation for application as all environments
Created REST endpoints for microservices using Spring Boot/Java.
Sr DevOps Engineer, Walmart Labs, Sunnyvale, California Sep 2013 - May 2015
Lead the effort from the Cloud/Infrastructure team in setting up infrastructure for different
environments (like Dev, QA, Pre-prod and Production) that meet up the requirements, on metal
and AWS cloud (EC2 and VPC), Proof-of-Concept on VPC. (Subnets, DHCP Option sets etc)
Design and build high available and scalable infrastructure components like app Messaging
(Rabbitmq), Redis high availability, using ELK Cluster on AWS VPC ensuring security compliance
and high uptime.
Automated infrastructure provisioning and code deployments on AWS EC2 and VPC using Chef,
Jenkins jobs and custom bash Built, deployed and managed configuration automation
framework using Chef on EC2 and VPC
Involved in designing and deploying multitude applications utilizing almost all of the AWS stack
(Including EC2, Route53, S3, RDS, Dynamo DB, SNS, SQS, IAM) focusing on high-availability, fault
o tolerance and auto-scaling in AWS Cloud Formation.
Configured AWS IAM and Security Group in Public and Private Subnets in VPC.
Created AWS Route53 to route traffic between different regions.
Designed AWS Cloud Formation templates to create custom sized VPC, subnets, NAT to ensure
Successful deployment of Web applications and database templates.
Implemented automated local user provisioning instances created in AWS cloud.
Setup and build AWS infrastructure various resources, VPC EC2, S3, IAM, EBS, Security Group,
Auto Scaling, and RDS in Cloud Formation JSON templates.
Configuring and Networking of Virtual Private Cloud (VPC) Written Cloud Formation templates
and deployed AWS resources.
Implemented rapid-provisioning and life-cycle management for Linux using Amazon EC2, Chef,
and custom Ruby/Bash, python scripts.
Written Chef Cookbooks for various DB configurations to modularize and optimize end product
Configuration, converting production support scripts to Chef Recipes and AWS server
provisioning using Chef Recipes
Sr DevOps Engineer, JPMorgan Chase, Columbus, Ohio Mar 2011- Sep 2013
Expertise in Enterprise repository management tools like Nexus, Artifactory etc.
Deployment automation for Enterprise Applications to WebSphere, Jboss, Apache, Tomcat with
Rundeck and UDeploy.
Install, Configure, Setup Distributed Mode of Jenkins to handle large Scale Applications
Installed and administer Atlassian tool set including JIRA, Confluence, Fisheye and Crucible.
Written pre-commit, post-commit, post-receive hooks in SVN for Linux environment using shell
Re-structured the development methodology with respect to SVN and proposed best branching
strategies in SVN
Generated Ant, Maven, Perl & UNIX scripts for build activities in QA, Staging and Production env
Worked on the transition project, which involves migration activities from Ant to Maven in order
to standardize the build across all the applications.
Experience in planning, installing, configuring & administering WebSphere Application Server
Experience in SSL Cert (Iplanet certs, IHS certs, WebLogic certs, WebSphere certs, SAN certs etc.)
installing/renewal.
Installing, configure and Patching SVN servers, Responsible for Administration of Collabnet SVN
and Multi Site and Setup the SVN Multisite environment, Responsible for periodic work checks
and backups and Monitor health, disk space and optimize performance.
Implemented rapid-provisioning and life-cycle management for Linux using VMWare, Chef, and
custom Ruby/Bash scripts.
Worked with Chef Environment, Installing Workstation, Bootstrapping Nodes, setting up chef
server, bundling recipes into cookbooks and uploading them to Chef-server.
Integrated Jenkins with tools such as GIT, Bitbucket, Artifactory, Chef to implement CI/CD
pipeline.
Performed SVN to GIT/Bit Bucket migration and managed branching strategies using GIT
workflow. Managed User access control, Triggers, workflows, hooks, security and repository
control in Bitbucket.
Proficient in setting up and configuring Baselines, Branching, Merging, and Backup through GIT
and SVN, Bitbucket.
Managed Jfrog repository for the current project. Have hands on experience with Bitbucket.
Experience in installing and configuring Splunk tool 3.x and 4.x versions on Linux machines.
Middleware/Build and Release/Configuration Engineer, GEICO, Hyderabad Aug 2009- Mar 2011
Migrate SVN repositories to Git and administrate Gitlab to manage Git repositories.
Build and improve the reliability and performance of cloud applications and cloud infrastructure
deployed on Amazon Web Services.
Install and configure Apache, Nginx, Drupal, and WordPress on Ubuntu and Amazon Linux
instances.
Involved in Installing Jenkins on a Linux machine and created a master and slave configuration to
implement multiple parallel builds through a build farm.
Deployed using Admin console into WebLogic Application Servers.
Maintained configuration files for each application for build purpose on different environments.
Used Jenkins to perform automated Builds and Deployments.
Expert in User Management and Plugin Management for Jenkins.
Deployed the applications to Tomcat Application Server and static content to apache web
servers.
Expertise in End-to-End, Build, Release Management process for the various clients using
Jenkins, Ant, Maven, Gradle.
Managed and optimize the Continuous Delivery tools like Jenkins.
Involved in Red hat Linux patching using Repository servers and perform Linux kernel upgrade
on x86 HW.
Good knowledge in virtualization using VMWARE ESX 3.5, 4.0 for Red hat Linux and Solaris x 86
platforms.
Installed and configured Red Hat Linux Kickstart and Solaris jumpstart Servers.
Installing of puppet master, agents, writing manifests and pushing them to agents for
Application deployments as part of CI/CD practices.
Used Puppet to oversee Web Applications, Configuration Files, Data Base, Commands, Users
Mount Points and Packages.
Worked on Installing Puppet master and puppet agents on multiple nodes. Added all the nodes
to master and managed various node groups.
Automated to manage tens of thousands of VMs across multiple cloud platforms using puppet.
Developed a continuous deployment pipeline using Jenkins, puppet, and Ruby/shell scripts
Experience in migration of consumer data from one production server to another production
server over the network with the help of Bash and Perl scripting.
Experience with Linux/UNIX environments and scripting for Build & Release automation.
Knowledge on Perl/Unix/Linux shell scripting. Knowledge of operating system, network, and
compiler concepts.
Experience with build tools Ant and Maven for writing build.xmls and pom.xmls respectively.