Cloud and DevOps Engineer

AWS Cloud DevOps lead role with the NHS Covid-19 Home Test Delivery team responsible for the  delivery of covid-19 home test kits via a serverless digital portal . Duties entailed:

• Design, Development and implementation of automation services using AWS Lambda and AWS API to efficiently manage the operations of the portal. This include monitoring stock levels in DynamoDB tables to trigger the opening and closure of the portal by manipulating CloudFront, API gateway usage plans , WAF, Secrets Manager and Slack.
• Design, Development and implementation of monitoring and reporting services using AWS Lambda, AWS API, Kinesis Firehose, S3, CloudWatch, Glue, Athena, SPICE , QuickSight, SQS, Amazon MWS API , Secrets Manager and Slack.
• Design, Development and implementation of alerting services using AWS Lambda, CloudWatch, SNS and Slack.
• Design, Development and implementation of Amazon shipment and delivery tracking of covid-19 home test kits using SQS, Amazon MWS API, Lambda and S3.
• Develop Lambda functions using node.js and python. 
• Provision new and Maintain existing infrastructure resources in AWS using Serverless Framework, Cloudformation, AWS CLI and SDKs.
• Provide infrastructure support for AWS resources including Lambda, API Gateway, CloudFront, IAM, Cognito, ACM, Secretes Manger, Route 53, S3, SQS, SNS, SES, SSM, Athena, Glue, DynamoDB, Kinesis, CloudTrail, CloudWatch, WAF, Shield, Amplify, Code pipeline in development, test and production environments.
• Technologies: AWS, Cloudformation, Serverless Framework, Azure DevOps, JIRA, Confluence, Git, Bash Shell, node.js, Python, JSON, JQ, React and Splunk.

AWS Cloud DevOps engineer role with the Global Cloud Services AWS platform team which is responsible for the Adoption of AWS to enhance HSBC’s ability to leverage latest technologies, to work and deliver at pace, and to build applications and services for customers at an unprecedented scale by: Defining and building the global AWS service catalogue that enables application teams across the bank to leverage Cloud services, Providing robust solutions based on the banks internal audit, compliance and security needs, in conjunction with industry best practices, Ensuring HSBC’s use of AWS is secure and compliant with HSBC’s Group standards and policies across technology, security and broader governance, Building toolkits that enable teams to leverage AWS services in self-service secure and compliant manner, Providing architectural and cloud engineering support to global project teams, Assuring, tracking and supporting solutions developed by other teams, and making them re-usable for others. Duties entailed:

• Contribute to the security controls in place that ensure the security of HSBC’s assets that evolve continually with AWS improvements and evolving project needs based on HSBC’s AWS Security patterns
• Build and Automate tooling and services that help many projects in more than 200 AWS accounts to build services in a secure and efficient way.
• Develop robust artefacts including code modules that help project teams to get their security profiles right before any infrastructure is built.
• Write technical documentation to guide project teams utilise the shared services developed by the Global Cloud Services. 
• Provide first line support for AWS services in development, pre-production and production accounts 
• Provision new and Maintain existing infrastructure resources in AWS using Terraform, Cloud-formation, AWS CLI and SDKs.
• Provide infrastructure support for AWS resources including DirectConnect, Organisation, IAM,  ACM, VPC, EC2 , Auto-Scaling, Lambda, API Gateway, Route 53, S3, RDS, SQS, SNS, SES, SSM, Athena, DynamoDB, Kinesis, CloudTrail, CloudWatch, GuardDuty, Config, Inspector, Trusted Advisor, Sidecar Proxy in development, test and production environments.
• Provide support, maintenance, provisioning and scanning of HSBC standard Windows, RedHat and Amazon Linux base AMIs
• Provide Mentoring and coaching to HSBC application DevOps teams with AWS infrastructure and tools
• Technologies: AWS, Terraform, Ansible, Serverless, Jenkins, JIRA, Confluence, Enterprise Git, Nexus, Bash Shell, Python, JSON, JQ, docker, Splunk, Qradar, Alert API and XMatters.

This role involved working co-operatively and in consultation with a number of business stakeholders including the Member Services, International, Music Reporting, Distribution and a close relationship with other parts of the IT department. AWS/DevOps Engineer role providing DevOps services including CI/CD & automated environment builds with configuration management to enable PPL to build new systems and ensure the development lifecycle is as efficient as possible.  Duties entailed:

• Automation of the delivery pipeline using Ansible, Jira, BitBucket (Git), Jenkins, Nexus, AWS Cloudformation, Gitflow, Maven and branching patterns
• Scripting in JSON, Linux/BASH, YAML, Groovy, Jq & Python
• Configuration Management using Ansible supporting over 80 AWS EC2 instances in development, test and production environments
• Provision new and Maintain existing infrastructure resources in AWS using Cloudformation
• System administration of Linux and Windows including backup and patching services
• Integrate Linux and Windows systems with Active Directory services using Open PBIS
• Provide infrastructure support for AWS resources including IAM, VPC, EC2 , EC2 container services (docker), Lambda, step function, API Gateway, Route 53, S3, RDS, SQS, SNS,  SES, SSM, EMR, Elasticsearch and CloudWatch in Development, Test and Production environments.
• Provide AWS account management and cost saving strategies
• Provide Mentoring and coaching to PPL Developers with AWS infrastructure and tools
• Technologies: Ansible, AWS, Microservices, Serverless, Jenkins, JIRA, BItBuket (GIT), Nexus, Bash Shell, Python, JSON, Groovy, JQ, docker, NGINX, Apache Airflow ,Tomcat, Nexus , SonarQube and Sumo-logic.

DirectLine group had adopted AWS cloud services to build out Strategic Claims Online and Fraud Analytics capabilities. These were run as two projects which are working together to provide the common cloud foundation requirements. AWS Build/DevOps engineer role responsible for delivering fully automated infrastructure as code on Amazon Web Services, Duties entailed:

• Working closely with Amazon Web Services Consultants, DLG Networking, Business solutions Security architects and Third party vendors to design and deliver a secure cloud solution for the foundation layer, Strategic Claims online and Fraud Analytics projects.
• Designed and deployed re-usable Terraform templates for provisioning Virtual Private Cloud, Private and Public Subnets, Routes and Route Tables, Security Groups and NACLs, Internet and Virtual Private Gateways, VPC Peering, Elastic load balancers, Route 53 DNS, EC2 instances, Launch configurations and Auto-`scaling, S3 data storage and  IAM
• Implemented Amazon Machine Image baking processes for base OS, Middleware and Applications using Hashicorp packer. Security hardening of RedHat Enterprise Linux AMI’s 
• Implemented bootstrapping and configuration changes to application instances using provisioning tools. 
• Implementation of AWS IAM, Single-Sign-On and VPC peering for inter and Intra AWS accounts
• Implementing DNS service using AWS Route 53.
• Implemented VPN tunnels between on premise data centre and several AWS VPCs in collaboration with DLG’s on premise Networking team.
• Implemented and deployed Foundation tools on EC2 instances on Linux and Windows platforms: Jenkins, Nexus, SVN, Fortinet FortiGate VM, Bluecoat ProxySG, Qualys, RSA Analytics, Active Directory Domain controller, CyberArk.
• Implemented and deployed Fraud Analytics tools on EC2 instances: R, SAS , and SFTP
• Implementation of an automated data transfer from on premise data centre into AWS Data Lake. 
• Implemented and deployed EC2 instance Patch management for Red Hat Linux and Windows
• Implemented an automated nightly EBS snapshot backups of EC2 instances using Cloudformation, Lambda, Cloud watch and DynamoDB     
• Implementing an automated Disaster Recovery in AWS
• Delivered various technical and process documentation : Detailed Level Design (DLD) Security, Functional Testing and Service transition documents
• Liaise with Live Services and Information Security teams to transition the project into BAU/production 
• Provided training and Mentoring to BAU/production support staff.    
• Technologies: Terraform, Cloud Formation, Packer, Jenkins, Subversions, Nexus, Lambda, Bash Shell, Python, Node.js, AWS CLI.