Architecture design for migrating on-prem application to AWS Cloud for Bloomberg Tax Technology

• Design the overall architecture that leverage ECK for Apache Spark with API Gateway, Kinesis, SQS, Lambda, S3 and other AWS native service for Bloomberg online tax system
• The resulted architecture improves the performance of tax report from 18 hours to minutes

Design and implement CI/CD pipeline with Green/Blue and Canary deployment

Work within an AWS consulting team to define and implement security guardrails for Citi Group

• Review 100+ security auto-detection and auto-remediation guardrail rules
• Design security guardrail patterns with almost all whitelisted AWS services (e.g., CloudWatch, CloudTrail, Lambda, Config, CloudFormation, KMS, CMK, SSM, SNS, SQS, EKS, IAM, EC2, ELB, VPC, WAF, etc.)

Implement the guardrails using Python Boto3, with CI/CD pipeline of Sceptre, cfn_nag, awspec, pyunit, Pylint

Implemented security tooling and automation an AWS PaaS for Pearson

• Implemented a Python serverless security tooling with AWS services, including Lambda, S3, DynamoDB, CloudWatch, SNS, SQS, SSM, API gateway
• Implemented Jenkins and Gitlab CI/CD pipeline with Checkmarx, AppSpider, BlackDuck, Qualys, and Sonar

Built Gitlab CI/CD pipeline runner Docker images for security scanners

Built the application security program from scratch for Delta Dental

• Leveraged AWS services and third-party security tools to design hybrid Cloud security architecture
• Designed the overall AWS security logging and monitoring solution

Implemented security automation for security log analysis using Splunk and Python