Emmanuel is available for hire
Hire Emmanuel伊曼纽尔Chebukati
验证专家 in Engineering
DevSecOps工程师和开发人员
Location
内罗毕,内罗毕县,肯尼亚
至今成员总数
2021年9月27日
Emmanuel是一位具有系统审计经验的云安全工程师, App 保护, 安全的云部署. He has delivered sensitive technology projects across the East African region and globally in the public and private sectors. Emmanuel的经验得到了三项微软Azure和两项AWS认证的支持. 他是一名认证道德黑客(CEH). Emmanuel holds an MSc in Information Technology from Carnegie Mellon and a BSc from USIU Africa.
Portfolio
七分析
PHP、Apache2、Linux、Azure、亚马逊虚拟私有云(VPC)、Amazon EC2...
华格纳技术服务
Azure, Office 365, IT安全,Azure SQL, Azure Active Directory,部署...
Rollee
DevOps, Bash, IP网络,Ubuntu, Python, Linux, IT基础设施,代理...
Experience
Availability
Full-time
首选的环境
Apache2, 亚马逊网络服务(AWS), Azure, Cisco, Office 365, GitLab, NGINX, Kubernetes, 关系数据库服务(RDS), Debian
最神奇的...
...thing I've done was transform the bottle-necked physical IT infrastructure of a fintech to a hybrid cloud that was modern, secure, 而且易于管理.
工作经验
|联合创始人云安全工程师
2018年至今
七分析
- 共同创立了公司, 担任董事, 领导三个IT基础设施团队, 并领导客户团队定义和交付解决方案.
- Migrated and rebuilt 24 production VMware virtual machine applications for a client and set up a Kubernetes cluster in a hybrid cloud set up with minimal consumer downtime. 建立安全的远程访问和站点之间的连接.
- Migrated and maintained a Microsoft stack (IIS connected to SQL Server 2008 with multiple subdomains) from a local VM to Azure (App Services with managed databases). 用GitHub和swap为客户端建立一个DevSecOps管道.
- 调查并响应客户托管设施的停机事件. Migrated workloads to the cloud to mitigate the impact and wrote and presented the incident report, 导致我的委托人被判损害赔偿.
- 为二十多个邮箱在客户端域上设置私人电子邮件托管. 将现有的Office 365用户电子邮件地址迁移到新的电子邮件托管设置. 设计了一个电子邮件安全网关解决方案,支持多种云解决方案.
- 识别客户现场过程持续运行的潜在风险. 风险评估阶段涉及识别风险和减轻风险的控制措施, 在制造工厂的销售点进行鉴定后.
- Developed a sturdy Android application that can cope with the complex internet connectivity environment to receive audio reports. 部署一个安全的仪表板来查看、组织、管理和处理案例报告.
- Brainstormed a potential fintech solution for a client and advised on potential challenges and workarounds. Developed and deployed an Android mockup code to demonstrate an initially intended functionality.
技术:PHP、Apache2、Linux、Azure、亚马逊虚拟私有云(VPC)、Amazon EC2, VirtualBox, Kubernetes, OpenVPN, Networking, Office 365, Mail Servers, Python, Classic ASP, Apache, 信息安全, 云安全, VPN, 云架构, AWS云架构, 基于角色的访问控制, Azure Active Directory, Azure密钥库, Azure资源管理器(ARM), 亚马逊网络服务(AWS), DevOps工程师, DevSecOps, Networks, IP Networks, DevOps, Azure DevOps, Docker, Ansible, IT Security, Security, 混合云基础设施, Deployment, 安全策略 & Procedures, 直连(DC), 它操作, On-premise, Architecture, 系统管理, 安全设计
Azure平台工程师
2022 - 2023
华格纳技术服务
- Prepared, documented, and implemented a plan to migrate from bare metal on-premise Windows servers into the Microsoft Azure cloud ecosystem.
- Federated user identities from the on-premise Active Directory to Azure Active Directory using the password hash-sync method with Seamless Single Sign-On.
- Synchronized multiple on-premise SMB file shares to Azure Files via Azure File Sync under a single storage account of one on one share mapping.
技术:蔚蓝的, Office 365, IT安全,Azure SQL, Azure Active Directory,部署, 安全策略 & 程序、IT运营、基础设施即代码(IaC)
高级开发运维工程师
2022 - 2023
Rollee
- Implemented continuous integration and continuous deployment and delivery (CI/CD) in GitLab for 10+ applications. The pipeline was complete with minimal downtime deployments to ensure customer requests were unaffected during production deployments.
- Set up Airflow on Kubernetes with the Kubernetes Executor and migrated it from a VM using the SequentialExecutor. 将数据库迁移到托管数据库, 容器中已安装的依赖项, 并为dag设置CI/CD和git同步.
- Installed Prometheus for infrastructure and database metrics collection to aid business needs. 安装并固定Grafana以可视化收集的指标, 设置警报, 并制作了事故手册.
- 将一个Go应用程序迁移到Kubernetes上工作和运行. 适当地设置服务、部署、PVC、ConfigMaps、secrets和Ingress. Set up a managed database and NFS provisioner on top of the block storage for ReadWriteMany access.
- Researched, recommended, 并在Gitflow之间为公司记录了合适的Git工作流策略, GitHub flow, 和GitLab流程. 该建议在不影响运营的情况下被提出、讨论和采纳. 实现GitOps.
- 实现了Grafana Loki和Promtail作为基础设施和应用程序日志解决方案. This enabled the collection of logs and seamless analysis of application and infrastructure logs.
- Created a CI/CD pipeline for a React and React Native SDK to build and publish to an npm organizational account. 还实现了一个Python应用项目的CI/CD,并在GitLab中支持回滚.
- 在GitLab中实现了带有回滚支持的CI/CD,用于包含三个应用程序的单线程. 管道仅在特定代码库文件夹中反映更改时运行.
- Investigated and identified a shared lock issue on PostgreSQL preventing services from restarting. 问题是没有正确关闭长时间运行的查询, 为了快速解决问题,哪些问题被放在了代码行中.
- Led the company's technical side through a successful ISO 27001 audit by implementing recommendations, 记录决策, 捍卫公司的地位.
技术:DevOps, Bash, IP网络,Ubuntu, Python, Linux, IT基础设施,代理, Prometheus, Grafana, PostgreSQL, GitLab, GitFlow, CI / CD管道, 持续集成(CI), 持续交付(CD), Shell脚本, Deployment, 安全策略 & 程序、IT运营、系统管理、基础设施即代码(IaC)
领英学习导师
2021 - 2023
LinkedIn学习
- 策划了一门关于金融科技安全要素的网络安全课程.
- 为金融科技安全要点的网络安全课程编写脚本.
- 录制关于金融科技安全要素的网络安全课程.
- Planned a 14-video course on cybersecurity essentials highlighting the top 10 most commonly reported vulnerabilities in 2022.
- 为网络安全必备课程编写脚本和准备幻灯片.
- 录制了14个视频的网络安全基本要素课程,每个视频都有演示.
技术:Fintech, 信息安全, Cybersecurity, Amazon S3 (AWS S3), 文件管理系统(DMS), Amazon EC2, 亚马逊虚拟私有云(VPC), 亚马逊网络服务(AWS), VPN, AWS VPN, OpenVPN, Amazon RDS, AWS WAF, Sentry, 亚马逊API网关, Amazon, AWS机密管理器, Ansible, AWS自动扩展, 安全策略 & 程序,讲课
DevSecOps工程师
2022 - 2022
Freelance
- Resolved a burst traffic issue on an Azure Kubernetes服务(AKS) cluster using a HorizontalPodAutoscaler (HPA) and a Cluster Autoscaler.
- Researched and recommended an appropriate cloud-native data volume for Azure Kubernetes Services (AKS) that supports concurrent access across multiple pods and horizontal scalability.
- Architected a cloud-native infrastructure with the Web-Queue-Worker style for a new scalable, secure, resilient, 高可用性应用, 哪个支持多租户客户机.
- Deployed a Web-Queue-Worker sample infrastructure architecture and demonstrated how the client would transition into a big data architecture using Azure Synapse Analytics and other tools.
技术:Kubernetes, Docker, NGINX, MySQL, MariaDB, DevOps, DevSecOps, Azure的功能, Azure Synapse, Azure Kubernetes服务(AKS), Azure Files, Azure Storage, Azure, Kubernetes HPA, Azure容器实例, Azure容器注册表, Azure数据工厂, Azure SQL数据库, Azure Synapse Analytics, Linux, Deployment, 它操作, Architecture, 安全设计
安全培训师
2019 - 2022
e.KRAAL创新中心
- Taught the National Cybersecurity Training Program (NCSTP) third cohort of 20 trainees on cloud security, 具有30多个小时的现场直播, 实际内容, 以及Azure上的9个实践实验室, 5天以上交货.
- Taught the NCSTP first cohort of 40 trainees on critical information infrastructure protection (CIIP), 具有24小时以上的现场直播, 实际内容, 以及AWS上的五个实践实验室, 四天以上交货.
- 每次培训都获得了压倒性的积极评价.
技术:培训, Azure, 亚马逊网络服务(AWS), Ansible, IT Security, Security, 混合云基础设施, 安全策略 & 程序,讲课
系统开发人员
2015 - 2016
自然冲浪系统
- 设计和部署专注于安全性的定制IT基础设施. 这包括通配符SSL证书, 强SSL密码套件, 反向代理和负载平衡器, 远程接入vpn, 以及点对点vpn.
- 带领开发团队连续两个月每周发布一个新特性.
- 通过创建lite将Android应用程序大小从1MB减少到40KB, 能够在入门级智能手机上运行的缩小版.
技术:PHP, Android, MySQL, 逆向工程, Apache2, NGINX, Apache, 信息安全, Java, Linux, 安全策略 & 程序,IT操作,内部部署,系统管理
管理实习生
2015 - 2015
总统数字人才计划
- 更新入境事务处的资讯保安政策.
- 审查内政部网站,并对其重新设计提出建议.
- 作为100名管理培训生的指定代表,带领整个团队.
技术:评论,Web应用程序设计,领导力,团队领导力,安全策略 & Procedures
Experience
HeptaPay
http://heptapay.com通过借记卡或信用卡将钱存入移动钱包的在线代理. 作为集成工程师, I set up the card processing payment gateway and connections to the telecommunications partners; tested these connections for security and performance; and managed the back end, 内部事务监视仪表板, 以及平台的安全性.
2017年肯尼亚总统选举情绪分析
http://uchaguzi.today/肯尼亚于2017年举行了大选. We built Uchaguzi Today to show the trends behind each candidate's popularity and explain (via regular updates) the actions they performed that elicited a positive, neutral, 或者消极反应. 我的工作是建立收集数据的基础设施, 与Twitter API交互以收集tweet, 设计和部署仪表板, 并部署一个Android应用程序来对样本数据集进行分类,以帮助训练模型.
邮件服务器审计
This project was brought about by suspected malpractice on the ICT systems of a tour company—particularly the email system. 公司所有者是项目的拥护者. The purpose of the project was to identify any possibilities of such malpractice on the ICT part, 推荐解决方案, 并在可能的情况下实施解决方案.
This project was carried out in three phases remotely and through three regional trips to the Arusha headquarters:
Phase one involved a forensic analysis of the mail system to identify instances of foul play. 不当行为确实被发现了,证据也被提交给了项目负责人.
Phase two was implementing a solution that migrated the mail server to a secure cloud virtual private server running with encryption and email antivirus and anti-spam mechanisms in place. 这次迁移是无缝地、成功地完成的,对业务的影响最小.
The final phase was the optimization of office ICT systems for both performance and security. 这个阶段进一步涉及邮件服务器的配置,以满足组织的需求, 例如,特定的帐户仅限于内部通信.
总的来说,这个项目取得了巨大的成功.
This project was carried out in three phases remotely and through three regional trips to the Arusha headquarters:
Phase one involved a forensic analysis of the mail system to identify instances of foul play. 不当行为确实被发现了,证据也被提交给了项目负责人.
Phase two was implementing a solution that migrated the mail server to a secure cloud virtual private server running with encryption and email antivirus and anti-spam mechanisms in place. 这次迁移是无缝地、成功地完成的,对业务的影响最小.
The final phase was the optimization of office ICT systems for both performance and security. 这个阶段进一步涉及邮件服务器的配置,以满足组织的需求, 例如,特定的帐户仅限于内部通信.
总的来说,这个项目取得了巨大的成功.
Skills
Tools
VPN, Apache, Azure密钥库, Ansible, NGINX, 亚马逊虚拟私有云(VPC), VirtualBox, OpenVPN, Azure应用服务, Azure Kubernetes服务(AKS), Sentry, Grafana, GitLab
Paradigms
基于角色的访问控制, DevOps, 持续集成(CI), 持续交付(CD), Web应用程序设计, DevSecOps, Azure DevOps
Platforms
Linux, Apache2, Azure, Kubernetes, 亚马逊网络服务(AWS), Android, Docker, Amazon EC2, AWS云计算服务, Azure的功能, Ubuntu, Amazon, Debian
Storage
MySQL, Azure Active Directory, On-premise, Data Centers, 存储区域网络(SAN), MariaDB, Azure SQL数据库, Amazon S3 (AWS S3), PostgreSQL, Azure SQL
行业专业知识
IT安全,安全,网络安全,网络安全
Other
Office 365,混合云基础设施,信息安全,身份 & 访问管理(IAM), 云安全, 云服务, 云存储, Networks, IP Networks, 云架构, CI / CD管道, Deployment, 安全策略 & Procedures, 它操作, Architecture, 系统管理, 基础设施即代码(IaC), 安全设计, AWS认证云从业者, Lecturing, Shell脚本, 直连(DC), Code Auditing, Networking, Cisco, 云计算, 逆向工程, Mail Servers, App 保护, Cloud, Data Security, Applications, Azure管理员, Azure Storage, Azure虚拟机, 多因素认证(MFA), PIM, Azure虚拟网络, Data, 虚拟化, Azure资源管理器(ARM), IT Audits, AWS云架构, Reviews, Leadership, 团队的领导, Training, 业务连续性计划(BCP), 业务连续性, Storage, 电子邮件安全, 数据保护, DevOps工程师, Azure Synapse, Azure Files, Kubernetes HPA, Azure容器实例, Azure容器注册表, Azure数据工厂, Azure Synapse Analytics, Fintech, AWS VPN, Amazon RDS, AWS WAF, 亚马逊API网关, AWS机密管理器, AWS自动扩展, IT基础设施, Proxies, Prometheus, GitFlow, 文件管理系统(DMS), 负载平衡器, Subscriptions, 关系数据库服务(RDS), 安全体系结构, Controls, 安全管理, PCI遵从性
Languages
PHP, Python, Java, JavaScript, Bash
Frameworks
Classic ASP
库/ api
Twitter API
Education
2016 - 2018
信息技术硕士学位
卡内基梅隆大学非洲-基加利,卢旺达,非洲
2012 - 2014
应用计算机技术学士学位
美国国际大学-非洲-内罗毕,肯尼亚,非洲
认证
2023年11月- 2026年11月
AWS认证安全-专业
亚马逊网络服务
2021年6月- 2024年6月
微软认证:Azure安全工程师助理
Microsoft
2020年12月至2026年12月
AWS认证云从业者
AWS
2020年10月至2023年10月
微软Azure管理员助理
Microsoft
2020年8月至今
微软认证:Azure基础
Microsoft
2015年4月至今
Associate - Information Storage and Management Version 2.0
戴尔的技术
2014年11月- 2023年11月
认证道德黑客(CEH)
EC-Council