Alexander Kem

Our mission is to empower organizations with scalable, secure, and high-performance infrastructure solutions by delivering expert cloud, network, and systems engineering services. We focus on designing and managing resilient architectures that support business continuity, optimize performance, and accelerate digital transformation.

Promotion as the Cloud Engineering Team Lead. I was the product owner for AWS Cloud Infastructure and Hybrid Infrastructure Projects. Worked with the business and vendors to identify and implement new solutions to optimize efficient, secure architecture and data flow. Initiated and implemented new design strategies to comply with FINMA security policies and standards.

• Delivered POC for Terraform modules and CI/CD deployments
• Defined new processes and procedures for change management
• Developed and implemented disaster recovery plans and procedures for cloud infrastuture and resources.
• Defined roles and worked with Head of Security to identify teams accesses and permission sets to various resources
• Facilitated employee growth and career development for Infrastructure Team. AWS Devops Engineer
• Terraform IAC. Rebuilt terraform modules and CICD pipelines for proper code reviews and workflows to deploy new infrastructure
• Created 3 brand new AWS environments in development, staging and production
• Delivered strategy for Disaster Recovery exercises
• Kubernetes management and execution of microservices including Nifi, Grafana and Prometheus monitoring on AWS
• ServiceNow implementation

Managed and implemented new system design architecture following SDLC utilizing AWS with new and existing infrastructure and applications to support the banks internal/external clients, and investors. Ensuring system robustness and scalability, while proactively addressing potential security risks inherent in cloud-based environments.

• Infrastructure migration from on premise to AWS
• Automation with ansible playbooks and terraform workspaces to support applications such as JFrog Artifactory, Infoblox, Perform InvestorTools, Jira, New Relic, Spinnaker, Splunk, Thales Tokenization, Cashview, Jetbrains and VMC.
• High volume of terraform infrastructure as code. From creating new workspaces and modules, coding/building infrastructure to testing and deploying into dev, stage and prod environments through the proper change management channels. 
• Collaboration with multi-cloud teams and vendors to find new solutions and create new designs to help improve efficiency, security and funds with the highest visibility and approvals from all levels of management including the CIO.
• Risk Management and Security
• Budget and Resource Allocation
• Strategic Planning and Execution
• Daily SCRUM meetings to cover days agenda and weekly deliverables
• Biweekly sprint meetings to cover new projects, time reallocation, shift of priorities depending on the mission
• Biweekly meetings to help colleagues find/set individual goals and improvements for midyear and year end reviews
• Exhibiting exceptional proficiency in interpersonal communication
• Actively engaging and fostering positive and productive relationships with colleagues, while effectively navigating cross-functional collaborations towards shared objectives.

Managed several Kinesis Service Team Projects including region builds for Kinesis Firehose, Kinesis Analytics, and AWS Datafeeds Ingestion Hub for multiple commercial and government regions. Platform Infrastructure optimization and solutions.  Expanding services in regions and using automation tools to deploy changes.Developed project plans and workflows for each of these services for internal and global availability to our clients.

• Worked with native AWS tools in compliance with our overall security posture.
• Led team trainings and demos for our Director of Engineering
• Client Engagements with new internal and external customers
• Participated in ATO process for authority to operate new services in regions.
• Worked with services Cloudformation, CloudFront, Cloudwatch, EC2,Kinesis, S3, SQS, SNS, VPC
• Created metrics dashboards for team analytics and operations
• Worked extensively with commercial and government clients on new project plans

• Network and server security, server sizing, configuration and deployment
• Designed ansible playbooks to automate engineering tasks and security checklists for production
• Client Engagements with new internal and external customers
• Participated in ATO process for authority to operate new services in regions.
• Worked with frameworks including Hadoop, MapReduce, Cloudera, and Hive

Oversee the entire JIDO Network Operations consisting of a team of 10 Network/System Engineers. Team Lead Network Engineering in support of the US Army Joint Improvised Threat Defeat Organization.

• Work with other contractors, consultants, and engineers to ensure maximum value is delivered to our client.
• Provide network/system engineering and cyber security services.
• Redhat 7 build, configure, and test for Palantir Servers, Splunk, and Decision Lens.
• Building/deploying docker container images and creating data containers
• Provide tier III incident resolution
• Microsoft Exchange 2007/2013 System Engineer.  Built entire Enterprise Architecture for all 3 Enclaves
• Information Support Server Environment Guard (ISSE) Certification (Solaris 10)
• Secure Systems by implementing STIGS and verifying security with ACAS/Nessus
• Oversee the use and enhancement of industry-leading network and system monitoring systems including Solarwinds, Splunk and SCOM.
• Create and modify Juniper firewall policies
• Automate reporting tasks via PowerShell and Management Shell
• Cisco switch management and configuration/ Port Security/VLAN configuration/Trunk Configuration
• Commvault Enterprise Backup Solutions for most Enterprise applications
• Vmware/Vcenter
• Implementation of F5 Load Balancing to optimize security with applications such as JIRA, Exchange and other clustered applications

• Manage CA and Production Systems that control GSA FPKI data
• Certificate Issuance and Revocation with onsite Security Officer
• Manage scheduled patching: Windows, Linux RHEL and ESXI systems
• VMware administrator
• Update server firmware and software on cisco devices
• Nessus scanning for vulnerabilities
• Perform weekly Information Systems Audits (collect logs for each system in production and certificate authority zone
• Semantec Endpoint Protection Manager, Update antivirus definitions
• Control Equipment in our lab including rack servers, patch panels, cisco and palo alto firewalls, cisco switches, and kvms
• PDVAL and ediscovery for smart cards readers

• Top Secret Clearance Obtained
• Manage Security and IT Infrastructure in DC Office Location
• Raised Security Awareness within the company and conduct training seminars for employeees
• Responsible for indoctrinations and debriefs for employees holding clearances
• Worked with DSS to maintain our level of clearance in accordance with NISPOM during security accreditation
• Installation of patch panels, routers, fiber, coax and perform network and IT operational maintenance
• Build new linux vms for testing
• Mac and Dell certified technician
• PBX, VOIP, CMA Site Engineer
• System Center Configuration Manager, DHCP, DNS, Active Directory

• Provision desktop and laptop computers in response to malware
• Provided safe-boot endpoint encryption to strengthen the security of network devices
• Remote support with the System Management Server (SMS) and LogMeIn Rescue console
• Support for users teleworking with RSA SecureID two factor authentication for access in Citrix XenApp and Cisco AnyConnect VPN Client
• Managed the BlackBerry server and McAfee Enterprise Mobility Management server
• Active Directory Management

• Diagnosed and repaired desktops and laptops
• Monitored and analyzed issues
• Compiled daily reports to show trends in network connectiviity
• Develop mitigation strategies
• Custom reimaging of workstations
• Patching
• Active Directory Management