jarredhunter.com

Resume

Senior Security Platform Engineer



Jarred Hunter

Technologies and Languages

Languages & Scripting:                         Python, Go, Groovy, Bash, Powershell

AWS Services:                                           EC2, EKS, ECS, ECR, VPC, Lambda, S3, RDS, IAM, SSM, CloudFormation, MSK, CDK, SDK, CLI, Route53, Athena, PrivateLink, Secrets Manager, AMP, SQS, CodeBuild, CodePipeline, FIS

Cloud Providers:                                      AWS, GCP

Containerization/Orchestration:  EKS, ECS, Docker, Helm, ArgoCD, Linkerd, KEDA, Karpenter, Velero, vCluster, Rancher

Automation & IaC:                                  Terraform, Terragrunt, Crossplane, AWS CloudFormation, Pulumi, Ansible

CI/CD Tooling:                                          GitHub Actions, Gitlab CI/CD, Jenkins, Azure DevOps, Artifactory, Bitbucket, Git

Observability:                                           Datadog, CloudWatch, Prometheus / Grafana, OpenTelemetry (AWS ADOT), Fluentbit, New Relic

Security & Compliance:                        Prisma, Threat Model,SonarQube, SIEM,Synk, Checkmarx, Vault, Consul, PCI, SOC2, SOX, OCSF

Data:                                                             Snowflake, Databricks, Kafka, Redpanda, Starrocks, MongoDB, MySQL, PostgreSQL, RDS, MS SQL 

Operating Systems:                                Linux/Ubuntu/CentOS

Agile Tooling:                                            Atlassian Jira & Confluence

Work Experience

Senior Security Platform Engineer (Lead)                                                                                Oct 2023 – Present

PRIVATE                                         

Lead Platform Engineer with a proven track record in building and refining platform capabilities and internal tooling to ensure resilience and operational effectiveness. Adept at owning the design and development of streamlined internal tools, engaging cross team stakeholders to drive continuous improvement, optimizing platform performance, and enhancing overall engineering efficiency and reliability.

  • Architected and owned the 3‑year platform roadmap with the strategy transforming an existing monolithic app stack into a component based, microservice platform deployed via CI/CD and state managed with ArgoCD. Collaborated with product, security, and engineering leadership to prioritize initiatives, define deliverables, and track strategic metrics.
  • Mentored and led a cohort of 5+ platform engineers in a globally distributed team, facilitating daily stand‑ups; scoped epics and assigned tasks during sprint planning; and developed and tracked annual KPIs to measure team performance and drive continuous improvement.
  • Designed and implemented a multi-stage CI/CD pipeline with GitHub Actions, automating AWS EKS cluster provisioning and reducing deployment times by 30%. All pipelines integrated SAST scans (SonarQube/Checkmarx) on codebase/builds and SCA (Synk) for image and container builds.
  • Leads Platform Threat Modeling initiatives, identifying vulnerabilities and implementing strategic security measures
  • Performs detailed assessments of scan outputs to identify critical vulnerabilities, prioritizing issues based on risk and potential impact to the platform.
  • Develops comprehensive risk reports outlining remediation progress and critical item evaluation, providing clear metrics and recommendations to stakeholders.
  • Integrated a policy-as-code framework using Open Policy Agent (OPA) with custom policies into CI/CD workflows, automating compliance and security checks for consistent AWS EKS configurations and reduce manual oversight.
  • Designed, deployed and management of a multi‑AZ AWS VPC segmented into public, private, and database subnets using Terraform modules, enforcing granular network isolation and least‑privilege routing to reduce blast radius and enhance security posture.
  • Implemented Linkerd service mesh to secure inter-service communications and improve observability and traffic management across microservices.
  • Implemented ArgoCD for streamlined GitOps workflows, adopting a component-based deployment strategy to enable configurable service meshes across tenant-specific Kubernetes clusters, ensuring scalability, maintainability, and automation.
  • Developed custom Helm charts and introduced a versioning strategy to streamline deployment management, ensuring controlled, repeatable, and scalable releases across Kubernetes clusters.
  • Designed, developed and deployed Datadog monitoring solutions to the infrastructure. Deployment included custom dashboards, baseline metrics, complex queries, alerting, and workflow automation triggered via alerting which all served to enable proactive performance optimization, rapid incident resolution, and effective capacity planning across distributed, high-scale platform environments.
  • Enhanced observability after implementing AWS Distro for OpenTelemetry, achieving a 40% reduction in debugging time through improved logging and metrics integration.
  • Deployed vCluster for multi-tenant development environments—integrated with GitHub Actions to enable on-demand, lightweight, and isolated clusters—significantly reducing operational overhead and accelerating testing.
  • Designed and implemented cost-efficient auto-scaling strategies using Karpenter, optimizing resource allocation and reducing infrastructure costs by 35%.
  • Enhanced the scalability and resiliency of the application Platform by integrating Event Driven Autoscaling (KEDA).
  • Expanded data resource ingestion by designing and deploying Kafka MSK and Redpanda into the platform.
  • Designed and implemented a comprehensive disaster recovery strategy leveraging Velero for cluster backup and restoration, ensuring high availability and SOC2-compliant data protection. Monitored DR readiness through custom reporting/alerting & scheduled workflows, maintaining 100% recovery compliance.
  • Designed and implemented a secure AWS PrivateLink architecture for Snowflake using Terraform and AWS Route 53, enabling direct, private connectivity to Snowflake’s infra that enhanced data security and network performance.

 

Senior DevOps Engineer (Lead)                                                                                        May 2022 – April 2023           

PRIVATE                                                                                     

  • Kubernetes & Microservices: Architected and monitored containerized workloads on AWS EKS using Helm, CodePipeline and GitHub Actions to deliver zero‑downtime deployments.
  • Infrastructure as Code: Built and maintained Terraform/Terragrunt and CloudFormation stacks (60+ AWS accounts), automated RDS (MySQL/PostgreSQL) provisioning, AWS SSO role management, and developed Python‑powered Ansible playbooks for repeatable deployments.
  • Cloud Migration & Cost Optimization: Led multiple on‑prem→AWS migration projects—leveraging Snowball, S3 Transfer Acceleration, and DMS—to reduce hosting spend by 45%, saving $450K+ annually.
  • Observability & Security: Deployed end‑to‑end monitoring (Prometheus, Grafana, New Relic, Sumo Logic, Azure Monitor); administered Keycloak/OIDC and Vault for IAM; automated AWS access‑key rotation via Lambda; and integrated CrowdStrike endpoint protection.
  • Leadership & Incident Management: Mentored junior engineers, coordinated Agile sprints and on‑call rotations, and served as primary escalation point for Kubernetes, networking, and application incidents—ensuring rapid triage.

 

Senior DevOps Engineer                                                                                                            Dec 2021 – 2022

PRIVATE                                                     

  • AWS Optimization & High Availability: Maintained 99.9% platform uptime for 15K+ concurrent usersby automating RDS provisioning (Jenkins/Terraform) and optimizing CI/CD pipelines.
  • Container Security & Microservices: Hardened container security by deploying with Docker/Kaniko and integrating Artifactory Xray vulnerability scans—eliminated need for root‑level Docker daemon access.
  • IaC: Built and maintained AWS infrastructure across multiple AWS accounts leveraging Terraform and Ansible.
  • Monitoring & Security Integration: Reduced incident response time by 35% through centralized observability (Prometheus, Grafana, Datadog, Sumo Logic, AWS SSM).
  • Leadership: Mentored junior engineers, managed on‑call rotations, and served as primary escalation point for Kubernetes, networking, and application incidents.

 

Senior DevOps Engineer                                                                                         March 2021 – November 2021

PRIVATE                                        

  • AWS EKS Migration & Kubernetes Orchestration: Led the transition from both bare-metal and standalone Kubernetes clusters to AWS EKS, improving scalability and reducing operational complexity & downtime.
  • Infrastructure as Code & CI/CD: Provisioned and managed AWS resources (EC2, S3, EBS/EFS, Security Groups, Route 53, RDS, ALB/NLB) using Terraform, Terragrunt, and CloudFormation.
  • Secure VPN & Data Exchange: Established tunnel-to-tunnel VPNs (StrongSwan) for PHI-based ML/AI data transfer, automating VPN setup processes via Ansible and AWS Systems Manager. Served as an Infrastructure Touchpoint Engineer for external clients, ensuring encryption best practices and seamless data ingestion.
  • Observability & Reliability: Utilized Datadog and Nagios, Rundeck to automate alert remediation.
  • Automation & Platform Enhancements: Built an IaC-backed patching solution with AWS Systems Manager and GitLab CI/CD. Coordinated tasks in Jira, ensuring timely task delivery and cross-functional collaboration.

 

SysOps Administrator III                                                                                                  Oct 2019 – March 2021               

PRIVATE                                                                                   

  • Enterprise AWS Architecture & Migration: Engineered and maintained a multi-account AWS environment with six environments, 20 AWS accounts, and 2,600+ Linux/Windows instances. Led on-premises-to-cloud migrations using CloudEndure, minimizing downtime and ensuring seamless transitions.
  • Infrastructure as Code & CI/CD: Leveraged Jenkins (Groovy pipelines), Ansible, Terraform, and CloudFormation to automate provisioning, deployments, and configuration management across environments.
  • Monitoring, Troubleshooting & Security: Utilized Prometheus/Grafana for observability and maintained PCI, SOX, and SOC 2 compliance with robust security controls.

 

Systems Analyst III                                                                                                                 June 2018 – Oct 2019

PRIVATE                                                                         

  • Linux Administration & Automation: Installed, configured, and administered RHEL/CentOS systems; set up and troubleshot network services (FTP, Telnet, SSH), managed Linux repositories, and automated data migrations.
  • Configuration Management & CI/CD: Designed/deployed/administered high powered compute nodes via IaC.
  • Monitoring & Automation: Utilized SolarWinds, CloudWatch, and Splunk for comprehensive observability.
  • Developed ServiceNow API calls to automate Active Directory tasks, and scripting to streamline O365 functions.

 

Systems Architect                                                                                                                Sept 2015 – June 2018                                  

PRIVATE                  

  • Teamcenter PLM & Windows/SQL Administration: Primary architect for Siemens Teamcenter, leading enterprise-wide PLM software upgrades, hardware provisioning, and licensing deployments to ensure optimal performance.

Education and Certifications

  • B.Sc. Management of Information Systems University of Alabama-Birmingham                                       
  • B.Sc. Business Administration, University of Alabama-Birmingham

References available

Close up photo of white flowers on a grey background