Andy Scott

Mobile: 07496589430
Email:

Profile

A highly motivated and capable DevOps Consultant with a proven record of accomplishment delivering a customer focused solutions and complex IT projects. Accustomed to working in fast paced and challenging environments whilst delivering exceptional service. Excellent interpersonal skills who is comfortable delivering briefings, presentations and attending high level meetings. Consistently tries to improve efficiency in all areas by contributing to best practise, reviewing procedures and policies within a company. Has a natural aptitude for the IT field with a great ability to embrace new technologies.

Certifications

AWS: Cloud Practitioner

AWS: Sysops Administrator Associate

AWS: Solutions Architect Associate

AWS: Developer Associate

AWS: DevOps Engineer Professional

AWS: Advanced Networking Specialty

AWS: Security Specialty

ITIL: Foundation

Prince2: Foundation

CMI: Level 4 Diploma in leadership and management

CMI: Level 3 certificate in first line management

CompTIA: Networks+

Cisco Meraki: Network Operator

Cisco: Cisco Certified Network Associate

Key Skills

Problem Solving

Exceptional analytical and problem-solving abilities by assessing situations and applying solutions in advance or as they arise.

CI/CD

Practical knowledge and experience of applying agile and devops methodology utilising a vast array of CI/CD toolsets such as Chef, Ansible, Jenkins, Artifactory, Nexus, Docker, GitLab and GitHub. Scripting skills for building infrastructure as code utilising python, ruby and bash.

Operating Systems

In depth knowledge of Installing, configuring and maintaining ESXi 5.5–6.7, Windows 10, Windows 11, Server 2012R2, Server 2016 & 2019, Linux – Redhat, CentOS, Ubuntu and MacOS.

Microsoft Server

Proficient in Windows Server administration including configuring AD, DNS, DHCP, DFS, Group Policy, WSUS, HyperV, Failover Cluster, IIS and print services.

Databases

Understanding of the fundamentals of database technology, including manipulation and basic administration of SQL using various tools such as MySQL workbench, Azure data studio and HeidiSQL.

Networking

Working knowledge of the OSI 7- layer model, TCP/IP and UDP principles, LAN, VLAN, WAN, SD-WAN and VPN technology. Experience with Cisco, HP, Cisco Meraki, Juniper, Palo Alto and Fortinet devices.

AWS

Create IAC using CloudFormation, Terraform or CDK to Deploy and maintain AWS infrastructure including VPC, IAM, EC2, S3, SNS, SQS, RDS, Route53, EBS, IAM, ECS, EFS, Cloudfront and Cloudwatch.

Prioritisation

Excellent ability to prioritise tasks while maintaining a proactive and flexible approach.

Security

Thorough understanding of IT security, data protection and system access control. Including configuring firewalls, maintaining Anti-Virus, management of file access, backup solutions and disk encryption software.

Communication

Effectively communicate complex IT issues to customers, non-technical staff and board members by written or verbal in a clear and concise manner.

Leadership

Mature and well evolved leadership style that encourages employees to push the boundaries and achieve great results as an individual and a team for the benefit of the company, personal progression and satisfaction.

Experience

BJSS Platform Engineer Aug 2022 - Present

  • Assist Software engineers in developing new Serverless functionality using pub/sub with fan out architecture.
  • Create and manage highly available and secure AWS Infrastructure.
  • Design new architecture patterns, create POCs and implement production ready solutions.
  • Operate in an agile environment, attending ceremonies, take an active role in planning and present demonstrations to the wider team.
  • Created a POC for a new ETL solution using AWS CodeBuild and AWS Glue to Facilitate the data team to assess and improve data quality on large amounts of data stored in SQL and NoSQL databases. In 4 weeks took the solution from POC to production implementation. This included IAC to be deployed to 4 environments, Pipelines to deploy and run the new solution.

    Assessed an existing EKS for the upgrade options to a current and supported version, During the assessment it was noted that the components within the cluster were also out of date. Fully documented the current architecture and components in confluence, then took the business case to the PO to build a new EKS cluster in the same blueprint whilst also creating a development cluster. In 6 weeks, the new development and production EKS clusters were implemented. Migrated to EKS managed node groups. Upgraded EKS cluster, Moved to Flux CD V2, utilized EKS managed Add-ons and moved components to Helm charts where possible.

    Identified areas to improve IAM management for AWS Accounts, took this as an opportunity to teach other Platform engineers how to structure repositories, create effective CICD pipelines and also how to write Python code to run in Lambda. Created a new repository containing all application, infrastructure and deployment code. Wrote Terraform to deploy the Lambda function and associated resources, Jenkins File for a generic pipeline to build and test python code and then deploy the terraform. Taught the platform engineers how to use the Moto library to mock out AWS services to create unit tests with 100% code coverage for positive and negative test cases. The solution would assess if a user had rotated their password and access keys within the required period and also if MFA was enabled.

Amazon Web Services Senior Devops Consultant Nov 2020 - Aug 2022

  • Deliver proof-of-concept projects, topical workshops, Architecture designs and lead implementation projects.
  • Focus on key customer solutions such as cloud, web applications, DevOps applications, HPC, batch processing and big data, archiving and disaster recovery.
  • Collaborate across the entire organization to bring access to product and service teams, to get the right solution delivered and drive feature innovation based upon customer needs.
  • Customer facing skills to represent well within the customer’s environment and drive discussions with senior personnel regarding trade-offs, best practices, project management and risk mitigation.
  • Was a founding member of a group with AWS to increase knowledge and skills of Terraform across all areas of the organization. Arranges community calls with Hashicorp, provided assistance to other consultants and solutions architects with any Hashicorp related issues. Created standards, documented best practice and created reusable artefacts to enable the organization.

    Specifically selected to become an AWS Subject Matter Expert (SME) to assist in creating and reviewing content for the AWS DevOps Professional Exam.

    Delivered presentations and POC’s on effective SDLC. Including guidance on local development environment, repository and branching strategies. Explaining the difference between TDD and BDD. Creating CICD pipelines applying the test pyramid throughout the process assure confidence in any deployment in complex multi environment scenarios.

    Delivered immersion days, workshops and supported trouble shooting for AWS Control Tower and Account Factory for Terraform. Assisted customers in deploying secure and scalable AWS Landing Zones.

Capital One Cloud Infrastructure Engineer Apr 2020 - Nov 2020

  • Deliver core infrastructure from code that provides the basis for all business systems.
  • Continue support, maintenance and development of business core systems, enhancing internal customer’s journey to CI/CD.
  • Enhance AWS account design, deployment and validation mechanisms.
  • Design, develop and maintain high quality core infrastructure using principles of high availability, loosely coupled applications and least privilege.
  • Work collaboratively across teams spanning multiple time zones applying agile and DevOps methodology.
  • Redesigned a Jenkins pipeline that was responsible for creating AMIs, created scripts and added stages to the pipeline to generate release documentation on each release including packages and vulnerabilities. Also added stages to automate alerting to the cyber security team for any non-compliance.

    Rewrote and deployed cloud formation templates responsible for creating IAM roles and policies. Ensured all roles and policies were compliant with enterprise level policies and applying IAM best practise of least privilege.

Barbon Insurance IT Infrastructure Manager Dec 2018 - Apr 2020

  • Management for core technical infrastructure services including on premises, AWS and third party contracts to develop and maintain a rolling 3-year technology roadmap, including yearly Opex and Capex budgets.
  • Support effective working practices within the IT infrastructure to deliver business change to time, budget and quality.
  • Proactive management of incidents and problems regarding technology issues providing direction and technical expertise.
  • Support the compliance and regulatory agenda by ensuring all technology, networks, operating systems and other core architectural elements are fit-for-purpose and future proof to adhere to applicable standards (eg PCI-DSS, ISO27001 etc).
  • Responsibility for the technical elements of the DR and BCP plan, management of recovery process on DR invocation to restore BAU.
  • Line management of the Infrastructure Team including coaching and mentoring others whilst serving as a role-model, enabling all team members to remain on the forefront of emerging industry practices, identify opportunities for improvement and make constructive suggestions for change.
  • Develop strong relationships and manage interaction with key stakeholders where appropriate.
  • Manage the implementation of key infrastructure improvement projects.
  • Reviewed current AWS costs created a saving of £72k annually by appropriate sizing of EC2 instances and moving to newer cost-effective instance types, Removed orphaned EBS volumes, deregistered unused/unneeded AMIs and associated snapshots and utilised reserved instances.

    Migrated and decommissioned legacy systems to new supported OS and economical hardware, clearing out the server room that reduced power consumption and reduced the need for addition air cooling. Removed security vulnerabilities posed by unsupported OS and improved performance for end users. Re-patched all server and communications cabinets for ease of work on the physical network infrastructure. Also reduced the break fix contract by 50%.

    Architected and configured the network infrastructure to deploy a new call centre, cloud hosted phone system. Involved configuration of cisco and juniper switches to provide QoS to hard and soft phones and connectivity on a dedicated MPLS circuit, with HSRP for failover.

    Senior engineer and project manager for the successful uplift from windows server 2012 R2 to 2016, Including planning, testing and ongoing support. Increased functional level of domain to 2016, upgraded Hyper-V hosts. Managed third party suppliers to reinstall specific software. Upgrade of iLO and iDrac to latest firmware. Creation of dedicated management vlan.

John Greed Jewellery IT Manager Jun 2018 - Dec 2018

  • Management of IT services and staff within the business. Provide 1st, 2nd and 3rd line support, plan and implement technology projects.
  • Provide maintenance, daily backups and support of physical VMware cluster and virtual servers built on Server 2012R2, 2016, Ubuntu and CentOS.
  • Support Client machines running Mac, Windows 7 & 10 and ChromeOS. Maintain updates, applications including EPOS systems.
  • Identify and project manage upgrades to infrastructure.
  • Maintain system security in accordance with GDPR, Data protection act and PCI DSS.
  • Review and update policies including DR plan and implementation.
  • Identified the need to deploy new antivirus software due to expiry of contract. Conducted software trials to determine the best product to cover Windows, Mac and Linux OS. Providing maximum protection whilst limiting the effect on resources of the host machines and smooth running of current applications across the network.

    Deployed new network equipment as the current ageing Fortinet hardware was struggling with the current LAN and WAN traffic. Configured 3 firewalls, 3 WiFi access points and 10 switches. Provided site to site VPN to link 3 office locations and GCP, client VPN for mobile and home working. VPN Implemented VLAN architecture, transitioned from a flat network to reduce size of the broadcast domain.

    Negotiated new Print Solution, providing standardisation of hardware and support, additional equipment and paper-cut software. With an overall saving of £5,000 over a 5 year term.

    Configured, tested and deployed 3CX Virtual PBX VOIP Telephony solution to replace an ageing Cisco UC560 PBX. Upcycled current Cisco SPA504g handsets with updated firmware and enabled auto provision through DHCP. Hosted the PBX locally on a Debian server with backups stored within Google cloud and the option to host PBX within GCP.

    Purchased and installed new Audio-Visual Teleconferencing Equipment into 3 meeting rooms. Provided facility for 3CX, Google meet, Skype, TeamViewer and other applications to conduct conferences and presentations with remote locations, customers and suppliers.

    Negotiated contract renewal for Break/Fix hardware support, VSphere licence and support and Veeam back-up software support.

    Created new locally hosted IT Helpdesk using Jira ServiceDesk and software installed on an Ubuntu server. Also created a google form and linked sheet for estates work requests. This replaced a solution from FreshDesk saving £4K annually.

Notts Health Informatics Service IT Technician Jan 2018 - Jun 2018

  • Log all incoming calls to the IT Helpdesk professionally and accurately on Manage Engine application. Support all NHS applications and systems to rectify faults and escalate to appropriate department where necessary.
  • Manage Active Directory, create and amend user accounts, security groups and organisational units. Adding machines to the domain. Update group policies, antivirus and window updates on Windows 7 clients.
  • Access user terminals remotely to rectify a variety of technical issues including installing and updating software in support of all NHS systems and applications.
  • Assist with hardware configuration to restore full functionality to Scanners, Printers, Mitel VOIP Phones and other peripherals to avoid a site visit by an engineer where possible.
  • Provide advice and assistance to other team members to resolve technical issues and increase knowledge base within the organisation.
  • Ensure all calls are completed in accordance with the service level agreement maintaining key performance indicator of zero breaches.
  • Identify need for system upgrades or user training to improve efficiency across the organisation.
  • Identified the need to update all IT SOPs for the department, implemented a new file structure and managed the project work to update all documents, including ensuring all software installs were either the most current or relevant versions. Enabling all technicians to be working with the most up to date knowledge and software.

    Provided expert knowledge to system security and user access to all team members to ensure compliance with ISO 27001 certification and upcoming GDPR.

    Improved efficiency of call logging system by updating and creating commonly used request, Email replies and resolutions therefor saving time spent logging relevant information and replying to customers.

British Army - HM Forces IT Manager Jun 2011 - Jan 2018

  • Management of a team of 30 technical staff. Prepared daily workload for staff and co-ordinated the allocation of work. Facilitated training to ensure compliance on all mandated training. Delivered annual appraisals on employee’s performance.
  • Developing infrastructure and systems to meet the company’s needs. Liaise with third party technical specialist for replacement and repair of equipment.
  • Supervise installation and maintenance of Windows based IT systems and software. Provide expert knowledge to resolve technical issues.
  • Conduct audits of inspection and maintenance programmes. Writing documentation for IT SOPs, security and disaster recovery.
  • Produce documents, briefing papers, reports and presentations to senior board members. Provide performance indicators of the department and statistics on the service level agreements.
  • Maintained up to date asset management system including configuration items for quality tracking purposes.
  • Specifically selected to assume the role as project manager for the software upgrade to all Bowman communications equipment in the UK. Liaised with customers and 3rd party suppliers to facilitate the timely upgrade to all communications equipment. Coordinated a team of engineers that conducted the upgrades, logistic support for drop off and pickup services ensuring a constant stream of equipment was passing through the facility to limit disruption to the customers.

    Appointed as Information manager in a high-tempo operational environment, Management of all secure media, systems, documents and high-grade cryptographic items. Ensured zero security breaches in the period as manager and implemented improvements to accounting processes. Utilised McAfee anti-virus and Becrypt disk encryption to maintain system security.

Hobbies

Mountain biking

Hill walking

Rugby union