$$$$
{{ $t($store.state.user.experience_value_in_dollars) }}
Expert
{{ $t($store.state.user.experience_search_name) }}
0
jobs
Cloud Automation Specialist
Gareth Coffey
,
tonbridge, United Kingdom
Experience
Other titles
Skills
I'm offering
I create fully automated solutions for Infrastructure creation & management in AWS & Azure, using Ansible & Terraform.
When I'm involved in a project I have an ability to understand all of the intricacies and relationships between application components. I provide my clients with recommendations on how to secure and improve on any issues that I identify. Clients often remark that they wish I would work for them permanently, as they see the quality & value in the services that I provide.
My most recent project - building a Bank from the ground-up.
Using my knowledge and experience in Financial Services, I provided the Bank with critical details they needed to ensure their Infrastructure & Application services are secured to a high standard. My schedule of work encompassed setting up a DevOps function...
- Automating the creation of Terraform resources and methods for deployment
- Deployment of CICD tooling
- Security hardening Windows & Linux images
- Documenting all CICD processes
- Training and guiding Developments & other IT staff
- Defining the network topology in Azure
- Automating the deployment of applications & services
- Deployment & configuration of Identity & Access Management (PingIdentity)
- Providing guidance to Developers, Architects & Senior Management on how to implement OAuth & OpenId Connect for customer Registration, Authentication & Authorization
This list is by no means exhaustive - through my past experiences I have picked up a number of skills across various job functions, and so I provide my clients with a well-rounded knowledge of multiple disciplines.
When I'm involved in a project I have an ability to understand all of the intricacies and relationships between application components. I provide my clients with recommendations on how to secure and improve on any issues that I identify. Clients often remark that they wish I would work for them permanently, as they see the quality & value in the services that I provide.
My most recent project - building a Bank from the ground-up.
Using my knowledge and experience in Financial Services, I provided the Bank with critical details they needed to ensure their Infrastructure & Application services are secured to a high standard. My schedule of work encompassed setting up a DevOps function...
- Automating the creation of Terraform resources and methods for deployment
- Deployment of CICD tooling
- Security hardening Windows & Linux images
- Documenting all CICD processes
- Training and guiding Developments & other IT staff
- Defining the network topology in Azure
- Automating the deployment of applications & services
- Deployment & configuration of Identity & Access Management (PingIdentity)
- Providing guidance to Developers, Architects & Senior Management on how to implement OAuth & OpenId Connect for customer Registration, Authentication & Authorization
This list is by no means exhaustive - through my past experiences I have picked up a number of skills across various job functions, and so I provide my clients with a well-rounded knowledge of multiple disciplines.
Markets
United Kingdom
Links for more
Once you have created a company account and a job, you can access the profiles links.
Language
English
Fluently
Ready for
Larger project
Ongoing relation / part-time
Available
My experience
2018 - ?
freelance
Azure Cloud Consultant, CICD, Ansible Automation & Security Hardening
Allica Bank.
This was a Greenfield project, the Bank had decided on the Cloud platform but required expertise to automate the build and deployment of infrastructure & application components as and when required.
I wrote a solution to simplify the process of defining new environments using YAML and Terraform templates - using Ansible to orchestrate the creation of Terraform resource files.
I advised the team on security controls that should be implemented to ensure infrastructure is hardened.
I implemented CICD tooling to assist the Development teams in build & deployment tasks.
I provided advice and guidance to Developers, Architects & Senior Management on how to implement OAuth & OpenId for customer registration, authentication & authorisation.
I provided documentation for Developers & Support staff to ensure they had a thorough understanding of the processes.
I wrote a solution to simplify the process of defining new environments using YAML and Terraform templates - using Ansible to orchestrate the creation of Terraform resource files.
I advised the team on security controls that should be implemented to ensure infrastructure is hardened.
I implemented CICD tooling to assist the Development teams in build & deployment tasks.
I provided advice and guidance to Developers, Architects & Senior Management on how to implement OAuth & OpenId for customer registration, authentication & authorisation.
I provided documentation for Developers & Support staff to ensure they had a thorough understanding of the processes.
Linux, Mulesoft, Azure, Azure SQL, Azure Active Directory, Terraform, Ansible, ReactJs, Azure DevOps, Gitlab
2017 - 2018
freelance
AWS Cloud Consultant, Ansible Automation & Identity and Access Management
Open Banking.
A Greenfield project, supporting the Open Banking Implementation Entity to implement a Directory of Open Banking participants. Through which Third Parties, Banks and Payment Providers can register and provide / consume API services, adhering to the OB API specifications.
Providing AWS & Ansible expertise to deploy and configure multiple environments.
- Wrote a full suite of Ansible playbooks and roles to handle the automated provisioning of AWS components and Open Banking Directory services, covering the full Ping Identity stack.
- Wrote a series of Ansible roles to execute security hardening tasks, based on CIS benchmarks, against all EC2 instance builds.
- Integration with Jenkins, including promotions & pipelines, to provide a deployment path for new environment build out.
- Wrote a suite of bash scripts to integrate with PingFederate and PingAccess APIs.
- Managed and supported the roll out of new environment builds, ensuring delivery before key milestone dates.
- Provided 3rd-line support to aid Banks & Third Party Providers in the use of the Open Banking Directory and supporting services
- Supported Developers and Data Architects in troubleshooting integration with SCIM and other services.
- Trained new engineers how to deploy, configure and use the Ping Identity stack.
- Automated the deployment and configuration of AWS CloudHSM
- Automated deployment and configuration of PingAccess, PingFederate, PingDataGovernance & PingDirectory
- Integration with core AWS services including KMS, S3, VPN, CloudWatch, Route53, ECS, ECR, EC2, ELB, IAM, SSM, SQS & SNS
Providing AWS & Ansible expertise to deploy and configure multiple environments.
- Wrote a full suite of Ansible playbooks and roles to handle the automated provisioning of AWS components and Open Banking Directory services, covering the full Ping Identity stack.
- Wrote a series of Ansible roles to execute security hardening tasks, based on CIS benchmarks, against all EC2 instance builds.
- Integration with Jenkins, including promotions & pipelines, to provide a deployment path for new environment build out.
- Wrote a suite of bash scripts to integrate with PingFederate and PingAccess APIs.
- Managed and supported the roll out of new environment builds, ensuring delivery before key milestone dates.
- Provided 3rd-line support to aid Banks & Third Party Providers in the use of the Open Banking Directory and supporting services
- Supported Developers and Data Architects in troubleshooting integration with SCIM and other services.
- Trained new engineers how to deploy, configure and use the Ping Identity stack.
- Automated the deployment and configuration of AWS CloudHSM
- Automated deployment and configuration of PingAccess, PingFederate, PingDataGovernance & PingDirectory
- Integration with core AWS services including KMS, S3, VPN, CloudWatch, Route53, ECS, ECR, EC2, ELB, IAM, SSM, SQS & SNS
Linux, AWS, Ping identity, Ansible, Jenkins, Cloudhsm
2016 - 2016
freelance
AWS Cloud Consultant & Ansible Automation
Deloitte Digital.
I worked on a project for a leading retailer, on a fairly Greenfield project.
Providing AWS & Ansible expertise, to automate the deployment of Infrastructure and application configuration.
Producing technical documentation and hand-over / demos to the wider DevOps team.
Providing AWS & Ansible expertise, to automate the deployment of Infrastructure and application configuration.
Producing technical documentation and hand-over / demos to the wider DevOps team.
Linux, Ansible, AWS, ForgeRock, Automation
2015 - 2016
freelance
DevOps Engineer
Hotels.com / Expedia.
Deployed Ansible Tower, Rundeck & Semaphore, as a POC, to determine which products would be most compatible with existing Ansible playbooks.
Providing application & server support across development & production environments
- Conducting in-depth analysis for application & server issues
- Supporting the deployment of in-house applications across all environments
- Providing analysis of the existing deployment process and providing improvements to reduce deployment time
- Re-factored an in-house ruby app to enable SEO staff to submit Apache rewrite rules presented in a user-friendly interface, this was configured to run in a Docker container
- Configuration management & application deployment using Ansible
- Identifying application capacity & security issues and providing solutions to remedy
Providing application & server support across development & production environments
- Conducting in-depth analysis for application & server issues
- Supporting the deployment of in-house applications across all environments
- Providing analysis of the existing deployment process and providing improvements to reduce deployment time
- Re-factored an in-house ruby app to enable SEO staff to submit Apache rewrite rules presented in a user-friendly interface, this was configured to run in a Docker container
- Configuration management & application deployment using Ansible
- Identifying application capacity & security issues and providing solutions to remedy
Linux, Ansible, Docker, Rundeck, Ansible tower, Semaphore, Cicd
2014 - 2015
freelance
Hybrid Cloud, CICD & Security Hardening
Sage Pay.
To enable Sage Pay to create repeatable server & application deployments, I created a solution using Ansible. Environments are defined in the context of objects, in variable files, and can represent an entire AWS VPC deployment.
The solution enables Sage Pay to deploy servers in AWS & their existing VMWare environment.
To ensure the servers being deployed are compliant to PCI-DSS, I wrote Ansible playbooks to handle the hardening of base server templates.
I delivered a number of solutions for Sage Pay, using Ansible, such as an API written in NodeJS to allow the trigger of Ansible playbooks against a Desktop client (after a Ubuntu net install). Developers required a Linux Desktop and as such there was a requirement to ensure they are hardened to conform with PCI-DSS standards.
I also created a solution to automate the deployment of application packages from Sage Pay's build environment through to Production. This involved integration with Jira, for change control, and implementing a hash check mechanism to ensure package integrity at each stage of deployment.
The solution enables Sage Pay to deploy servers in AWS & their existing VMWare environment.
To ensure the servers being deployed are compliant to PCI-DSS, I wrote Ansible playbooks to handle the hardening of base server templates.
I delivered a number of solutions for Sage Pay, using Ansible, such as an API written in NodeJS to allow the trigger of Ansible playbooks against a Desktop client (after a Ubuntu net install). Developers required a Linux Desktop and as such there was a requirement to ensure they are hardened to conform with PCI-DSS standards.
I also created a solution to automate the deployment of application packages from Sage Pay's build environment through to Production. This involved integration with Jira, for change control, and implementing a hash check mechanism to ensure package integrity at each stage of deployment.
Linux, Jenkins, Cyber Security, AWS, VMware, Ansible, Jira
2014 - 2014
freelance
AWS Environment build & Logging solutions
Nektan.
I created Ansible code to enable the complete deployment of application & data stacks in AWS. A full automated stack deployment was available within 10 minutes.
I also designed & deployed a scale-able log management solution using Elasticsearch, Logstash, Kibana & ActiveMQ. By tuning the configuration to fit the business logging requirement, the solution is capable of processing and storing 1million+ log events per day.
I also designed & deployed a scale-able log management solution using Elasticsearch, Logstash, Kibana & ActiveMQ. By tuning the configuration to fit the business logging requirement, the solution is capable of processing and storing 1million+ log events per day.
Linux, AWS, Ansible, Elk, Logstash, Kibana, ActiveMQ
2014 - 2014
freelance
DevOps Engineer - Sky Go / Now TV - VOD Platform
Sky.
I was involved in numerous projects providing support and development of solutions for the VOD platform.
I worked through Sky's existing collection of Chef recipes & cookbooks and converted these to Ansible playbooks & roles. To simplify the process of defining and deployment new environments to AWS, I used YAML to define environments in their simplest form and then processed these through Jinja templates using Ansible to orchestrate.
Utilizing Ansible & AWS, I provided deployment and management of instances as well as the installation and configuration of various applications such as NodeJS, Java, Cassandra, Hazelcast & Nginx.
To provide continuous integration, I built a series of pipelines in Jenkins to enable automated build, test (Selenium) and deployment.
To improve infrastructure and application monitoring I was the technical contact for the integration of several third party products including Boundary & AppDynamics.
I worked through Sky's existing collection of Chef recipes & cookbooks and converted these to Ansible playbooks & roles. To simplify the process of defining and deployment new environments to AWS, I used YAML to define environments in their simplest form and then processed these through Jinja templates using Ansible to orchestrate.
Utilizing Ansible & AWS, I provided deployment and management of instances as well as the installation and configuration of various applications such as NodeJS, Java, Cassandra, Hazelcast & Nginx.
To provide continuous integration, I built a series of pipelines in Jenkins to enable automated build, test (Selenium) and deployment.
To improve infrastructure and application monitoring I was the technical contact for the integration of several third party products including Boundary & AppDynamics.
Linux, Cloud, AWS, Cassandra, AppDynamics, Ansible, Jenkins, DevOps, NodeJS
2013 - 2013
freelance
DevOps Engineer
Sky Betting & Gaming.
Providing day-to-day application support for a range of technologies including LAMP, Mongo, Redis & NodeJS. Sky Betting had a huge array of monitoring metrics, however, I provided additional metrics as new services where launched through a NodeJS script that pushed metrics to a central collector.
To provide Developers with a throw-away environment, single-box containing all required services, I provided a Vagrant script to interact with vRealize Orchestrator (VMWare) to trigger the creation of a server.
To provide Developers with a throw-away environment, single-box containing all required services, I provided a Vagrant script to interact with vRealize Orchestrator (VMWare) to trigger the creation of a server.
Linux, VMware, Apache, MongoDB, Redis, NodeJS
2013 - 2013
freelance
Varnish (Reverse Proxy) Specialist
Immediate Media.
Development of a custom Varnish implementation, using dynamic configuration to increase the efficiency of the deployment process for new servers.
Creation of a standard Varnish server template so that new servers can be deployed & serving traffic in minutes.
Restructuring the existing cache layer to provide resiliency, through front end load balancing, as well as minimising the steps required to increase capacity and throughput.
Optimised the Linux kernel to improve throughput for high-traffic websites such as Radiotimes.com
Creation of a standard Varnish server template so that new servers can be deployed & serving traffic in minutes.
Restructuring the existing cache layer to provide resiliency, through front end load balancing, as well as minimising the steps required to increase capacity and throughput.
Optimised the Linux kernel to improve throughput for high-traffic websites such as Radiotimes.com
Performance Development and Planning, Performance optimization, Linux
2012 - 2013
freelance
Data Centre migration and new Environment Build-out
Laterooms.
Whilst at Laterooms I developed and implemented solutions to enhance the infrastructure and improve performance, one such project I implemented front end caching for a high traffic API service to reduce contention on the application servers; thus improving response times for clients.
I also worked on a major project to rebuild the Laterooms infrastructure in a new data centre, this included analysing current systems and configuration then rebuilding the servers in the new DC using a base image. I produced several build scripts to configure servers using Laterooms specific configuration e.g. LDAP.
After the data centre move was complete I was then tasked with ensuring all Linux servers met with the PCI DSS, as part of my build scripts I had already implemented most of the server hardening practices. To ensure servers remain compliant I created a script to provide a visual report of PCI checks, the script also has the ability perform remediation steps to ensure a server is compliant.
I provided full documentation of the server build & hardening process, and utilized SVN to provide version control for server & application configuration.
I also worked on a major project to rebuild the Laterooms infrastructure in a new data centre, this included analysing current systems and configuration then rebuilding the servers in the new DC using a base image. I produced several build scripts to configure servers using Laterooms specific configuration e.g. LDAP.
After the data centre move was complete I was then tasked with ensuring all Linux servers met with the PCI DSS, as part of my build scripts I had already implemented most of the server hardening practices. To ensure servers remain compliant I created a script to provide a visual report of PCI checks, the script also has the ability perform remediation steps to ensure a server is compliant.
I provided full documentation of the server build & hardening process, and utilized SVN to provide version control for server & application configuration.
Security Assessment, IT consultant, Performance optimization, Scripting, It infrastructure, IT integration
Gareth's reviews
Gareth has not received any reviews on Worksome.
Contact Gareth Coffey
Worksome removes the expensive intermediaries and gives you direct contact with relevant talent.
Create a login and get the opportunity to write to Gareth directly in Worksome.
38000+ qualified freelancers
are ready to help you
Tell us what you need help with
and get specific bids from skilled talent in Denmark