SUBRAMANIAN SWAMINATHAN

Terraform Modules

• Contributed to internal and OSS Terraform modules for application infrastructure, workload identity, and AWS resources.
• Managed resources across AWS, GitHub, Opsgenie, New Relic, and HashiCorp Cloud Platform (HCP Vault, HCP Consul).
  

AWS PAM

• Temporary elevated access management for production AWS accounts.
• Built Slack-based workflows for request approval/rejection with audit logs and reject comments.
  

Chatbot Development

• Designed Slack-integrated chatbot architecture for team alerts including health, cost anomalies, GuardDuty, and Shield alerts.
• Integrated AWS Support app for automatic ticket updates across Slack channels.
  

Application Security

• Rolled out CodeQL across the organization to elevate code security.
  

Compliance Initiatives

• Used HashiCorp Sentinel to enforce organizational controls for cloud infrastructure.
• Used Github actions at org level rule set to make sure all dependencies are using allowed licenses
  

Cost Optimization

• Reduced GitHub-hosted runner usage by migrating to self-hosted runners, lowering costs significantly.
• Implemented JWT authentication for Terraform Cloud and GitHub to streamline usage and cost control.
  

Security Implementations

• Deployed SHARR across accounts, integrating Inspector findings with Security Hub and Jira.
• Built Vault Radar to monitor secrets across platforms like GitHub, Terraform Cloud, and HCP.
  

CDN Migration

• Migrated various apps including Straits Times from Verizon (Edgio) to CloudFront.
  

Dashboards & Reporting

• Developed QuickSight dashboards for Security Hub, Terraform Cloud, and GitHub using S3, Glue Catalog, and Athena.
  

Developer Experience Enhancements

• Reduced Terraform Cloud workspace modification time from 14 minutes to under 1 minute.
• Optimized merge queue times by reducing security checks from 17 minutes to 5 minutes.
• Built Backstage infrastructure for platform application management.
  

New Explorations

• Worked closely with HashiCorp products teams for testing their various beta versions, including Terraform stacks, Sentinel policies, and Vault Radar.
• Evaluated tools like Semgrep and Open Policy Agent (OPA)
  

• Managed 50+ sites running on same code base, with some of them having custom workflow/features
• Took key decisions while designing the architecture of application in Amazon Web Services
• Provided technical direction on projects and initiatives to other team members
• Managed multiple integration projects with various platforms
• Mentoring junior team members right from setting up Dev environment to API development.
• Introduced DevOps process within Team for Continuous Integration and Delivery

Development

• Strong in Drupal, PHP, Unix environment
• Backend API development using Drupal / PHP.
• Part of product development team and developed various features of product

Integration

• Experienced with various learning standards like SCORM/Rustici Engine Integration, Learning Tool Interoperability (LTI), Common Cartridge
• Built Integration with 3rd party services like Crocodoc, Box, PrizmDoc, Zencoder, OneNote, Turnitin, Zoom, Pusher, Twilio
• Implemented search functionality using AWS Cloudsearch
• Used AWS Step functions & Lambda for building Global bank feature
• Used AWS Lambda for automating routine tasks
• Implemented SSO using SAML and OAuth 2.0. Published app in various platforms like OneLogin, Okta, AzureAD, Azure B2C
• Created apps on Zapier both Actions,Triggers using NodeJS
• Implemented webhook functionality using AWS SNS.
• Deployed / Maintained 3rd party applications like SCORM/Rustici engine, PrizmDoc, Piwik in AWS cloud

Application Monitoring / Performance

• Helped in application performance using tools like XhProf, AppDynamics, NewRelic
• Have done MySQL slow query log analysis using Percona toolkit and fixed them
• Worked with log monitoring tools like Logentries, Rapid7 InsightOps, Cloudwatch Logs
• Used tools like JMeter, BZT, Loadium for application load testing to simulate the production traffic on testing environment.
• Used AWS SQS to decouple asynchronous tasks in application to improve overall performance

Security

• Set up AWS WAF ACLs in front of load balancers to protect applications from OWASP Top 10 risks and from risks related to OS, Frameworks.
• Experience in using ElasticSearch / Kibana for analyzing WAF logs
• Used Cloudfront to protect files in S3 using Signed Cookies
• Used tools like SQLMap to identify what APIs are vulnerable to SQL injection and fixed them

DevOps

• Used Bitbucket pipeline for building applications and deploying code in AWS ECS / Lambda.
• Used Jenkins pipeline for continuous deployment
• Used Docker for containerizing apps and used it in CI / CD pipeline
• Used tools like Terraform, AWS Cloudformation to create Infrastructure as Code.
• Used Configuration Management tools like Ansible to automate the provisioning of server, install application dependencies.
• Automated setup of separate environments for running yearly vulnerability scans

• Part of Application Development & Support team, supporting applications of Sun Micro systems
• Application - Deal Management Process Tool A workflow management tool, used by Sales Reps to create Deals to sell Sun Hardware, that goes through Sales and Finance Validations, Concurrence and Approval work steps
• Involved in development of web interface for user management using Java, Java Server Pages, Servlet, JDBC, MySQL
• Analysis, troubleshooting and problem Resolution, meeting SLA and providing support on time