Himanshu Vaish

Google Cloud Platform (GCP):

Cloud Architecture Design and Implementation:

• Architected a robust multi-account structure with a least privilege model to ensure granular access control and minimize the blast radius of potential security incidents across GCP environments.
• Implemented GCP Organizations to establish a hierarchical account structure, enabling centralized governance and consistent security policy enforcement using GCP Resource Manager.
• Utilized Google Identity and Access Management (IAM) to assign permissions based on the principle of least privilege, ensuring users and applications only had access to the resources necessary for their specific tasks.
• Employed IAM roles, groups, and policies to manage access permissions at scale, leveraging tools like IAM Conditions and Access Context Manager for fine-grained access control.
• Implemented secure cross-account access and resource sharing using GCP IAM service accounts and Network Connectivity Center (NCC) while maintaining strict security boundaries.
• Designed automated provisioning and management of accounts, users, and permissions using infrastructure-as-code tools such as Google Cloud Deployment Manager and Terraform, ensuring consistency, scalability, and repeatability while reducing manual overhead.
• Centralized network management using Shared VPC, enabling resource sharing across projects while improving security.
• Established a DMZ and inspection project to route all traffic through a secured path for enhanced monitoring and threat detection.
• Conducted periodic audits and reviews of access permissions and configurations using Security Command Center and Cloud Asset Inventory, ensuring compliance with security standards such as ISO 27001 and SOC 2.
• Designed and implemented CI/CD pipelines using Google Cloud Build, automating testing, integration, and deployment to streamline software delivery.
• Implemented centralized logging and monitoring using Google Cloud Logging and Google Cloud Monitoring, providing real-time insights and alerting for operational and security events.
• Leveraged Google Cloud Operations Suite for diagnostics and troubleshooting, ensuring efficient operations of applications and infrastructure.
• Utilized Google BigQuery for log analysis and visualization to gain actionable insights from operational data.
• Streamlined automation workflows using Google Cloud Functions and Cloud Run, improving responsiveness and operational efficiency.
• Implemented source code management using Google Cloud Source Repositories, integrated with CI/CD pipelines to enable efficient version control, collaboration, and automated deployments.

Technical Expertise and Innovation:

• Reduced operational overhead by 30% through automation and centralized resource management.
• Improved deployment times by 50% by adopting automated CI/CD pipelines and Infrastructure-as-Code practices.

Here's a 30% shorter version of the AWS section while keeping the key details intact:

Amazon Web Services (AWS):

Cloud Architecture Design and Implementation:

• Designed a multi-account structure using AWS Organizations and Control Tower, enabling centralized governance and consistent security policy enforcement.
• Implemented AWS Identity and Access Management (IAM) with least privilege principles, using roles, groups, and policies for scalable access management.
• Automated provisioning of accounts, users, and resources with AWS CloudFormation and Terraform, ensuring consistency and reducing manual overhead.
• Established secure cross-account access and resource sharing using IAM roles and AWS Transit Gateway, improving collaboration while maintaining security boundaries.
• Conducted regular audits with AWS Config and Security Hub, ensuring compliance with frameworks like HIPAA and SOC 2, and proactively mitigating risks.
• Designed scalable CI/CD pipelines using AWS CodePipeline integrated with Bitbucket, enabling efficient source code management, automated builds, and deployments.
• Centralized logging and monitoring with Amazon CloudWatch and CloudTrail, providing operational insights and enhanced security visibility.
• Enhanced network security with AWS WAF, VPC flow logs, and traffic inspection for secure operations.

Technical Expertise and Innovation:

• Reduced deployment times by 40% and improved operational efficiency with AWS Lambda for serverless automation.
• Delivered custom automation solutions, integrated advanced technologies like AWS Lex chatbot and Kendra, and mentored cross-functional teams.

• Knowledgeable in Azure Services IaaS, PaaS, SaaS, and cloud trends. Serves as DevOps and Automation SME in Azure/AWS.
• Designs and implements cloud-native and hybrid solutions on AWS/Azure. Implements multi-cloud solutions with high availability and cost optimization.
• Implements highly available, fault-tolerant, disaster recovery solutions.
• Uses IAC tools like Ansible/Terraform, CloudFormation, ARM. Automates tasks with SSM and Lambda.
• Deploys applications on Docker and Kubernetes. Works with ECS, EKS, AKS.
• Manages identities with IAM, AzureAD, Okta. Designs central identity store for multiple clouds.
• Deploys monitoring platforms with CloudWatch, Azure Monitor.
• Deploys backup services in line with RPO/RTO standards.
• Experienced with deployments, maintenance, troubleshooting applications. Automates release components.
• Performs Linux & Windows System Administration using Bash & PowerShell. Designs and develops cloud data solutions.
• Experienced with AWS AppStream, WorkSpaces, and Connect.

• Managed VPC, Subnet, AWS Instances, VPN, and worked with ELB, Autoscaling, Route53, NACL, Routing.
• Monitored EBS, RDS, Elasticache, ELB, and troubleshot Cloud Solutions.
• Configured UCCE components and managed Call Routing with ICM scripts.
• Handled CUCM, Cisco Jabber, CUC, CUPS, CUEAC, UCCX, Expressways for AT&T, and implemented IPT solutions with Voss bulk loaders.
• Upgraded CUCM, CUC, UC appliances as needed, conducted UAT, and supported CUCM 8.x/9.x/10.x, Cisco Unity.
• Implemented changes in IPT Networks, troubleshot HCS platform issues, and managed call failure, voice quality issues.

• Implements VOIP, installs/configures Cisco products, and manages call parameters.
• Prepares site requirements, performs UAT, and troubleshoots extension issues.
• Uses VoSS for daily support, troubleshooting, and site transitioning.
• Provides 24/7 global support, handles HCS issues, and sets up CUCM, CUC, VMware labs.