Resume
Joseph K Harr
Clearance: TS/SCI
CompTIA Security+ ce expires: 9/25/2026
EXPERIENCE
June 2024 to Present - Cloud Computing Engineer Principal
SAIC
- Designed and maintained GitLab CI/CD pipelines to deploy applications to AWS, leveraging Terraform for infrastructure provisioning and Ansible, Bash, and PowerShell for system configuration.
- Developed an automated credential seeding workflow using Bash, AWS SSM, and HashiCorp Vault to securely generate and provision unique administrator passwords during initial environment deployment. Integrated the process into GitLab CI/CD pipelines to dynamically construct Vault paths, enforce password complexity, synchronize secrets with AWS SSM Parameter Store, and cleanly remove credentials during environment teardown — preventing potential exposure of sensitive passwords in Terraform state files and ensuring secure, consistent, and idempotent deployments across environments.
- Identified and remediated orphaned AWS DLM snapshots and AMIs across multiple environments, automating safe deregistration and cleanup of ~6,500 stale images; reduced EBS snapshot storage by tens of thousands of GiB and cut monthly costs by an estimated $40K–$60K (about $500K annually) while ensuring zero impact to production workloads.
- Enabled automated AWS resource tagging in Terraform by injecting GitLab CI/CD variables (branch, commit ID, pipeline URL), ensuring full traceability and eliminating duplicated tagging logic across projects.
- Upgraded internal GitLab server infrastructure, including GitLab runners and HashiCorp Vault, to ensure feature parity, improved performance, and continued support.
- Automated infrastructure provisioning and configuration across multiple AWS accounts (dev, test, prod, etc.) with Terraform and Ansible—spun up VPCs, EC2 instances, EKS clusters, S3 buckets, IAM roles/policies, security groups, and Vault secrets in both classified and unclassified environments.
- Supported multi-account Kubernetes platforms by leveraging an existing GitLab-based EKS deployment pipeline for both unclassified and classified environments. Troubleshot and remediated pipeline failures using k9s, kubectl logs, and pipeline diagnostics to restore cluster health.
- Designed Windows software-update pipeline in GitLab CI to deploy COTS and custom applications (Adobe, Chrome, Notepad++, 7-Zip, Microsoft Office, AWS CLI/Tools, helm, jre, k9s, kubectl) on EC2 hosts—built file-existence checks, dynamic S3 path mappings, drive-mapping logic, and idempotent Ansible playbooks.
- Built and refined VM-to-AMI import pipeline, handling VMDK extraction, automated AMI tagging, and S3 import/export.
- Drove platform reliability and compliance by integrating Prowler security scans into CI pipelines across all accounts, then remediating critical findings—encrypting EBS volumes, removing unused security groups, and tightening IAM policies to satisfy RMF/Zero-Trust hardening requirements.
- Authored and maintained classified environment troubleshooting guides, including PowerShell, bash,and AWS CLI command collections and Wiki updates, accelerating on-boarding and root-cause analysis for classified environment issues.
- Developed a GitLab pipeline to automate Palo Alto External Dynamic List (EDL) updates, downloading blacklist from a third party source, parsing entries into separate IP, URL, and domain lists, and uploading them to a private S3 bucket configured for static website hosting. Designed and implemented S3 bucket policies to restrict access ensuring files are accessible only to the firewalls. Integrated the EDLs into firewall policies and added a scheduled job to refresh them weekly from the source feed.
June 2023 to June 2024 - Cloud Operations Engineer
CACI
- System administration of Department of the Air Force CloudWorks.
- Deployed Assured Compliance Assessment Solution (ACAS) test and production application stacks every month with the most current AWS AMI and approved application updates. Configures and tests new systems and makes corrections as needed. This involved Cloudformation, S3, EC2, Route 53, ALBs and target groups.
- Updated ACAS Nessus Manager and Tenable.SC plugins and licenses.
- Ran ACAS scans on customer agent groups and delivers reports of findings.
- Troubleshot problems with agents linking to ACAS Nessus Manager and hosts connecting to the ECE fleet.
- Performed monthly deployments of CHAOS Mission Scheduler application.
- Created and managed users in Keycloak, ACAS, Elastic Cloud Enterprise (ECE), CHAOS.
- Responded to outages of the various applications, troubleshoots, and restores services.
- Performed quarterly user audits and sent data to the Information Assurance (IA) team.
- Monitored Kibana dashboards and reports anomalies to IA team.
- Monitored AWS Step Functions and State Machines for failures and verifies the gold AMIs are being generated.
June 2022 to June 2023 - Linux System Administrator
CACI
- Installed, supports and maintains Red Hat Enterprise Linux (RHEL) servers, workstations, and Docker containerized applications.
- Managed software configuration with Puppet and Ansible while using GIT for version control.
- Installed patches according to the Patch Management Plan leveraging Yellowdog Updater Modified (YUM) and Red Hat Satellite.
- Maintained and operated a virtualized data center using VMWare with Dell/EMC server and storage hardware.
- Responded to and resolved service outages, technical queries and other system related issues.
- Conducted systems analysis and development to keep systems as current as possible with changing technology.
- Provided technical guidance to Tier 1 and 2 personnel.
EDUCATION
- Microsoft Certified: Azure Administrator Associate (AZ-104) (Sep 2023)
- Amazon AWS Certified Solutions Architect - Associate (SAA) (June 2022)
- Red Hat Certified System Administrator (RHCSA) (Jan 2020)
- Dell EMC Proven Professional: Specialist – Systems Administrator, Data Domain (DCS-SA) (Aug 2019)
- Microsoft Certified: Azure Fundamentals (Aug 2019)
- Dell EMC Proven Professional: Associate – Information Storage and Management Version 3.0 Certification (June 2019)
- MS, Information Systems Management, Keller Graduate School of Management (December 2021)
- BS, Criminal Justice, Saint Leo University (October 2013)
- AS, Information Systems Technology, Community College of the Air Force (May 2011)
- Security + Certification (current until Sep 2026), DOD 8570 level 2 compliant