Herman Wong

DevOps Engineer

• Faced with inconsistent and hard-to-debug EC2 instance configurations using User Data scripts. Engineered a comprehensive migration to native Ansible roles, enabling real-time feedback loop and improving deployment reliability across the infrastructure.
• Confronted with time-intensive, manual deployments of enterprise security infrastructure, specifically a Splunk HA Cluster deployment typically requiring 130 hours of expert configuration. Architected a comprehensive Infrastructure-as-Code solution using Terraform for cloud resource provisioning (EC2, Kinesis Firehose, ALB, Security Groups) and Ansible for automated software configuration, all orchestrated through GitLab CI pipelines. Successfully reduced Splunk deployment time by 85% while ensuring consistent, repeatable deployments across environments.
• Confronted with manual web-based configurations lacking API access. Developed automated Selenium solutions for browser-based configurations, reducing manual configuration time from hours to minutes and eliminating human error.
• Confronted with complex multi-cloud connectivity requirements that had stalled for 3 weeks using manual configuration. Engineered a comprehensive Terraform solution for HA Site-to-Site VPN connectivity between AWS Transit Gateway and Azure VPN Gateway, incorporating automated security configurations and protocol optimizations. Successfully reduced implementation time from 3 weeks to 2 days while delivering enhanced reliability through dual tunnels and BGP routing, and improved security through automated logging and standardized encryption protocols.
• Confronted with complex, time-consuming application deployments requiring extensive manual configuration. Engineered comprehensive GitLab CI/CD pipelines orchestrating Terraform and Ansible to enable one-click deployments of enterprise infrastructure including Active Directory domains, PKI services, Palo Alto NGFW, and GitLab itself. Successfully automated complex tasks like DC promotion, GPO deployment, certificate management, and Gitlab runner configuration, reducing typical deployment times from hours to minutes while ensuring consistent, reproducible environments across the organization.
• Confronted with escalating AWS costs and resource sprawl across multiple sandbox environments. Implemented comprehensive cost control framework including Cost Allocation Tags with enforced tag policies for expense tracking by individuals/teams/projects, AWS Instance Scheduler for automated off-hours instance management, and cloud-nuke automation via GitHub Actions OIDC integration for periodic resource cleanup. Successfully established cost-transparent, self-cleaning sandbox environments through Terraform-managed configurations, ensuring repeatable cost control across multiple AWS accounts.

VMware Systems Administrator

• Identified need for improved infrastructure monitoring. Successfully deployed and configured vRealize Operations Manager, enabling proactive performance monitoring and capacity planning across the infrastructure.
• Faced challenges in centralized log management. Implemented vRealize Log Insight, creating custom dashboards that improved incident response time by 50% through enhanced log visibility and analysis.
• Tasked with improving storage reliability for critical applications. Configured vSAN native Clustered VMDK with Windows Failover Clustering, achieving 99.99% uptime for mission-critical services.
• Recognized inefficiencies in domain patching processes. Developed custom PowerShell DSC class-based resources that automated and standardized domain patching, reducing patching time by 65% while ensuring compliance.

Systems Administrator

• Confronted with poor WSUS performance affecting system updates. Implemented WSUS configuration best practices and optimizations, resulting in 20-30x performance improvement in patch deployment times.
• Faced with manual Exchange maintenance processes. Developed PowerShell scripts for Exchange DAG maintenance and Windows OS patch installations, reducing administrative overhead by 40%.
• Identified need for proactive system monitoring. Created automated health check scripts for domain controllers and Exchange systems, enabling early detection of potential issues and reducing system downtime by 30%.

PC Technician

• Challenged with inefficient system health monitoring across 600+ computers. Developed multi-threaded PowerShell tools that reduced system check times from days to hours while improving accuracy.
• Confronted with slow software deployment over VPN. Engineered a BITS-based file transfer solution for large CAD software deployments, enabling reliable transfers over limited bandwidth connections and reducing deployment failures by 90%.

• Implemented testing framework using Ansible Molecule to deploy and verify a 2-node monitoring stack with Grafana/Prometheus monitoring server and PostgreSQL database node
• Achieved rapid container-based testing cycles under 5 minutes, enabling verification of application files, services, and API functionality
• Integrated GitHub Actions CI pipelines for simultaneous multi-distribution testing across different Linux environments

• Developed a Python-based MCP server providing persistent memory storage for Terraform and Ansible resources, enabling efficient caching and version tracking of IaC components
• Implemented sophisticated XML-based task tracking system to manage development workflow and maintain context across iterations
• Engineered efficient integration patterns combining multiple AI tools (Claude, aider, Roo Code) to optimize development costs and workflow efficiency
• Successfully built and open-sourced complete solution including tests, rules, task files, and documentation

• Deployed EKS cluster with dedicated IRSA roles for add-on permissions
• Implemented Elastic stack using Terraform with kubernetes and kubectl providers
• Managed compute through Amazon Linux 2 t3.medium AWS Managed Nodes

• Demonstrated integration of Terraform and Ansible for AWS infrastructure management
• Implemented Terragrunt wrapper to reduce code duplication

Kapiolani Community College