Alexandru is available for hire

Alexandru Tudor

Verified Expert in Engineering

DevOps Architect and Developer

Bucharest, Romania

Toptal member since April 8, 2026

Expertise

Docker Terraform AWS DevOps Amazon S3 Cloud Architecture Linux REST API Cloud Engineering Google Cloud Development Google Kubernetes Engine (GKE)Git Kubernetes Python

Bio

Alexandru is a senior DevOps and cloud architect with 15+ years of experience designing and scaling infrastructure across AWS, GCP, and hybrid environments. He has a proven track record of building cloud-native platforms, automating end-to-end delivery pipelines, and implementing SRE best practices, including SLAs, SLOs, and error budgets.

Portfolio

Tevvo

Amazon Web Services (AWS), Terraform, Bitbucket Pipelines, Kubernetes...

Deutsche Bank

Google Cloud Platform (GCP), Terraform, Chaos Engineering, GitHub Actions...

PwC

Azure Cloud Services, Amazon Web Services (AWS), Google Cloud Platform (GCP)...

Experience

Linux - 12 years
Terraform - 10 years
Amazon Web Services (AWS) - 8 years
CI/CD Pipelines - 8 years
DevOps - 8 years
Google Cloud - 6 years
Kubernetes - 5 years
Python - 4 years

Preferred Environment

MacOS, Amazon Web Services (AWS), Google Cloud Platform (GCP), GitLab CI/CD

The most amazing...

...thing I've built is a data lake on GCP with labels for PII columns and organizations from the group, and tag-based access controls set using Terraform.

Work Experience

DevOps Lead

2025 - 2025

Tevvo

Migrated from one AWS Account to AWS Organizations and multiple AWS Accounts.
Implemented CI/CD pipelines for Terraform infrastructure as code.
Improved overall reliability and reduced cloud setup costs.

Technologies: Amazon Web Services (AWS), Terraform, Bitbucket Pipelines, Kubernetes, Kafka Connect, Apache Kafka, CI/CD Pipelines, DevOps, Amazon S3 (AWS S3), Docker, Infrastructure as Code (IaC), Observability, Cloud Security, Cloud Architecture, Identity & Access Management (IAM), Amazon DynamoDB, REST APIs, Architecture, Python, Amazon EC2

Senior Site Reliability Engineer

2025 - 2025

Deutsche Bank

Identified user journeys for the application being prepared for go-live.
Established SLIs and SLOs with the application owners.
Created metrics, alerts, and dashboards to measure and act depending on the reliability of the application.

Technologies: Google Cloud Platform (GCP), Terraform, Chaos Engineering, GitHub Actions, CI/CD Pipelines, DevOps, Trivy, Docker, Infrastructure as Code (IaC), Observability, Google Kubernetes Engine (GKE), Identity & Access Management (IAM), REST APIs, Terraform Cloud

Senior Manager, Security Engineering

2024 - 2024

PwC

Led cloud security posture implementation for AWS.
Implemented security controls defined by SOC2 and mapped onto AWS with Wiz.
Created a CI/CD pipeline with Terraform and custom Python scripts that interacted with Wiz to create rules on multiple Wiz projects.

Technologies: Azure Cloud Services, Amazon Web Services (AWS), Google Cloud Platform (GCP), Wiz Cloud Security Platform, CI/CD Pipelines, Amazon S3 (AWS S3), Docker, Infrastructure as Code (IaC), Observability, Cloud Security, Identity & Access Management (IAM), REST APIs, Amazon EC2

DevOps Consultant

2023 - 2024

Maxeda DIY Group

Implemented AWS WAF with multiple rules, rate limits, and filters to successfully block DDOS attacks that affected the retail website.
Implemented a self-service mechanism through which developers could provision GCP resources.
Decreased overall cloud costs by 20% from the total invoice.

Technologies: Terraform, Amazon Web Services (AWS), Google Cloud Platform (GCP), Bitbucket Pipelines, CI/CD Pipelines, DevOps, Trivy, Snyk, Cloud Run, Amazon S3 (AWS S3), Docker, Infrastructure as Code (IaC), Observability, Amazon Glacier, Cloud Security, Cloud Architecture, Google Cloud Security Command Center (SCC), Identity & Access Management (IAM), Amazon DynamoDB, REST APIs, Architecture, Python, Amazon EC2

DevOps Engineer

2022 - 2022

REWE Digital

Delivered a proof-of-concept (POC) for metadata management using Kafka and OpenMetadata on GKE.
Adopted Kubernetes operators through the operator framework and Ansible.
Implemented a development platform POC by orchestrating GCP and GitLab using StackStorm.

Technologies: Kubernetes, Google Cloud Platform (GCP), Confluent Kafka, CI/CD Pipelines, DevOps, Docker, Infrastructure as Code (IaC), Observability, Google Kubernetes Engine (GKE), Cloud Security, Identity & Access Management (IAM), REST APIs, GitLab, Terraform Cloud, GitOps

Lead DevOps Engineer

2022 - 2022

ZF

Built modular GitLab CI/CD templates for Terraform deployments to AWS and AKS.
Created Helm charts to abstract complex service deployments for development teams.
Implemented pipeline optimizations that reduced CI/CD runtime by 45%.

Technologies: Amazon Web Services (AWS), GitLab CI/CD, Terraform, Kubernetes, Helm, CI/CD Pipelines, DevOps, Amazon S3 (AWS S3), Docker, Infrastructure as Code (IaC), Observability, Identity & Access Management (IAM), REST APIs, GitLab, Python, Terraform Cloud, GitOps, Amazon EC2

DevOps Consultant

2020 - 2021

Groupe Renault

Designed and managed a GCP-based data lake with secure multi-environment isolation.
Developed CI/CD pipelines to streamline the deployment and testing of data applications.
Automated data job scheduling and cloud resource provisioning with Python and GitLab CI.
Enabled self-service pipeline deployment for data engineering teams.

Technologies: Google Cloud Platform (GCP), GitLab CI/CD, CI/CD Pipelines, DevOps, Docker, Infrastructure as Code (IaC), Observability, Google Kubernetes Engine (GKE), Cloud Security, Identity & Access Management (IAM), REST APIs, GitLab, Python, Terraform Cloud

DevOps Lead

2019 - 2020

Insurance Business Applications

Led a team of three engineers building a highly automated environment creation platform using TypeScript, Lambda, and API Gateway.
Improved development and testing pipelines, eliminating manual repetitive tasks for developers.
Created and maintained onboarding documentation for the platform.

Technologies: Amazon Web Services (AWS), Amazon Elastic Container Service (ECS), TypeScript, CI/CD Pipelines, DevOps, Datadog, Amazon S3 (AWS S3), Docker, Infrastructure as Code (IaC), Observability, Cloud Security, Identity & Access Management (IAM), REST APIs, Amazon EC2

DevOps Engineer

2018 - 2018

Dufry

Built AWS infrastructure for 180 global websites using Terraform, Ansible, and Python.
Deployed Java applications using CodeCommit and Elastic Beanstalk with minimal maintenance overhead.
Created documentation and mentored a junior engineer to take over this project.

Technologies: Amazon Web Services (AWS), Ansible, Jenkins, CI/CD Pipelines, DevOps, Amazon S3 (AWS S3), Docker, Infrastructure as Code (IaC), Observability, Identity & Access Management (IAM), REST APIs, Amazon EC2

Cloud Solution Architect

2012 - 2018

IBM

Offered solution guidance and architecture design for large, complex deals in IBM Cloud (Bluemix and CMS).
Automated IBM DB2 provisioning and patching for IBM Cloud Managed Services on AIX and Linux.
Developed MVPs on AWS and Azure as part of IBM Cloud offerings using Terraform and Ansible.

Technologies: IBM Cloud, Amazon Web Services (AWS), Google Cloud Platform (GCP), OpenStack, IBM Db2, WebSphere, AIX, Docker, Infrastructure as Code (IaC), Cloud Architecture, Identity & Access Management (IAM), REST APIs, Architecture, Amazon EC2

Experience

Ansible Role yas3fs_monit

https://github.com/alexjguy/yas3fs_monit

An Ansible role that mounts S3 buckets locally using yas3fs and, after that, sets up monit to watch for any S3 unmount and remount it. It should be run on an EC2 instance with an attached instance profile that grants S3 read-write access. If run on an instance without a profile, it needs to be set up with AWS CLI.

Ansible Role sftp_chroot_pkey

https://github.com/alexjguy/sftp_chroot_pkey

An Ansible role that configures Ubuntu for SFTP with users, chrooted directories, and public key authentication. This role denies access to the defined group for any type of login except SFTP. It can also be run on Ubuntu Server; it was tested on Ubuntu 18.06.

AWS Costs to Markdown

https://github.com/alexjguy/AWS-costs-markdown

A Python script that will take the costs out of AWS APIs and output them nicely in Markdown. The services I used include EC2, VPC, CloudWatch, S3, and EBS. The script does not support CLI-like parameters; it has a variable at the beginning of the script containing a list of sites from which data will be retrieved.

Education

2009 - 2016

Bachelor's Degree in Mathematics and Computer Science

Spiru Haret University - Bucharest, Romania

Certifications

DECEMBER 2025 - PRESENT

Harness Certified Chaos Engineering Developer

Harness

SEPTEMBER 2025 - OCTOBER 2027

CKS: Certified Kubernetes Security Specialist

The Linux Foundation

SEPTEMBER 2025 - OCTOBER 2027

HashiCorp Certified: Terraform Associate (003)

Hashicorp

JANUARY 2025 - JANUARY 2027

AWS Certified Machine Learning Engineer

Amazon Web Services

JANUARY 2025 - PRESENT

AWS Certified Machine Learning Engineer - Associate Early Adopter

Amazon Web Services

OCTOBER 2024 - OCTOBER 2027

AWS Certified AI Practitioner

Amazon Web Services

AUGUST 2024 - AUGUST 2026

CKA: Certified Kubernetes Administrator

The Linux Foundation

AUGUST 2024 - AUGUST 2025

Microsoft Azure Administrator Associate

Microsoft

DECEMBER 2023 - PRESENT

HashiCorp Certified: Terraform Associate (003)

HashiCorp

FEBRUARY 2023 - FEBRUARY 2026

AWS Certified Security – Specialty

Amazon Web Services

OCTOBER 2021 - OCTOBER 2024

AWS Certified SysOps Administrator – Associate

Amazon Web Services

DECEMBER 2018 - PRESENT

AWS Certified Solutions Architect – Professional

Amazon Web Services

NOVEMBER 2017 - NOVEMBER 2019

Google Certified Professional - Cloud Architect

Google Cloud

DECEMBER 2016 - PRESENT

Cloud Enterprise Developer - Author Award for Professionals 2016

IBM

Skills

Libraries/APIs

REST APIs

Tools

Terraform, Google Kubernetes Engine (GKE), GitLab, Kafka Connect, GitLab CI/CD, Helm, Amazon Elastic Container Service (ECS), Ansible, Jenkins, Amazon SageMaker

Paradigms

DevOps, DevSecOps

Platforms

Amazon Web Services (AWS), Docker, Amazon EC2, Linux, AIX, Kubernetes, Google Cloud Platform (GCP), Apache Kafka, Confluent Kafka, OpenStack, WebSphere, MacOS, Cloud Run

Storage

Amazon S3 (AWS S3), Google Cloud, Datadog, Amazon DynamoDB, Azure Cloud Services, Databases, IBM Db2

Languages

Python, TypeScript

Frameworks

Bedrock

Other

CI/CD Pipelines, Infrastructure as Code (IaC), Cloud Security, Identity & Access Management (IAM), Terraform Cloud, Amazon Glacier, Observability, Trivy, Snyk, Cloud Architecture, Google Cloud Security Command Center (SCC), Architecture, GitOps, Chaos Engineering, Site Reliability Engineering (SRE), Platform Engineering, Machine Learning, Machine Learning Operations (MLOps), Generative Artificial Intelligence (GenAI), Security, Cloud, Programming, GitHub Actions, Bitbucket Pipelines, Wiz Cloud Security Platform, IBM Cloud, Amazon SageMaker Pipelines

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring