Gregory is currently unavailable
Gregory Bulgare
Verified Expert in Engineering
DevOps and Backstage Engineer and Developer
London, United Kingdom
Toptal member since August 1, 2024
Bio
Gregory is a highly skilled operations engineer with over 10 years of experience in diverse sectors and company sizes, including BNP Paribas CIB, Shareight, IMG Arena, Beamery, and UnderwriteMe. As an engineer focusing mainly on Kubernetes and infrastructure as code, he leverages cloud technologies to streamline development workflows. Gregory provides secure, performant, and cost-optimized cloud (AWS, GCP) and on-premise environments.
Portfolio
Infobam
DevSecOps, Backstage, Terraform, Crossplane, Vault, Amazon Web Services (AWS)...
UnderwriteMe
Java, Amazon QuickSight, Amazon EKS, Crossplane, Helm, Bash, Spring Cloud...
Img Arena
DevOps, Terraform, Kubernetes, NGINX, Java, Go, Slackbot, Jenkins, Argo CD...
Experience
- DevOps - 10 years
- Terraform - 9 years
- Kubernetes - 8 years
- GitLab CI/CD - 6 years
- Amazon Web Services (AWS) - 6 years
- Go - 5 years
- Google Cloud Platform (GCP) - 3 years
- Backstage - 2 years
Preferred Environment
Google Cloud Platform (GCP), Amazon Web Services (AWS), Kubernetes, GitLab CI/CD, CI/CD Pipelines, Terraform, Crossplane, Backstage, Go, Observability Tools
The most amazing...
...infrastructure migration I've performed is for Shareight, from Linode VM to GKE, which saved 17% of the infrastructure bills and improved monitoring.
Work Experience
Lead Platform Engineer
2024 - 2024
Infobam
- Analyzed existing implementations to identify stakeholder needs and informed them of new designs. Organized and delegated work as a team lead for three engineers and mentored teammates.
- Designed, implemented, and maintained company-wide AWS and legacy DevSecOps solutions for multiple Spring web applications using Terraform. Led the end-to-end CI/CD pipeline implementation for multi-region and multi-AWS account setups.
- Designed an observability solution using Thanos for monitoring, Loki for logging, and Jaeger for tracing. Included an identity and secret management system with access control via HashiCorp Vault.
- Initiated the implementation of an internal developer platform using Backstage, Terraform, and Crossplane.
Technologies: DevSecOps, Backstage, Terraform, Crossplane, Vault, Amazon Web Services (AWS), Thanos, Loki, Jaeger, Java, Docker, GitLab, Jira, Confluence, Prometheus, Grafana, Amazon S3 (AWS S3), Git, Observability Tools, DevOps, Cost Reduction & Optimization (Cost-down), Platforms, Bash, Amazon EKS, Management, CI/CD Pipelines, Infrastructure as Code (IaC), Web, CSS, HTML, Migration
Senior Platform Engineer
2022 - 2024
UnderwriteMe
- Identified, planned, and addressed application stakeholder needs. Designed and implemented automation for Amazon QuickSight report deployment across multiple AWS accounts.
- Reduced application deployment costs in the Kubernetes cluster by 57% while enhancing delivery capability and velocity. Migrated Git repositories to GitLab after conducting resource audits through multi-performance tests.
- Maintained and improved Terraform scripts and refactored the Kubernetes templating solution. Designed and implemented an internal developer platform using Backstage, Crossplane, and Terraform and integrated local Kubernetes clusters.
- Integrated Kubeflow, MLFlow, and data version control (DVC) to enhance the machine learning platform and reduce the model's resource usage through improved deployment methods.
Technologies: Java, Amazon QuickSight, Amazon EKS, Crossplane, Helm, Bash, Spring Cloud, Amazon Web Services (AWS), Platforms, Machine Learning Operations (MLOps), Terraform, Cost Reduction & Optimization (Cost-down), Jenkins, Kubernetes, DevOps, Backstage, GitLab, Kubeflow, Shell, Flux, Atlantis, Jira, Confluence, RabbitMQ, Prometheus, Grafana, Amazon S3 (AWS S3), NGINX, Docker, Git, Observability Tools, CI/CD Pipelines, Infrastructure as Code (IaC), Web, CSS, HTML, APIs, MLflow, DVC
Senior DevOps
2021 - 2022
Img Arena
- Maintained Terraform scripts and implemented Kubernetes templating solutions. Improved Kubernetes infrastructure by adhering to best practices.
- Enhanced Jenkins implementation by versioning Jenkins configurations.
- Developed a Go Slack bot to streamline onboarding and offboarding processes.
Technologies: DevOps, Terraform, Kubernetes, NGINX, Java, Go, Slackbot, Jenkins, Argo CD, Jira, Confluence, Amazon S3 (AWS S3), Docker, Git, Spring Cloud, Bash, Helm, Amazon EKS, CI/CD Pipelines, Infrastructure as Code (IaC), Web, CSS, HTML
Senior DevOps and Site Reliability Engineer
2020 - 2021
CoinFLEX
- Organized and delegated work as a team lead for five engineers and mentored teammates. Collaborated with management to align engineering roadmaps, considering technology investment, divestment, and maintenance.
- Redesigned and led the implementation of GitOps practices for Kubernetes and infrastructure across multiple regions and cloud providers, including GCP, AWS, Azure, and Alibaba.
- Led the implementation of an end-to-end CI/CD framework, including multiple tests and the migration from Jenkins pipelines to Drone and Argo CD tools. Implemented a Secret Manager and Access Management solution using HashiCorp Vault.
- Designed, implemented, and maintained an observability solution with Jaeger for tracing, Loki for logging, and Thanos for monitoring. Reviewed and applied best practices for Kubernetes infrastructure.
- Set up distributed load testing using Locust and Amazon Elastic Container Service (Amazon ECS).
- Provided developers with a local Kubernetes cluster using Kind and Skaffold, enhancing application integration. Developed a Go Slack bot to automate the approval process for colleagues to execute database queries.
Technologies: DevOps, Terraform, Docker, Kubernetes, GitLab, Jenkins, Apache Kafka, Go, Java, Apache Maven, Google Cloud Platform (GCP), Amazon Web Services (AWS), Azure Cloud Services, Alibaba Cloud, Slackbot, Locust, Thanos, Loki, Kustomize, Blockchain, Bitcoin Cash, TimescaleDB, Redis, Apache Pulsar, MySQL, Nacos, ArangoDB, CockroachDB, Ruby, NGINX, MongoDB, RabbitMQ, Shell, Vault, DevSecOps, IT Recruitment, Jira, Confluence, Bitbucket, Drone CI, Prometheus, Grafana, Amazon S3 (AWS S3), Git, Observability Tools, Spring Cloud, Bash, Helm, Amazon EKS, Management, CI/CD Pipelines, Infrastructure as Code (IaC), Site Reliability Engineering (SRE), Web, CSS, HTML, APIs
Senior DevOps and Site Reliability Engineer
2018 - 2020
Beamery
- Participated in the engineering recruitment process.
- Migrated the CI/CD pipeline from Jenkins to GitLab CI and the Git repository from GitHub to GitLab. Reviewed and applied best practices for Kubernetes infrastructure and participated in maintaining the Terraform script.
- Developed a Go-based tool and Slack bot to update Elasticsearch and RabbitMQ schemas in the CI/CD pipeline, facilitating onboarding processes and improving developer interaction with the infrastructure.
- Developed high-quality features for the Gravitywell project.
- Established a local Kubernetes cluster for developers using Kind and Skaffold, streamlining application integration. Collaborated with QA to integrate tests early in the workflows, improving both applications and infrastructure.
- Enhanced the observability stack by integrating Istio as a service mesh and refactoring the Prometheus and Grafana implementation for infrastructure and applications.
Technologies: DevOps, Terraform, GitLab CI/CD, Docker, Kubernetes, Prometheus, Grafana, Google Cloud Platform (GCP), Istio, RabbitMQ, Elasticsearch, MongoDB, AWS Lambda, Go, GitLab, GitHub, IT Recruitment, Slackbot, Jaeger, Kind, Skaffold, Apache JMeter, Vault, DevSecOps, Jira, Confluence, Git, Observability Tools, Jenkins, Spring Cloud, Bash, Google Kubernetes Engine (GKE), CI/CD Pipelines, Infrastructure as Code (IaC), Site Reliability Engineering (SRE), JavaScript, Web, CSS, HTML, APIs
DevOps Engineer
2017 - 2017
Shareight
- Designed and executed the migration of infrastructure from Linode to GCP. Created Terraform modules for effective multi-region and multi-project management.
- Containerized PHP and React applications for deployment in a Kubernetes cluster. Managed Kubernetes manifest files via a GitHub repository and deployed them through a CI/CD pipeline using Drone CI.
- Set up a SonarQube server to enhance the quality of the source code and established federated monitoring with a Prometheus cluster, providing remote access to each Kubernetes cluster.
Technologies: DevOps, Kubernetes, Prometheus, Grafana, ELK (Elastic Stack), RabbitMQ, Drone CI, Google Cloud Platform (GCP), Docker, PHP, React, Locust, Python, Terraform, SonarQube, GitHub, Traefik, Shell, DevSecOps, Jira, Confluence, Git, Observability Tools, Bash, Google Kubernetes Engine (GKE), CI/CD Pipelines, Infrastructure as Code (IaC), Site Reliability Engineering (SRE), Web, CSS, HTML, Migration, APIs
DevOps Engineer
2014 - 2017
Lumeon
- Managed the deployment of various services, such as iptables, HAProxy, NGINX, PowerDNS, and MySQL Cluster, in non-production and production environments using Ansible scripts.
- Used Ansible scripts to deploy new versions of PHP applications and enhance monitoring of both the server and application in non-production and production environments.
- Implemented a Rocket.Chat cluster to enable better internal communication.
- Proved server security by migrating from Ubuntu Server to CentOS 7 and reviewing user management permissions via Microsoft Active Directory services in non-production and production environments.
- Provided the developer teams with a development environment using Packer, VirtualBox, and Vagrant, ensuring it closely mirrored the production environment.
Technologies: DevOps, VMware ESXi, Proxmox, LXC, NGINX, MySQL, Active Directory (AD), DNS, Iptables, Cisco, Ubuntu, CentOS, Amazon S3 (AWS S3), Rackspace, VirtualBox, Packer, Ansible, Terraform, Python, SonarQube, Jenkins, Bitbucket, Jira, Confluence, Shell, ELK (Elastic Stack), Git, Bash, Site Reliability Engineering (SRE), JavaScript, Web, CSS, HTML
Software Configuration Manager
2012 - 2014
BNP Paribas CIB
- Reviewed and redesigned the information lifecycle and best practices used with Subversion source control before managing and migrating to StarTeam.
- Created and updated features for internal tools developed in Java and C# to support application management releases and merge plans for source code in the main branch.
- Performed tests on the internal tool and non-production environment, including code quality, integration, and performance tests, using SonarQube, Maven, SaltStack, ShellCheck, and the Hawk script.
- Used Docker to validate the continuous integration process and provide early reports on application behavior to the development team.
Technologies: Java, C#.NET, C#, Bash, Subversion (SVN), Git, PowerBuilder, SonarQube, Apache Maven, KornShell, Jenkins, TeamCity, SaltStack, Docker, Shell, Ansible
.NET Developer
2011 - 2012
Infobam
- Developed five eCommerce websites using an internal framework that combined the .NET web development library and the jQuery library.
- Deployed eCommerce websites on an Internet Information Services (IIS) server in an on-premise environment.
- Wrote multiple unit and functional tests to validate the website's behavior before deployment.
- Created technical and functional specifications for the eCommerce websites and designed them using Visual Studio.
- Reviewed and updated SQL queries to optimize performance in SQL Server 2010 databases.
Technologies: .NET, jQuery, IIS SQL Server, ASP.NET, C#.NET, C#, JavaScript, Web, CSS, HTML
Experience
Design and Implementation of a Company-wide AWS Account
This project's goal was to establish a company-wide AWS environment with multiple AWS accounts, and it was applied at Infobam and CoinFLEX.
The aim was to isolate each infrastructure environment into separate AWS accounts and provide distinct AWS accounts for the operation stack, observability stack, and logging stack. This change enables the application of the least privilege access model, allows for budget resizing per environment, and facilitates easier implementation of features across all environments with reduced effort.
To advocate for this change, I created comprehensive documentation and presented it to the company. I also developed Terraform modules to automate the management of AWS accounts and services, such as virtual private cloud (VPC), Amazon S3, and Amazon EKS. These Terraform scripts were executed using GitLab CI and Atlantis. Basic services were automatically deployed in each environment via ArgoCD or FluxCD.
This implementation enabled us to refactor each environment based on the production environment while maintaining cost-efficiency in non-production environments. As a result, we achieved a 37% cost reduction in infrastructure for Infobam and around 12% for CoinFLEX.
The aim was to isolate each infrastructure environment into separate AWS accounts and provide distinct AWS accounts for the operation stack, observability stack, and logging stack. This change enables the application of the least privilege access model, allows for budget resizing per environment, and facilitates easier implementation of features across all environments with reduced effort.
To advocate for this change, I created comprehensive documentation and presented it to the company. I also developed Terraform modules to automate the management of AWS accounts and services, such as virtual private cloud (VPC), Amazon S3, and Amazon EKS. These Terraform scripts were executed using GitLab CI and Atlantis. Basic services were automatically deployed in each environment via ArgoCD or FluxCD.
This implementation enabled us to refactor each environment based on the production environment while maintaining cost-efficiency in non-production environments. As a result, we achieved a 37% cost reduction in infrastructure for Infobam and around 12% for CoinFLEX.
Multi-cluster Monitoring via Thanos
In this project, I implemented a federated monitoring stack using Prometheus and Thanos, with a bucket for storing the monitoring metrics.
This was done to simplify the access application and infrastructure of monitoring by providing a single entry point. It also improved the reliability, scalability, and long-term storage of your metrics data, providing a robust monitoring solution for your Kubernetes environment and reducing the cost of the metrics storage. The implementation was carried out for Beamery's multiregion-based infrastructure.
I proposed this project and subsequently wrote and presented the documentation. I conducted the proof of concept (POC), which enabled me to prepare the implementation for non-production and production environments. Additionally, I updated the Grafana dashboard.
This project increased the complexity of the monitoring stack but allowed us to refactor all the dashboards, thereby reducing maintenance efforts. It also enabled long-term observation at a lower cost. As a result, monitoring costs were reduced by approximately 33%, and dashboard performance improved by 17%.
This was done to simplify the access application and infrastructure of monitoring by providing a single entry point. It also improved the reliability, scalability, and long-term storage of your metrics data, providing a robust monitoring solution for your Kubernetes environment and reducing the cost of the metrics storage. The implementation was carried out for Beamery's multiregion-based infrastructure.
I proposed this project and subsequently wrote and presented the documentation. I conducted the proof of concept (POC), which enabled me to prepare the implementation for non-production and production environments. Additionally, I updated the Grafana dashboard.
This project increased the complexity of the monitoring stack but allowed us to refactor all the dashboards, thereby reducing maintenance efforts. It also enabled long-term observation at a lower cost. As a result, monitoring costs were reduced by approximately 33%, and dashboard performance improved by 17%.
Multi-cluster Secret Manager Service With HashiCorp Vault Community Version
In this project, I implemented a multi-cluster Vault service via the HashiCorp Vault community version, shell script, and GitLab CI/CD pipeline.
This was done to isolate secret management for the application per Kubernetes cluster and infrastructure environment, including development, staging, and production. This allows applications that will pull or push secrets from Vault to continue to work if the global Vault cluster is not accessible.
I conducted the proof of concept (POC), which enabled me to prepare the implementation for the non-production environments. Additionally, I have improved the identification process of the company members on the global Vault cluster.
This project prevents us from deploying unnecessary secrets or configurations in the targeted infrastructure Kubernetes cluster, improves the turnover of secrets, and implements a standardized generation and promotion workflow for the application secret.
This was done to isolate secret management for the application per Kubernetes cluster and infrastructure environment, including development, staging, and production. This allows applications that will pull or push secrets from Vault to continue to work if the global Vault cluster is not accessible.
I conducted the proof of concept (POC), which enabled me to prepare the implementation for the non-production environments. Additionally, I have improved the identification process of the company members on the global Vault cluster.
This project prevents us from deploying unnecessary secrets or configurations in the targeted infrastructure Kubernetes cluster, improves the turnover of secrets, and implements a standardized generation and promotion workflow for the application secret.
Education
2004 - 2010
Master's Degree in Computer Science
SUPINFO International University - Paris, France
Skills
Libraries/APIs
Thanos, jQuery, React
Tools
GitLab CI/CD, Terraform, Ansible, Amazon EKS, GitLab, Observability Tools, Kustomize, Subversion (SVN), Git, ELK (Elastic Stack), Loki, Traefik, Vault, Shell, Google Kubernetes Engine (GKE), Amazon QuickSight, Helm, Jenkins, SonarQube, NGINX, VirtualBox, Packer, Grafana, RabbitMQ, Bitbucket, Jira, Confluence, GitHub, Istio, Apache Maven, TeamCity, SaltStack, Iptables, Apache JMeter
Languages
Bash, Go, Java, JavaScript, PHP, Python, CSS, HTML, C#, C#.NET, C++, C, PowerBuilder, Ruby
Paradigms
DevOps, DevSecOps, Management
Platforms
Kubernetes, Docker, Proxmox, Linux, Google Cloud Platform (GCP), Amazon Web Services (AWS), Web, Ubuntu, CentOS, Drone CI, Unix, Windows Server, MacOS, KornShell, Rackspace, AWS Lambda, Apache Kafka, Blockchain, Bitcoin Cash, Nacos, Kubeflow
Storage
Amazon S3 (AWS S3), Elasticsearch, Redis, Databases, MySQL, IIS SQL Server, MongoDB, Azure Cloud Services, Alibaba Cloud, ArangoDB, CockroachDB
Frameworks
Crossplane, Backstage, Locust, Flux, .NET, ASP.NET
Other
CI/CD Pipelines, Prometheus, Jaeger, Kind, Skaffold, Argo CD, Infrastructure as Code (IaC), Site Reliability Engineering (SRE), Spring Cloud, Platforms, Machine Learning Operations (MLOps), Cost Reduction & Optimization (Cost-down), VMware ESXi, DNS, Slackbot, Atlantis, APIs, Migration, Networking, Algorithms, Cisco, LXC, Active Directory (AD), IT Recruitment, TimescaleDB, Apache Pulsar, MLflow, DVC
Collaboration That Works
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
1
Share your needs
Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2
Choose your talent
Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3
Start your risk-free talent trial
Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.
Top talent is in high demand.
Start hiring