Nikos is currently unavailable
Nikos Tzelvenzis
Verified Expert in Engineering
DevOps Engineer and Developer
Thessaloniki, Greece
Toptal member since July 15, 2020
Bio
Nikos is a DevOps engineer and infrastructure designer with several years of hands-on experience, which includes building a high-traffic platform with at least 7 million users. On that project, the whole infrastructure was horizontally scaled based on the load and traffic. The challenge there had to do with the size of traffic—specifically auditing and logging—due to the size of logs, etc. were much larger than usual. It's safe to say whatever your DevOps needs are, Nikos can handle them.
Portfolio
Schoox Inc
Amazon Web Services (AWS), PHP, Kubernetes, Python...
ComplexChaos, Inc.
SOC Compliance, SOC 2, IT Security, DevOps, CI/CD Pipelines...
Datajolt Limited
Python, Amazon Web Services (AWS), DevOps, Flask, Kubernetes, Scaling, AWS ALB...
Experience
- Kubernetes - 5 years
- OpenStack - 4 years
- Ansible - 4 years
- Azure - 3 years
- Amazon EC2 - 2 years
- Jenkins - 2 years
- Terraform - 2 years
- Helm - 1 year
Preferred Environment
Firefox, Visual Studio Code (VS Code), Bash, Linux
The most amazing...
...project was making a scalable way to restore all files in 2 hours without service interruption after an accidental deletion of 20 million files in S3 storage.
Work Experience
Director of DevOps
2018 - PRESENT
Schoox Inc
- Created a new secure network within the cloud infrastructure and helped the company archive security certifications to take on new and more significant customers.
- Designed and enabled a monitoring-and-audit platform that helped the support department to answer customer's questions more confidently.
- Transformed the build and deploy procedure. Previously, the company used git pull as the deployment method, which caused HTTP errors; now, the node's upgrades happen without traffic and with zero HTTP errors.
Technologies: Amazon Web Services (AWS), PHP, Kubernetes, Python, Amazon Elastic Block Store (EBS), Amazon Route 53, Amazon EC2, Bash, Ansible, Amazon ElastiCache, Docker, Jenkins, Amazon CloudFront CDN, Continuous Delivery (CD), MongoDB, AWS CloudFormation, Linux, Firefox, SAML, AWS ELB, AWS Command Line Interface (CLI), Terraform, OpenVPN, Amazon EKS, Amazon Simple Queue Service (SQS), Continuous Integration (CI), Helm, Cloud, System Administration, APIs, Cloudflare, DNS Configuration, DMARC, Business Email, IT Consulting, Storage, Amazon CloudFront, Content Delivery Networks (CDN), SSL Configurations, NAT, AWS IAM, Amazon Elastic Container Service (ECS), Containers, CI/CD Pipelines, Infrastructure as Code (IaC), Cloud Architecture, Karpenter, Monitoring, Site Reliability Engineering (SRE), Multi-tenant SaaS, System Architecture, GitHub Actions, GitHub, NGINX, AWS Auto Scaling, Cloud Infrastructure, AWS Lambda, Microservices Architecture, AWS SDK, Distributed Systems, Event-driven Architecture, ECS, AWS DevOps, AWS Deployment, Observability, Telemetry, Elasticsearch, Containerization, ELK (Elastic Stack), Redis, Amazon RDS, SOC 2, Amazon CloudWatch, AWS Step Functions, Monorepos, Machine Learning Operations (MLOps), Event-driven Systems
DevOps and Infrastructure Engineer
2025 - 2025
ComplexChaos, Inc.
- Optimized AWS infrastructure by consolidating resources, removing unused assets, and rightsizing instances, reducing monthly cloud spend by 70%.
- Implemented SOC 2 security controls across infrastructure, including IAM policy hardening, encryption enforcement, and secure network configurations.
- Enhanced system monitoring and alerting by configuring CloudWatch metrics, alarms, and centralized log retention in line with SOC 2 requirements.
- Hardened access management by introducing least-privilege access, MFA enforcement, and regular access reviews for AWS accounts.
- Reviewed and remediated security gaps identified during SOC 2 readiness assessment, ensuring compliance with audit standards.
- Streamlined CI/CD pipelines to incorporate compliance-friendly build, test, and deployment processes.
- Created and updated infrastructure documentation for SOC 2 audit readiness, including network diagrams, control procedures, and configuration baselines.
- Collaborated with leadership and audit partners to prepare audit evidence, align infrastructure practices, and track remediation progress.
Technologies: SOC Compliance, SOC 2, IT Security, DevOps, CI/CD Pipelines, Identity & Access Management (IAM), Infrastructure as Code (IaC), DevSecOps, Vercel, Heroku, PostgreSQL, Firebase, Node.js, Express.js, ISO 27001, HIPAA Compliance, General Data Protection Regulation (GDPR), SaaS, Startups, Amazon CloudFront, Content Delivery Networks (CDN), SSL Configurations, Containers, Cloud Architecture, Karpenter, Monitoring, GitHub Actions, GitHub, Docker, MongoDB, NGINX, AWS Auto Scaling, Cloud Infrastructure, Microservices Architecture, AWS SDK, ECS, AWS Deployment, Amazon EKS, Observability, Telemetry, Kubernetes, Containerization, Amazon CloudWatch, Monorepos
DevOps Engineer
2023 - 2023
Datajolt Limited
- Solved a problem in EKS deployments with network issues on an AWS Application Load Balancer as an ingress resource.
- Suggested a better way to keep logs for the application that was distributed and deployed in the EKS cluster. Listened to the company's needs and suggested two to three solutions based on the budget.
- Checked the existing security state of the infrastructure and evaluated data access based on how they gave me access to the AWS account.
Technologies: Python, Amazon Web Services (AWS), DevOps, Flask, Kubernetes, Scaling, AWS ALB, Gunicorn, Terraform, Bash, Docker, AWS ELB, AWS Command Line Interface (CLI), Helm, Cloud, APIs, Cloud Architecture, Cloud Infrastructure, Containerization
DevOps Engineer
2021 - 2022
GWF
- Built and managed cloud infrastructure using Terraform and Infrastructure as Code (IaC), ensuring consistency, scalability, and reliability across environments.
- Designed, implemented, and maintained CI/CD pipelines with Azure DevOps Services, improving deployment automation and reducing release errors.
- Streamlined development workflows by automating build, test, and deployment processes, leading to faster delivery cycles and higher team productivity.
- Collaborated with developers and architects to optimize cloud resources, improving performance and reducing operational overhead.
Technologies: Azure, Pipelines, Docker, Terraform, Azure DevOps, GitLab CI/CD, Cloud Infrastructure
Senior DevOps Engineer
2021 - 2022
NebulOS, Inc.
- Solved problems in a Ceph cluster with node outages. The cluster was unstable, and all writes were disabled, so it was re-balanced.
- Added four new nodes in the existing cluster and updated the OpenStack to a newer version. Set up new virtual networks and started to work with new clients on this cluster. Created the new OpenStack images for windows and provisioned them.
- Supported the existing Oracle VM cluster with other technical members during US off-work hours.
Technologies: Linux, Ubuntu, OpenStack, Data Centers, Ceph, Bash, NAT, Monitoring, Distributed Systems, Event-driven Architecture, Observability
DevOps Engineer
2021 - 2021
Piggy, LLC
- Changed, working as a developer focused on security, the application's access to AWS from static keys to IAM roles.
- Designed and wrote Lambda function to rotate the credentials of RDS databases automatically.
- Reviewed and fixed the security groups and the access to infrastructure.
Technologies: Amazon Web Services (AWS), Terraform, CI/CD Pipelines, Automation, Amazon RDS, Bash, Kubernetes, Linux, AWS Command Line Interface (CLI), Continuous Integration (CI), Cloud, Cloud Architecture, GitHub, NGINX, Cloud Infrastructure, Microservices Architecture, AWS SDK, Redis, Amazon CloudWatch
DevOps AWS Engineer
2021 - 2021
ZYP.ONE GmbH
- Designed and created the entire environment (production, staging, and testing) with Terraform and created networking with OpenVPN to access the environment without the need to enable public access.
- Migrated the database to RDS, configured database backups, and unique dump exports to S3 with an ECS service.
- Installed and configured the Jenkins CI/CD system with a master node and dynamic slave nodes.
- Improved the automated pipeline to work better with CI and prepared the CD portion for testing and staging environments.
Technologies: Amazon Web Services (AWS), Terraform, Docker, VPN, Networks, Jenkins, GitHub, AWS Batch, Bash, Linux, AWS Command Line Interface (CLI), Continuous Integration (CI), Cloud, Amazon Elastic Container Service (ECS), AWS Fargate, Cloud Infrastructure, AWS Lambda, AWS SDK, ECS, Containerization
Software Developer | Oracle Database Specialist | Infrastructure Architect
2005 - 2018
Logismos SA
- Deployed OpenStack as a private cloud solution for the company.
- Converted storage to be more central with Ceph and with the added benefit that maintenance could happen without interruption to services.
- Designed and implemented an integration service between two systems in near real-time between multi-sites in different countries worldwide.
- Installed and configured an Oracle database with a standby service and automatic backup without interruptions for two different hosts.
Technologies: Ceph, Oracle, OpenStack, Bash, Ansible, Python, Linux, Java, SAML, OpenVPN, System Administration, APIs, IT Consulting, Software, Software Development, Storage, SSL Configurations, NAT, System Architecture, Databases, Distributed Systems, Event-driven Architecture, Keycloak
Experience
Recovery of 20 Million Deleted Files in Amazon S3 Buckets
After an accident, a process started to delete files from two buckets rapidly. The buckets had versioning enabled but we needed to start a flow to recover the data. To solve this, I created a mechanism with a queue and Lambdas that found the files and restored them (i.e., deleting the deletion mark).
Worker Daemon in Python
A Python application to work as a Linux daemon to consume messages from Amazon SQS queues and execute them in a PHP environment. The daemon use metrics posts to an Amazon CloudWatch metrics service and keen audit logs in Amazon S3.
Scalable Logging Parser
With the ELK stack, I used a scalable way with queues to parse files in Amazon S3 Storage and populate data in an Elasticsearch cluster for auditing. The parsing happens in a Kubernetes cluster and uses S3 events and queues to make parsing asynchronous.
SSO Authentication with All Internal Services
A startup, due to an increase in its employee numbers, decided to enable a user repository with Okta. I designed and implemented the authentication, authorization, and internal portals with Okta (SAML and OpenID). The internal services include the AWS console, CLI, and all Dockerized/Kubernetes applications like schedulers and logging tools like Elasticsearch.
SOC2 Certification
I was a member of the team that passes the SOC2 audit and pass for a company.
This team involved the reports and procedures to keep any security aspects and be tracked to audit trails. Finally, we apply any changes requested by the audit team.
This team involved the reports and procedures to keep any security aspects and be tracked to audit trails. Finally, we apply any changes requested by the audit team.
Scalable Serverless Email Delivery System (AWS)
CONTRIBUTIONS
• Designed and implemented a highly scalable, event-driven email delivery system using AWS Lambda, Amazon SES, and Amazon SQS.
• Architected a decoupled email pipeline where application events publish messages to SQS, enabling reliable and asynchronous email processing.
• Implemented AWS Lambda consumers to process queue messages and send transactional emails via Amazon SES.
• Implemented exponential backoff retry logic for transient failures (SES throttling, temporary network errors), progressively increasing retry delays to prevent cascading failures and API abuse.
• Leveraged SQS visibility timeouts and message delay strategies to support backoff behavior, combined with Dead Letter Queues (DLQ) for poison messages.
• Ensured horizontal scalability by leveraging Lambda concurrency and SQS buffering to handle traffic spikes without service degradation.
• Applied IAM least-privilege policies and SES best practices (verified domains, DKIM, SPF).
• Implemented observability using CloudWatch metrics, structured logs, and alarms for delivery failures and retry exhaustion.
Technologies: AWS Lambda, Amazon SES, Amazon SQS, CloudWatch, IAM
Architecture: Serverless, event-driven, fault-tolerant
• Designed and implemented a highly scalable, event-driven email delivery system using AWS Lambda, Amazon SES, and Amazon SQS.
• Architected a decoupled email pipeline where application events publish messages to SQS, enabling reliable and asynchronous email processing.
• Implemented AWS Lambda consumers to process queue messages and send transactional emails via Amazon SES.
• Implemented exponential backoff retry logic for transient failures (SES throttling, temporary network errors), progressively increasing retry delays to prevent cascading failures and API abuse.
• Leveraged SQS visibility timeouts and message delay strategies to support backoff behavior, combined with Dead Letter Queues (DLQ) for poison messages.
• Ensured horizontal scalability by leveraging Lambda concurrency and SQS buffering to handle traffic spikes without service degradation.
• Applied IAM least-privilege policies and SES best practices (verified domains, DKIM, SPF).
• Implemented observability using CloudWatch metrics, structured logs, and alarms for delivery failures and retry exhaustion.
Technologies: AWS Lambda, Amazon SES, Amazon SQS, CloudWatch, IAM
Architecture: Serverless, event-driven, fault-tolerant
Education
1998 - 2004
Bachelor's Degree in Electronics
Technical University - Thessaloniki, Greece
Certifications
SEPTEMBER 2019 - SEPTEMBER 2022
AWS Certified SysOps Administrator — Associate
AWS
Skills
Libraries/APIs
OpenID, Node.js
Tools
Amazon Elastic Block Store (EBS), AWS ELB, AWS Command Line Interface (CLI), Amazon ElastiCache, Terraform, Amazon EKS, GitHub, Amazon CloudWatch, ELK (Elastic Stack), Amazon CloudFront, AWS IAM, Amazon Elastic Container Service (ECS), NGINX, AWS SDK, AWS Deployment, Ansible, Helm, OpenVPN, Amazon Simple Queue Service (SQS), Jenkins, Amazon CloudFront CDN, AWS Batch, GitLab, GitLab CI/CD, AWS Fargate, AWS Step Functions, Keycloak, AWS CloudFormation, VPN, Amazon Simple Email Service (SES), Grafana, Hyper-V
Frameworks
AWS HA, Flask, Express.js, SPF
Paradigms
DevOps, Microservices Architecture, Event-driven Architecture, Continuous Delivery (CD), Continuous Integration (CI), DevSecOps, Automation, HIPAA Compliance, Azure DevOps
Platforms
Amazon EC2, OpenStack, Kubernetes, Docker, Amazon Web Services (AWS), AWS Lambda, Ubuntu, Azure, Linux, Firefox, Oracle, Visual Studio Code (VS Code), AWS ALB, Vercel, Heroku, Firebase
Storage
Amazon S3 (AWS S3), Ceph, Databases, Elasticsearch, Redis, MongoDB, Data Centers, PostgreSQL
Languages
Python, Bash, PHP, Java, SAML
Other
CI/CD Pipelines, Amazon RDS, SOC 2, Infrastructure as Code (IaC), DNS Configuration, Infrastructure, Software, Software Development, Storage, Content Delivery Networks (CDN), SSL Configurations, NAT, Containers, Cloud Architecture, Karpenter, Monitoring, Site Reliability Engineering (SRE), Multi-tenant SaaS, System Architecture, GitHub Actions, AWS Auto Scaling, Cloud Infrastructure, Distributed Systems, AWS DevOps, Observability, Telemetry, Containerization, Monorepos, Event-driven Systems, Amazon Route 53, System Administration, APIs, Cloudflare, DMARC, Business Email, IT Consulting, ECS, Electronics, Microcontrollers, Circuit Design, Okta, Single Sign-on (SSO), Security, Cloud, Networks, Scaling, Gunicorn, SOC Compliance, IT Security, Identity & Access Management (IAM), ISO 27001, General Data Protection Regulation (GDPR), SaaS, Startups, Pipelines, Mail, DomainKeys Identified Mail (DKIM), Argo CD, Prometheus, Machine Learning Operations (MLOps)
Collaboration That Works
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
1
Share your needs
Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2
Choose your talent
Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3
Start your risk-free talent trial
Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.
Top talent is in high demand.
Start hiring