Andrea De Rinaldis
Verified Expert in Engineering
AWS DevOps and Developer
Como, Italy
Toptal member since September 9, 2020
Andrea has over 20 years of experience in system administration and architecture design. He is always up to date with the latest IT trends. In the last years, Andrea has focused on DevOps methodologies and tools, cloud environments, IaC, and operation automation. He is also a software architect and developer with proven experience in distributed, multiservice-based applications.
Portfolio
Experience
Availability
Preferred Environment
Amazon Web Services (AWS), Git, Shell Scripting, Python, Java, Docker, Kubernetes, Linux, Terraform
The most amazing...
...project I've released was a fully automated mailing application on Kubernetes. I led the development team and implemented monitoring and autoscaling features.
Work Experience
Independent IT Consultant | DevOps Engineer | MLOps
Self-employed
- Worked on IT architecture design, IT automation, and software development.
- Completed 34 projects for my clients in less than three years.
- Collaborated with 11 clients among the major players in the world IT industry.
- Worked on 12 Kubernetes-based applications, both on cloud platforms and on-premises. In these projects, I covered the roles of IT architect, DevOps engineer, and software developer.
- Completed four projects using Terraform as an IaC tool on the AWS platform. The Terraform configurations included advanced features such as modules, conditionals, and data sources for maximum flexibility and maintainability.
- Used pipelines for CI/CD in 20+ projects. All of these applications were deployed in complex distributed environments. The tools used for CI/CD are Jenkins, Gitlab Pipelines, Buildkite, and Concourse CI.
- Prepared and taught three courses about infrastructure management automation.
- Implemented an ML Infrastructure from scratch in AWS.
- Worked as MLOps Engineer on a project for a self-driving vehicle manufacturer to set a Python / React application used to test ML models.
- Setting up compute instances • Setting up services: front-end server, back-end server, convergence service • Setting up staging and production environments • Sizing, deploying, and managing Kubernetes resources • Setting up pipelines for automatic build, test, and deployment cycles.
AWS Elastic Container Service Deployment Lead
Hawthorne Mackenzie Consulting LLC
- Worked on a migration project for a set of traditional rails web applications from a cloud provider to AWS on ECS for production and staging environments.
- Worked on a migration project for a set of traditional rails web applications from a cloud provider to AWS on ECS for two AWS accounts in a single organization.
- Worked on a migration project for a set of traditional rails web applications from a cloud provider to AWS on ECS for four separate applications.
DevOps Engineer
Centre for Biodiversity Genomics, University of Guelph - Main
- Reorganized DevOps processes and workflows for efficiency and reliability.
- Helped organize GitLab repositories and CI/CD pipelines.
- Communicated with different stakeholders across the organization.
- Trained people and provided policies, documentation, and best practices.
DevOps Engineer
Loyalty Gator Inc.
- Assessed and improved the company's and its clients' current domain email reputation configuration.
- Troubleshooted and improved their email-sending platform.
- Helped them create a set of potential actions and an FAQ to prepare their users.
Cybersecurity and IT Consultant
TransitionZero
- Assisted the client in assessing their current workspace and environment setup and security.
- Proposed and implemented best practices and automation for IAM, authentication, and general security.
- Set up general company identity and security management.
Senior GCP DevOps | Digital Agency
Insomniac Design Inc
- Oversaw the design, development, and operations. Implemented IaC provisioning with Terraform.
- Built and maintained continuous integration and delivery pipelines.
- Monitored cloud infrastructure and services, including servers, storage, and network components.
AWS Expert | Technical Lead
Ricoh
- Deployed the application in the production environment within the project time framework.
- Integrated the new application with the existing Integrated Business Planning (IBP) platform.
- Deployed an SSO solution to access the application through the integrated identity provider (IdP).
- Federated the identity providers of the application's client to provide central user management.
AWS DevOps | Kubernetes Engineer
Oorbit Inc.
- Assisted in setting up infrastructure for a containerized gaming platform.
- Improved the application startup time by 95%, adopting a container image cache repository.
- Completely automated the provisioning, scaling, and monitoring process for the infrastructure.
Windows Server Administrator
Ricoh
- Acted as Windows administrator to upgrade functional servers for a market-leader copier and printer manufacturer. Participated as a technical lead to a project aimed to upgrade over 700 Windows servers that were reaching EOL in a few months.
- Worked on various project tasks, including assessing the current server farm, upgrading the servers in place, reinstalling the servers with the current Windows version, migrating the application, and dismissing the servers that were no longer needed.
- Upgraded the servers running Windows 2003, 2008, 2008 R2, 2012, and 2012 R2. The server farm was installed partially on VMWare ESX clusters and partially on the Azure cloud.
Cloud Infrastructure Engineer
Allegis - Cruise Automation - Main
- Set up the services for a complete scenario testing application on a GKE cluster.
- Created the pipelines to automate the CI/CD operations fully.
- Integrated the application with the internal security system.
CTO
Infoline SRL
- Restructured the working methodology of the technical department adopting the agile framework.
- Led a total of 15 people in the technical department.
- Taught four courses on DevOps tools and methodologies.
- Reimplemented all the development environments on Docker containers.
- Introduced continuous integration and continuous building processes.
- Moved the on-premises production environment to the cloud saving €60,000/year.
IT Manager
Central Europe
- Managed the yearly IT budget of the organization (about €800,000).
- Migrated three legacy applications to the cloud implementing automatic provisioning and autoscaling features.
- Taught five courses to my colleagues and to our clients.
- Participated in the core group for the joint development of the European electronic monitoring system (EMS).
Systems Engineer
Cedacri SpA
- Implemented the server farm monitoring (3,500 servers) in two months.
- Completed 20 projects for our clients and 15 internal projects.
- Developed the internal hardware provisioning portal.
Experience
Cloud Infrastructure Development
The most important tasks revolved around:
• Setting up compute instances
• Setting up services: front-end server, back-end server, convergence service
• Setting up staging and production environments
• Sizing, deploying, and managing Kubernetes resources
• Setting up pipelines for automatic build, test, and deployment cycles
• Integrating the application with the internal security system
• Managing internal users of the application
• Assisting with complementary emergent cloud infrastructure needs
Technologies and skills applied:
• GCP
• Cloud infrastructure management: compute instances, services orchestration, user management, scaling
• CI/CD Pipelines
• Buildkite
• Python
• JavaScript
• Node.js
• React
AWS DevOps Engineer for HR Platform
https://www.engagetech.com/I was in charge of managing the existing platform and improving the overall architecture for efficiency, reliability, and scalability.
The tools used to manage the application are:
• AWS CloudFormation for IaC
• Puppet for resource configuration
• Buildkite for CI/CD pipelines
• Python scripts to glue together the automation tools
• CloudWatch to monitor the infrastructure
• RDS (MySQL and PostgreSQL) for the database layer
The microservices are running on ECS.
All operations are fully automated, including service autoscaling.
The deployments into the production environment happen multiple times per day. The DevOps pipelines ensure continuous deployments without service interruption.
I also participated in the revision of the infrastructure to minimize costs, providing a saving of over 10,000 a month.
DevOps Engineer for a IoT Device Monitoring Company
My responsibilities in the project:
• Engage with product and engineering to drive and improve the whole lifecycle of operational readiness.
• Write software layers, scripts, deployment frameworks, tracers, monitors, self-healing, and auto-remediation tools and automate the processes.
• Build and maintain software modules for use and re-use in cloud automation
• Maintain business continuity by identifying and driving opportunities to make systems highly resilient and minimize human intervention.
• Assist our software engineering team to ensure accurate monitoring and metrics are being built into applications before going to production.
• Maintain up-to-date documentation on deployments, processes, and standard operating procedures and runbooks.
Marine Information Collection System
The application is deployed on AWS and is fully automated using Terraform as an IaC tool.
I designed and implemented the whole architecture of the application, including an API Gateway, an EKS cluster to run the microservices that compose the application layer, a MongoDB ReplicaSet installation, and an OAuth 2.0 authentication service.
AWS, Kubernetes, and Database Engineer
I worked as Kubernetes expert to help with the migration of the services of an application from AWS ECS to EKS. The new setup was completely automated using Terraform and ConcourseCI. I was also responsible for database management, backup, and migration (PostgreSQL on RDS).
Windows Server Administrator
http://www.ricoh.comI worked on various project tasks, including assessing the current server farm, upgrading the servers in place, reinstalling the servers with the current Windows version, migrating the application, and dismissing the servers that were no longer needed. Servers running Windows 2003, 2008, 2008 R2, 2012, and 2012 R2 were upgraded. The server farm was installed partially on VMWare ESX clusters and partially on the Azure cloud.
DevOps Engineer Work for a NFT Marketplace
TASKS AND DELIVERABLES
• Set up a CI/CD.
• Configure SSL, load balancer, monitoring, and secret management.
• Manage and set up blockchain nodes.
Mailing Application
The application reads email information and sends massive emails asynchronously. It is implemented in Java (Spring Boot) and Python. It is fully automated: Building, testing, deploying, monitoring, log collection, and autoscaling are all automated processes that require no manual intervention at all.
The code repository is hosted by GitHub. The CI/CD pipeline is implemented with Jenkins.
Personal Loans Web Application
https://login.avverafinanziamenti.it/The application is based on microservices deployed in some WebSphere Liberty Profile Application Server instances. The management of the instances is fully automated with custom scripts. The monitoring of the application is implemented with Prometheus and Grafana.
Senior DevOps Engineer for R&D Department
For process automation, I designed and implemented the frameworks.
Also, I provisioned the cloud infrastructure environment using CloudFormation as an Infrastructure as Code (IaC) tool.
The project was deployed on an EKS cluster on AWS.
Electronic Monitoring System
DevOps Engineer on AWS - EKS
The application collects IoT data from measurement system devices for state monitoring, alarm triggering, and performance measurements.
After acquiring the platform from another company, I was in charge of the migration from an AWS account to a new one. While designing the new infrastructure, I also applied several architectural improvements to achieve better scalability, reliability, and maintainability.
Monitoring of a Kubernetes Cluster with Prometheus and Grafana
The components have been installed with a Helm chart using the Operator configuration. After installing the components, the existing application has been configured to send the metrics to Prometheus. The project included the creation of some Grafana dashboards to monitor the most relevant metrics of the infrastructure and the application.
DevOps Engineer for Graphic Design Enterprise
DevOps Engineer for a Company Developing a Cryptocurrency Wallet
• Working with the stakeholders from the client team to define the implementation of the processes.
• Setting up the CI/CD pipelines with GitHub Actions.
• Packaging and delivering the mobile app and desktop apps.
• Maintaining the website deployed on AWS.
DevOps Engineer for a Leading Crypto Tax Platform and Cryptocurrency Tax Accounting Company
My responsibilities in the project included:
• Organize and automate the CI/CD pipelines.
• Create the development environment framework (based on Tilt).
• Design and implement the auto-scaling rules for the application components and the infrastructure resources.
DevOps Specialist for Digital Marketing Agency
I was responsible for:
• Assessing the existing infrastructure.
• Proposing enhancements to improve scalability, reliability, and efficiency.
• Improving the security of the cloud environment and resources.
• Managing the DNS servers and SSL/TLS certificates.
• Defining and monitoring resource backups.
• Monitoring the relevant parameters of the application.
• Applying security updates and patches.
• Responding to incidents.
• Managing the DevOps processes for the organization in partnership with the IT department and VP of digital marketing.
• Migrating some web environments to WordPress.
• Participating in the development of the backend components.
DevOps Engineer for a Facial Recognition Startup
The activities I performed included:
• Set up and maintain PostgreSQL for high-load applications.
• Use Docker for development and production.
• Provide the resources on the Azure environment.
• Design file management solutions on the cloud.
• Set up and design the CI/CD pipelines.
• Write reusable scripts to provision production and staging instances (Ansible, Terraform).
Automatic Provisioning of an AWS Cloud Environment for a Web Application
Tasks and deliverables included:
• Enhancements to the environment for efficiency, scalability, and reliability
• Automation of processes
• Security revision and enhancement
• Architectural guidance and implementation of the suggestions
Prometheus Setup and Optimization for a Bare Metal Cloud Provider
The client was collecting a huge amount of network data from 1,000+ network interfaces and had the need to aggregate the data and present it to the clients.
I had the responsibility of improving the query time of the metrics to provide real-time statistics visibility on the dashboards.
For this project, my strategy has been:
• Analyze and document the existing setup and business requirements.
• Connect the existing Prometheus installation with the PostgreSQL database where the metrics data was saved.
• Improve the PromQL queries to aggregate data.
Automatic Provisioning of Azure Resources
The activities included in the project were the following:
• Define ARM templates to create resources (virtual networks, VMs, storage services)
• Grant the permissions to AD Groups to launch the templates and configure resources
• Configure resource quota to avoid misuse of the service
• Connect the ServiceNow API with the Azure cloud infrastructure to let the users create resources automatically on their own
JBoss Migration
The migration process is completely automated using Ansible and includes the provisioning of VMWare instances, application server installation and configuration, definition of external resources, and application deployment.
Senior Proxy Administrator
I was responsible for the management of the central infrastructure based on Linux servers deployed on the AWS cloud environment and Squid proxy server.
Troubleshooting an Enterprise Queuing System
I was responsible for analyzing and solving a problem that the client had with the delivery of the service to the final users of the platform. I completely redesigned the application routing at the cloud level designing a new AWS ELB setup.
DevOps Engineer for an Anonymizing Platform
The application uses many cloud and hosting platforms to make user tracking unfeasible:
• AWS
• GCP
• Azure
• DigitalOcean
• Alibaba
• Vulture
My contribution was to fully automate the proxy deployment and monitoring processes. I also implemented the automatic configuration of the resources of the platform.
AWS Elastic Container Service Deployment Lead for a Cloud Migration
I have redesigned the previous application architecture (ALB sitting in front of two large Amazon EC2 instances, backed by an RDS) to a fully scalable containerized infrastructure with DR capabilities.
The migration process included:
• Production and staging environments
• Two AWS accounts in a single organization
• Four separate applications
The infrastructure is entirely provisioned with Terraform. All the components are highly available and fully auto-scalable. Disaster recovery is set up for all critical resources. The CI/CD pipelines are entirely automated and implemented with GitHub workflows.
Certifications
AWS Solutions Architect Associate
Amazon Web Services
Skills
Libraries/APIs
jQuery, Node.js, Jenkins Pipeline, REST APIs, Amazon EC2 API, AWS Amplify, OpenAPI, NTLM, OpenID, OpenSSL, React
Tools
Ansible, Jenkins, Grafana, ELK (Elastic Stack), Git, VMware, Terraform, Amazon EKS, NGINX, RabbitMQ, AWS CloudFormation, Puppet, Helm, Google Kubernetes Engine (GKE), Amazon CloudWatch, Apache Maven, Shell, Jira, Apache, Apache Tomcat, GitHub, Confluence, Bitbucket, Postfix, Squid Proxy Server, Amazon Elastic Container Service (ECS), Istio, Amazon Elastic Block Store (EBS), AWS IAM, Kong, GitLab CI/CD, Amazon Simple Queue Service (SQS), Amazon Virtual Private Cloud (VPC), AWS Key Management Service (KMS), Amazon Elastic Container Registry (ECR), Zabbix, Docker Hub, Kibana, Amazon Simple Email Service (SES), AWS ELB, Docker Compose, CircleCI, Squid, Azure Kubernetes Service (AKS), Beanstalk, GitLab, MongoDB Atlas, AWS Deployment, Amazon CloudFront CDN, Amazon OpenSearch, Subversion (SVN), Cron, AWS CLI, Nagios, Amazon Firewall, Google Workspace, Microsoft Teams, Auth0, VMware vSphere, IBM MQ, Amazon Cognito, Packer, CloudOps, AWS Step Functions, Google Compute Engine (GCE), Vault, Sentry, SonarQube, Amazon SageMaker, VPN, Logging, AWS Glue, Ansible Tower, AWS Fargate, Mailchimp, Azure Logic Apps, AWS AppSync, Microsoft Power BI, Azure DevOps Services, Amazon ElastiCache, Microsoft Exchange, Prisma, Hyper-V, Postman, Dynatrace, Watchdog, Microsoft Power Apps, Azure Active Directory B2C (ADB2C), AWS CloudTrail, Observability Tools, AWS CodeDeploy, Amazon CloudFront, Microsoft Outlook, Gradle, Concourse CI, SaltStack, Bamboo, Splunk, Logstash, Tilt, Chef
Languages
Java, Python, PHP, HTML5, CSS, JavaScript, XML, PHP 7, Python 3, YAML, Bash, SQL, Bash Script, HTML, GraphQL, SAML, TypeScript, Go, C
Frameworks
Windows PowerShell, Ant Design, OAuth 2, Selenium, Spring Boot, Spring Microservice, SPF, Serverless Framework, Next.js, JPA, Java Persistence API (JPA), Spring, Apache Spark, AWS Serverless Application Model (SAM), Django, .NET, JSON Web Tokens (JWT)
Paradigms
DevOps, Continuous Development (CD), Continuous Integration (CI), Continuous Delivery (CD), Database Design, Microservices, Web Architecture, Unit Testing, Agile, Continuous Deployment, Serverless Architecture, Azure DevOps, Penetration Testing, DevSecOps, Testing, REST, Load Testing, Microservices Architecture, API/Services Architecture, Event-driven Architecture, Role-based Access Control (RBAC), Agile Project Management, ETL, ETL Implementation & Design, API Observability, High-performance Computing (HPC), HIPAA Compliance
Platforms
Linux, Kubernetes, Docker, Google Cloud Platform (GCP), Amazon Web Services (AWS), LAMP, Ubuntu, Amazon EC2, Apache Kafka, AWS Lambda, JVM, Windows, WordPress, CentOS, Windows Server, AWS Cloud Computing Services, AWS Elastic Beanstalk, Azure, Ubuntu Linux, AWS ALB, OpenShift, Windows Server 2016, DigitalOcean, Blockchain, Ethereum, Unix, Azure IaaS, AWS IoT, Red Hat OpenShift, SharePoint 365, SharePoint, Azure Functions, AWS NLB, Azure PaaS, Microsoft, Google App Engine, Red Hat Linux, Oracle, Microsoft Dynamics 365, Firebase, Debian, Debian Linux, Vercel, Buildkite, Contentful, Google AppSheet
Storage
Redis, Amazon S3 (AWS S3), Amazon Simple Workflow Service (SWF), Amazon DynamoDB, Elasticsearch, MongoDB, PostgreSQL, MySQL, Object Storage, NoSQL, Database Management, Relational Databases, Databases, Google Cloud, Azure Cloud Services, Database Administration (DBA), Microsoft SQL Server, Oracle Cloud, Datadog, Cloud Deployment, Azure Active Directory, On-premise, Storage Area Networks (SAN), Redis Cache, Amazon Aurora, Database Migration, Google Cloud SQL, Google Cloud Storage, Database Security, Company Databases, Redshift, Data Pipelines, Data Centers, IIS SQL Server, Azure SQL Databases, Azure SQL, Azure Queue Storage, Database Performance, MySQL/MariaDB, Data Lakes, MySQL Server, Spring Data JPA, JSON, Data Integration, Database Architecture, Cassandra, Nextcloud, MariaDB, IBM Db2, Couchbase
Industry Expertise
Healthcare, Cybersecurity, Network Security, Project Management
Other
Prometheus, Shell Scripting, System Administration, AWS Cloud Architecture, Cloud Architecture, CTO, AWS DevOps, CI/CD Pipelines, Scalability, Web Scalability, Dynamic Load Balancing, Load Balancers, Site Reliability Engineering (SRE), Linux Server Administration, Site Reliability, Containers, Firewalls, Networking, Proxies, Transmission Control Protocol (TCP), UDP, Elastic Load Balancers, Routing, Distributed Systems, Cloud, Developer Relations, APIs, Development, Unix Shell Scripting, Monitoring, Systems Monitoring, Repository Management, DevOps Engineer, Security, Scripting, Amazon RDS, HAProxy, Dovecot, MinIO, Amazon API Gateway, Servers, SaaS, Infrastructure as Code (IaC), WebSockets, Containerization, Cloud Infrastructure, Serverless, Architecture, Migration, Identity & Access Management (IAM), Jira Administration, Message Queues, ECS, Content Delivery Networks (CDN), Crypto, GitHub Actions, AWS Secrets Manager, RHEL, Cloud Computing, Proxy Servers, Scaling, SMTP, DNS, API Gateways, SSL Engineering, Windows System Administration, System Architecture, Large Scale Distributed Systems, Consulting, AWS Certified Solution Architect, Cloud Security, Autoscaling, Audio Codecs, Audio Processing, Cloud Services, Virtualization, IIS 10, Documentation, Office 365, Solution Architecture, Argo CD, Big Data, Gmail, Mail Servers, Linux Administration, Clustering, Cluster Management, AWS Certified DevOps Engineer, Back-end, Real-time Communication (RTC), Scalable Architecture, Startups, Infrastructure Monitoring, Disaster Recovery Plans (DRP), Disaster Recovery Consulting, IT Infrastructure, Server Infrastructure, Data Center Infrastructure, Data-driven Dashboards, Resource Management, Decentralized Finance (DeFi), Infrastructure as a Service (IaaS), Cloud Migration, Data Migration, Authentication, Authorization, IT Security, Configuration Management, Cloudflare, Data Analytics, Personally Identifiable Information (PII), Machine Learning Operations (MLOps), AWS VPN, Jira Administrator, Data Engineering, Infrastructure, Data Mesh, ETL Tools, IIS, Amazon Kinesis, Cryptography, Email, Domain DNS Setup, Spam Filtering, Web Hosting & Domain Setup, DomainKeys Identified Mail (DKIM), Virtual Machines, Azure Virtual Machines, IMAP, POP3, Enterprise Software, IoT Protocols, Software Project Management, API Integration, Platform as a Service (PaaS), Support & Maintenance, Power Shell Commands, Azure Virtual Networks, Web Development, Microsoft Azure Cloud Server, Virtual Private Servers, Delivery Management, Web Security, User Stories, High-load, Website Traffic, Site Speed Optimization, High Availability Disaster Recovery (HADR), Training, Training Videos, MSMQ, Leadership, Lambda Functions, Networks, Application Security, Kubernetes Operations (kOps), Machine Learning, Large-scale Production Deployments, Deployment, Data Build Tool (dbt), SecOps, OAuth, Access Control, Argo Workflow, Apache Cassandra, Okta, OpenID Connect (OIDC), Amazon MSK, Google BigQuery, VPC, Back-end Performance, Internet Information Services (IIS), Technical Documentation, Team Leadership, GitOps, Performance Analysis, Strategic Planning, Active Directory Programming, DHCP, Kerberos, Windows Subsystem for Linux (WSL), High-availability Linux, Patch Deployment, Video Games, Troubleshooting, Container Orchestration, Hybrid Cloud Infrastructure, Vulnerability Assessment, Data Privacy, Single Sign-on (SSO), Domains & Hosting, Email Marketing, Email Systems, Email Delivery, Hardware, Orchestration, Customer Relationship Management (CRM), Software QA, Reputation Management, DMARC, Data Visualization, Azure VDI, Microsoft Azure, Security Policies & Procedures, HTTPS, Microsoft 365, Web Application Firewall (WAF), Multitenancy, Release Management, iSpring, GDPR, Web3, Elementor, FastAPI, Data Warehousing, SDKs, AWS CodePipeline, Cloud Monitoring, SSH, Unix/Linux Virtualization, Amazon Route 53, Kubernetes Security, AWS Control Tower, DNS Configuration, Full-stack, Service Meshes, SSL Certificates, SysOps, AWS Certified SysOps Administrator, Code Deployment, Build Pipelines, Cryptocurrency, Non-fungible Tokens (NFT), ARM, Azure Pipelines, ServiceNow, Bare-metal Environment, Web App Security, Lint
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring