Senior DevSecOps Freelancer2022 - 2022Freelance Clients
Technologies: Amazon Web Services (AWS), Kubernetes, Cloudflare, Okta, Datadog, Terraform, Bash, GitHub
- Unified accesses through Okta and integrated it with AWS SSO, QuickSight, K8s dashboards, Cloudflare, and GitHub.
- Set up Cloudflare's Zero Trust network to secure internet access for employees and authorize access to the VPCs on AWS.
- Implemented role-based access control and encryption at rest for all persistent services: ElastiCache/Redis, RDS/Postgres, Elasticsearch, RabbitMQ, and S3.
- Configured AWS security services: CloudTrail, GuardDuty, Inspector, WAFV2, and Config. Used SSM for authorizing and auditing access to EC2.
- Set up monitoring, alerts, and centralized logs with CloudWatch and Datadog.
Senior DevSecOps Engineer2020 - 2022KONUX
Technologies: Helm, Splunk, Bitbucket, Artifactory, Spinnaker, Jenkins, Java, Python, Bash, Terraform, Docker, Kubernetes, Amazon Web Services (AWS), Elasticsearch, DevOps, NGINX, Spring, Apache Airflow, SonarCloud, DevSecOps, OWASP Dependency-Track
- Embedded vulnerability scans in CI pipelines for both application level dependencies and container OS packages, using OWASP Dependency-Track.
- Set up AWS IoT MQTT broker and authentication/authorization through IAM and client certificates.
- Deployed Airflow over EKS and assisted with Amazon EMR and AWS Glue set up.
- Set up AWS RDS (PostgreSQL) and Elasticsearch with controlled network access and IAM authentication.
- Exposed back-end microservices running on EKS via an API gateway, with Amazon Cognito handling the authentication. Additionally, used CloudFront CDN to serve the front end stored in S3.
- Created on-demand sandbox environments with Spinnaker, Jenkins, and Terraform, which enabled developers/QEs to isolate new feature changes, test them thoroughly, and perform repeatable performance tests.
- Set up, hardened, and maintained the EKS/Kubernetes clusters. In addition to managing accesses, resources, autoscaling, and availability of the services running within, all through Terraform.
- Introduced infrastructure as code (IaC) using Terraform, with which the existing infrastructure was imported and managed.
- Implemented CI/CD pipelines using Jenkins and Spinnaker, both modularly and with self-service.
Senior DevOps Engineer2017 - 2020ACI Worldwide GmbH
Technologies: Apache Tomcat, HAProxy, VMware vSphere, Debian, Prometheus, RabbitMQ, PostgreSQL, Vault, Consul, Gerrit, Artifactory, Jenkins, Bash, Terraform, Ansible, Docker, Kubernetes, DevOps, Java, Gradle, Helm
- Set up on-demand testing environments using Kubernetes and Docker.
- Automated the generation of ModSecurity WAF rules whitelisting all the application's public endpoints, along with their deployment to Apache.
- Automated releases with Ansible and Jenkins, where the pipeline would release each project, run the QA jobs, and roll back in case of issues.
- Stabilized Jenkins builds through containerization. Docker Compose was used to start the container build process along with the required services.
Software Engineer2015 - 2017PAY.ON GmbH
Technologies: Gradle, Selenium, SQL, Spring, Java, Jenkins, Software Development, Gerrit
- Improved CI builds to enforce quality and security standards with static code analysis, duplication check, and test coverage rules.
- Integrated Ethoca Alerts into the platform by implementing two independent microservices and refactored common logic into separate libraries, simplifying the development of new microservices.
- Provided secure coding for features along with writing automated tests and peer code reviews.