toptal.com
Contact us: +1.888.867.7001
Deepak Agrawal, DevOps and Software Developer in Gurugram, India
Deepak Agrawal

DevOps and Software Developer in Gurugram, India

Member since October 12, 2022
Deepak is a cloud architect, specialist, consultant, SRE, and observability engineer with over a decade of intense professional experience. He has architected and built multiple platform-agnostic infrastructures from scratch for modern cloud systems. Deepak has a proven track record of hands-on operations in high-scale environments and is proficient in cost optimization, IaC, automation, cloud security, migrations, deployment pipelines, and observability.
Deepak is now available for hire
Hire Deepak

Portfolio

  • Sequoia Capital
    PostgreSQL, Amazon RDS, Amazon Aurora, Cloud Architecture...
  • epiFi
    Python 3, Terraform, AWS IAM, Jenkins, AWS ELB, GitHub, Groovy, Packer...
  • Housing.com
    Kubernetes, Microservices Architecture, Cloud Security, Ansible, Apache Solr...

Experience

Location

Gurugram, India

Availability

Part-time

Preferred Environment

Kubernetes, Amazon Web Services (AWS), Python 3, Terraform, Jenkins, Ansible, Cloud Security, ELK (Elastic Stack), PostgreSQL, Cost Reduction & Optimization

The most amazing...

...projects I've done is designing and architecting a cloud infrastructure with Terraform and optimizing AWS cost by 50% for multiple companies.

Employment

  • Manager | Global Infrastructure

    2020 - 2022
    Sequoia Capital
    • Built an in-house CLI tool for tagging AWS resources in Python 3 and made all 17 AWS accounts 100% tagging compliant.
    • Evaluated the CloudHealth control tower by VMWare and integrated it to manage all AWS accounts and GCP projects. Configured policy-based governance for zombie resources, tagging governance, cost, security, container management, and operations.
    • Migrated complete Infrastructure and PostgreSQL database from one AWS account to another in the same region using AWS DMS for PostgreSQL. Worked on Shared VPCs, Subnet, security groups, and NACL design.
    • Set up containerized Kubernetes EKS infrastructure to deploy new apps for development, test, stage, and production environments with 100% IaC. Used Terraform with best cost and security practices, including Identity and access management (IAM).
    • Shared cost and security best practices with teams in different GEOs in Sequoia and reduced the AWS bill by $23,000 per month in two months.
    • Performed Well-architected Reviews (WAR) for all Sequoia AWS accounts and multiple portfolio companies. Configured security services, including Macie, Inspector, GuardDuty, configuration, IAM, WAF, SCP, Security Hub, and Cloudflare.
    • Provided recommendations on best practices for cloud infrastructure architecture, cost optimization, and cloud security for multiple Asia-based portfolio companies, including Pentester Academy, Checkbox, Enterpret, and FlowAccount.
    Technologies: PostgreSQL, Amazon RDS, Amazon Aurora, Cloud Architecture, AWS Cloud Architecture, Terraform, Google Cloud Platform (GCP), Cloud Security, Elasticsearch, Amazon Elastic Container Service (Amazon ECS), Amazon EKS, AWS ELB, Cloudflare, GitHub, Python 3, Boto 3, Linux, DevOps, Cloud, Python, Git, Docker, CentOS, CI/CD Pipelines, Amazon Web Services (AWS), AWS DevOps, Continuous Integration (CI), Jenkins, Amazon EC2, Containerization, HashiCorp, Team Leadership, Management, Infrastructure as Code (IaC), DevSecOps, AWS CodePipeline, Security, Amazon Virtual Private Cloud (VPC), Identity & Access Management (IAM), GitHub Actions, Kubernetes HPA, Kubernetes, Container Orchestration, Continuous Deployment, AWS Elastic File System, PyCharm, Relational Database Services (RDS), AWS CodeCommit, IT Project Management, Project Management, IT Projects, Agile DevOps, Networking, Architecture, Cloud Computing, Amazon API Gateway, CTO, Elastic Load Balancers, Amazon DynamoDB, Linux Server Administration, AWS Transit Gateway, Terragrunt, Service Meshes, Istio, DevOps Engineer, GitLab CI/CD, Monitoring, Automation, Lambda Functions, Network Security, Web Security, Microservices, Enterprise Application Architecture, Enterprise Architecture, Helm, Amazon Elastic Container Registry (Amazon ECR), Amazon Route 53, DNS, Content Delivery Networks (CDN), SSL, Azure, AWS ALB, Flask, System Architecture, APIs, Growth, Amazon Firewall, HTTP, Redis Cache

  • DevOps Consultant

    2020 - 2020
    epiFi
    • Built a fully automated federated role-based cross-account with IAM access through SAML for all employees, based on their designation, namely developer, lead, and DevOps. Used Terraform, GitHub, Jenkins, and Groovy.
    • Created a DevOps dashboard from scratch in Python and Flask to manage the blue-green deployment flow and provide metadata around services.
    • Worked on one-click deployment using Packer, Terraform, and Jenkins declarative pipeline for immutable infrastructure for non-production environments.
    • Configured blue-green deployment for production and non-production environments using Jenkins and Groovy.
    • Automated the deployment of the DevOps dashboard in ECS using Terraform, Jenkins, and Groovy.
    Technologies: Python 3, Terraform, AWS IAM, Jenkins, AWS ELB, GitHub, Groovy, Packer, Amazon Cognito, Linux, DevOps, Cloud, Python, Git, CI/CD Pipelines, Docker, Amazon Web Services (AWS), AWS DevOps, Continuous Integration (CI), Amazon EC2, Management, Infrastructure as Code (IaC), DevSecOps, Security, Amazon Virtual Private Cloud (VPC), Identity & Access Management (IAM), Continuous Deployment, PyCharm, Agile DevOps, Architecture, Cloud Computing, Elastic Load Balancers, Web Applications, Webhook, DevOps Engineer, GitLab CI/CD, Automation, Microservices, Amazon Route 53, DNS, Continuous Delivery (CD), AWS ALB, System Architecture, APIs, Growth, Data Analytics, HTTP, Shell, Bash Script

  • Engineering Manager | DevOps

    2018 - 2020
    Housing.com
    • Worked as head of DevOps for Housing.com, PROPTIGER, and Makaan, reducing the AWS bill by 45% for all three platforms. Improved average uptime from 99.86% to 99.99% in a year and led AWS Aurora migration using AWS DMS with a rollback strategy.
    • Managed Kubernetes migration, logging, monitoring, alerting, security, cost, CI/CD, automation, uptime of all platforms, and beta and production environment issues. I took infrastructure to the next level.
    • Planned and scaled infrastructure for Housing.com to suddenly handle ten times more traffic through some marketing campaigns with minimal cost in one week. Implemented observability through ELK stack, Jaeger, and OpenTelemetry.
    • Built centralized logging using ELK with ElastAlert and Search Guard. Set up ELK APM for Java-based APIs in beta and production environments. In this activity, we re-architected how the logging part was being managed earlier.
    • Set up disaster recovery (DR) for Housing.com and implemented AWS WAF and Cloudflare WAF for different platforms.
    • Migrated PROPTIGER and Makaan's 40 APIs from EC2 to the Kubernetes platform with Kubernetes Operations (Kops), Prometheus, and Grafana in AWS.
    • Worked with key stakeholders in tech to get their requirements related to dependencies on DevOps, prioritize them, and implement them for smooth project completion by all the tech teams. PoC on HashiCorp Vault implementation for secret management.
    • Resolved all security group issues reported by the trusted advisor in AWS for the three platforms. Troubleshot various production issues related to infrastructure and provided root cause analysis (RCA) and resolution.
    Technologies: Kubernetes, Microservices Architecture, Cloud Security, Ansible, Apache Solr, OpenStack, Amazon CloudFront CDN, Cloudflare, ELK (Elastic Stack), Grafana, Prometheus, Kibana, Kubernetes Operations (Kops), OpenTelemetry, RabbitMQ, SaltStack, Vault, Linux, DevOps, Cloud, Python, Git, Docker, CI/CD Pipelines, Amazon Web Services (AWS), AWS DevOps, Continuous Integration (CI), Terraform, Jenkins, WordPress, Amazon EKS, Amazon EC2, GitHub, Jira Administration, Jira, Containerization, Bash, HashiCorp, Team Leadership, Management, Infrastructure as Code (IaC), DevSecOps, Security, Amazon Virtual Private Cloud (VPC), Identity & Access Management (IAM), Kubernetes HPA, Container Orchestration, JavaScript, Continuous Deployment, AWS Elastic File System, PyCharm, Relational Database Services (RDS), IT Project Management, Project Management, IT Projects, Agile DevOps, Networking, Architecture, Cloud Computing, DNS Debugging, CTO, Redis, Load Balancers, Elastic Load Balancers, Web Applications, Linux Server Administration, Webhook, Apache Kafka, SonarQube, DevOps Engineer, Unit Testing, MySQL, Amazon CloudWatch, Monitoring, Automation, Lambda Functions, Shell Scripting, Network Security, Web Security, System Administration, Microservices, Enterprise Application Architecture, Enterprise Architecture, Django, Helm, Amazon Elastic Container Registry (Amazon ECR), Node.js, Amazon Route 53, Docker Hub, DNS, Content Delivery Networks (CDN), SSL, Continuous Delivery (CD), AWS ALB, Flask, Scaling, Gunicorn, System Architecture, Scalability, Large Scale Distributed Systems, Growth, Data Analytics, Amazon Firewall, HTTP, Shell, Bash Script, Redis Cache

  • Senior DevOps Engineer

    2017 - 2018
    Delhivery Pvt
    • Designed, standardized, and implemented the VPC architecture, directory structure for IaC with Ansible and Terraform, and DevOps best practices for cost, security, and architecture across projects and organizations.
    • Built a model project to be followed by other projects with a new design that was created. Managed the infrastructure and deployment automation for 15 microservices, including new and old services.
    • Designed, standardized, and managed S3 bucket and CloudFront infrastructure automation using Terraform and deployment using Jenkins for 30 front-end dashboards. Deployed using Jenkins for almost 100 Lambda functions using serverless.
    • Reduced cost of AWS by 30% using a combination of reserved instances (RIs), spot servers using Spot.io, cleanup of unused resources, and right-sizing of EC2, ElastiCache, and Relational Database Service (RDS).
    • Defined policies for onboarding new joiners and access management for DevOps tools, including AWS, CloudAMQP, Cloud MongoDB, New Relic, Sentry, BitBucket, and Jenkins.
    • Designed and managed the Jira integration for all projects and handled URL monitoring, including SLA and response time, using Zabbix for internal and external URLs.
    • Troubleshoot various production issues related to Lambda and EC2 and provided RCA and resolution to those.
    Technologies: Amazon CloudFront CDN, Amazon EC2, Amazon Elastic MapReduce (EMR), AWS ELB, AWS IAM, AWS Lambda, Lambda Architecture, Amazon RDS, Cloud Architecture, Jira Administration, PostgreSQL, RabbitMQ, Amazon S3 (AWS S3), Serverless, Terraform, Site Reliability Engineering (SRE), Linux, DevOps, Cloud, Java, Python, Git, Docker, CentOS, CI/CD Pipelines, Amazon Web Services (AWS), AWS DevOps, Jenkins, GitHub, Jira, Bash, HashiCorp, Team Leadership, Management, Infrastructure as Code (IaC), DevSecOps, Security, Amazon Virtual Private Cloud (VPC), Identity & Access Management (IAM), Serverless Architecture, Continuous Deployment, PyCharm, Relational Database Services (RDS), IT Project Management, Project Management, IT Projects, Agile DevOps, Networking, Architecture, Cloud Computing, DNS Debugging, Amazon API Gateway, CTO, Redis, Load Balancers, Elastic Load Balancers, Amazon DynamoDB, Linux Server Administration, Bitbucket, SonarQube, DevOps Engineer, MySQL, Amazon CloudWatch, Monitoring, Automation, Lambda Functions, Shell Scripting, Network Security, Web Security, System Administration, Microservices, Django, Amazon Route 53, DNS, Content Delivery Networks (CDN), API Gateways, SSL, Continuous Delivery (CD), AWS ALB, Flask, Scaling, Gunicorn, System Architecture, Scalability, Large Scale Distributed Systems, Growth, Amazon Firewall, HTTP, Shell, Bash Script, Redis Cache

  • DevOps Engineer

    2015 - 2017
    1mg
    • Migrated the production infrastructure from a Java-based monolith application to a microservices-based architecture. Set up staging, QA, and development environments for 1mg.com and 1mglabs.com and managed them perfectly.
    • Redesigned the infrastructure orchestration using Ansible to deploy over 50 microservices on different environments and set up load balancing using ELB and Autoscaling in just three days.
    • Monitored the complete app infrastructure using CloudWatch and set up notifications using SNS. I was the single point of contact for day-to-day tasks regarding automation, Nginx web server, SSL, staging, QA, and development environment issues.
    • Wrote many Shell and Python scripts to automate our day-to-day tasks using AWS SDK Boto3. Used Python's library, Troposphere, to automatically build our CloudFormation scripts for different environments.
    Technologies: Python 3, Python 2, Boto 3, PostgreSQL, Microservices Architecture, Linux, Ansible, Amazon EC2, Database Architecture, Site Reliability Engineering (SRE), AWS IAM, NGINX, Amazon S3 (AWS S3), DevOps, Cloud, Java, Python, Git, CentOS, Amazon Web Services (AWS), AWS DevOps, Jenkins, GitHub, Bash, Infrastructure as Code (IaC), Amazon Virtual Private Cloud (VPC), PyCharm, Relational Database Services (RDS), Agile DevOps, Architecture, Cloud Computing, DNS Debugging, Elastic Load Balancers, Web Applications, Linux Server Administration, DevOps Engineer, Unit Testing, Amazon CloudWatch, Monitoring, Telemetry, Chef, Automation, Shell Scripting, System Administration, Microservices, Django, Amazon Route 53, DNS, Content Delivery Networks (CDN), SSL, Continuous Delivery (CD), AWS ALB, Flask, Scaling, Gunicorn, System Architecture, Scalability, Growth, Amazon Firewall, HTTP, Shell, Bash Script, Redis Cache

Experience

  • FinOps | Inform, Optimize, and Operate
    https://aws.amazon.com/blogs/aws-cloud-financial-management/tag/finops/

    FinOps is an evolving cloud financial management discipline and cultural practice that enables organizations to get maximum business value.

    I have over eight years of experience optimizing AWS cloud costs by up to 50% for multiple companies. I am an expert in servers, managed databases, and right-sizing.

    There are three phases for FinOps that I operate:
    1. The information phase gives the business complete visibility.
    2. The optimization phase kick-starts the savings.
    3. The operation phase makes cost optimization part of the business culture.

  • Infrastructure As Code (IaC)
    https://www.delhivery.com/

    Set up containerized Kubernetes EKS infrastructure to deploy new applications for development, test, stage, and production environments with 100% IaC using Terraform with cost and security best practices, including spot servers, rightsizing, IAM roles, service accounts, restricted security groups, and AWS NACL.

    I built a fully automated federated role-based cross-account IAM access through SAML for all employees based on their designation. Worked on one-click deployment using Packer, Terraform, and Jenkins declarative pipeline for immutable infrastructure for non-production environments.

  • Cloud Security Guardrails and Best Practices
    https://www.sequoiacap.com/

    I helped multiple companies reduce the attack surface area in the following areas:

    1. Managing open security groups.
    2. Using public S3 buckets.
    3. Leading WAF set up, including Cloudflare, Akamai, AWS WAF, and Shield.
    4. Creating disaster recovery and business continuity plans.
    5. Setting up AWS SSO, Cognito, and enabling SAML authentication.
    6. Building Attribute-based Access Control (ABAC).
    7. Using secret management using HashiCorp Vault and AWS Secrets Manager
    8. Migrating from IAM users to IAM roles with the least privileges
    9. Defining the SCP policies for organization units and accounts
    10. Defining boundary policies for IAM users and roles

    Managed the set up and configuration of multiple AWS security services, including vulnerability management with Inspector, security alerts, threat detection using GuardDuty, evaluation configurations, and incident response with Detective.

  • Containerization | Migration from EC2 to EKS for a Microservices Architecture
    https://kubernetes.io/

    Designed and architected the infrastructure for deploying 20 microservices in Amazon EKS for Sequoia Capital Global APIs.

    I also migrated PROPTIGER's and makaan's back-end 40 APIs from EC2-based deployment to the Kubernetes platform with Kubernetes Operations (Kops), Prometheus, and Grafana in AWS.

  • Cloud Migrations | Applications, Databases, and Containerization
    https://www.sequoiacap.com/

    I have done multiple migrations related to applications, databases, and containerization.

    I have managed the following types of migrations:
    • VM and server-based deployments to containerized deployments
    • Applications and databases from on-premise to a cloud
    • Applications and databases from one cloud to another
    • Applications and databases from one cloud account to another
    • Applications and databases from one region to another
    • Self-hosted application and databases to manage services
    • Databases using AWS DMS

  • Observability and SRE - Centralized Logging and Monitoring Systems
    https://housing.com

    Set up centralized logging using ELK with ElastAlert and Search Guard and ELK APM for Java-based APIs in beta and production environments.

    Used the Prometheus stack, including Grafana, Alert Manager, and Loki, for monitoring in Proptiger. I built on-call rotation and PagerDuty processes for multiple companies and helped them improve the uptime and reliability of their applications.

    I defined SLI, SLO, SLA, and error budgets for applications and architected end-to-end traceability into the systems to implement them with the respective development teams.

    Performed database parameter PostgreSQL and MySQL tuning for multiple companies.

  • Sticker | Python CLI Tool AWS Tagging Governance
    https://www.sequoiacap.com/

    Built an in-house CLI tool for tagging AWS resources in Python 3 and made all the AWS accounts 100% tagging compliant. I implemented AWS tag policies to ensure compliance after achieving the initial 100% tagging.

    Helped with Tagging governance, cloud infrastructure architecture, cost optimization, and cloud security best practices for Sequoia Capital portfolio Asia-based companies, including Pentester Academy, Checkbox, Enterpret, and FlowAccount.

Skills

  • Languages

    Python 3, Java, Python, Bash, Python 2, Bash Script, Groovy, JavaScript

  • Tools

    Terraform, Jenkins, ELK (Elastic Stack), AWS IAM, Amazon CloudWatch, Git, HashiCorp, Amazon Virtual Private Cloud (VPC), Boto 3, Amazon CloudFront CDN, PyCharm, Amazon Elastic Container Registry (Amazon ECR), Amazon Firewall, Ansible, Jira, AWS CodeCommit, Chef, Helm, Shell, NGINX, Amazon Elastic MapReduce (EMR), AWS ELB, RabbitMQ, Apache Solr, Grafana, Kibana, SaltStack, Vault, GitHub, Packer, Amazon Cognito, Amazon Elastic Container Service (Amazon ECS), Amazon EKS, Amazon EBS, AWS Simple Notification Service (SNS), Amazon Simple Queue Service (SQS), Fluentd, AWS CloudFormation, Bitbucket, Istio, SonarQube, GitLab CI/CD, Docker Hub, GitLab

  • Paradigms

    DevOps, Management, DevSecOps, Serverless Architecture, Automation, Microservices, Lambda Architecture, Continuous Integration (CI), Continuous Deployment, Unit Testing, Enterprise Application Architecture, Continuous Delivery (CD), Microservices Architecture

  • Platforms

    Kubernetes, Amazon Web Services (AWS), Amazon EC2, AWS ALB, Linux, Docker, CentOS, AWS Lambda, OpenStack, Google Cloud Platform (GCP), WordPress, Apache Kafka, Azure

  • Industry Expertise

    Security, Project Management, Network Security

  • Other

    Cost Management, Governance, Amazon RDS, Cost Reduction & Optimization, Cloud, Containerization, Infrastructure as Code (IaC), Identity & Access Management (IAM), Container Orchestration, Relational Database Services (RDS), IT Project Management, IT Projects, Agile DevOps, Networking, Cloud Computing, Architecture, CTO, Web Applications, Elastic Load Balancers, Linux Server Administration, DevOps Engineer, Monitoring, Lambda Functions, System Administration, Amazon Route 53, Content Delivery Networks (CDN), SSL, Scaling, System Architecture, Scalability, Growth, Document Management Systems (DMS), HTTP, Cloud Security, CI/CD Pipelines, Team Leadership, GitHub Actions, Kubernetes HPA, DNS Debugging, Load Balancers, Webhook, Telemetry, Shell Scripting, Web Security, Enterprise Architecture, DNS, API Gateways, Large Scale Distributed Systems, APIs, Site Reliability Engineering (SRE), Cloud Architecture, Jira Administration, Serverless, Cloudflare, Prometheus, Kubernetes Operations (Kops), OpenTelemetry, AWS Cloud Architecture, Cloud Migration, Migration, Server Migration, Elastic APM, Grafana 2, Single Sign-on (SSO), Amazon GuardDuty, Amazon Inspector, AWS Security Hub, AWS DevOps, Pulumi, AWS CodePipeline, Amazon API Gateway, AWS Transit Gateway, Service Meshes, Gunicorn, Data Analytics

  • Frameworks

    Flask, Django

  • Storage

    PostgreSQL, Amazon Aurora, Redis Cache, MySQL, Database Architecture, Amazon S3 (AWS S3), Elasticsearch, AWS Elastic File System, Amazon DynamoDB, Redis

  • Libraries/APIs

    Terragrunt, Node.js

Education

  • Bachelor's Degree in Information Technology
    2007 - 2011
    College of Engineering (COER), Roorkee - Uttarakhand, India
  • High School Degree in Physics, Chemistry, and Mathematics
    2004 - 2006
    Janta Inter College Rudrapur - Uttarakhand, India

Certifications

  • Certified Platform Administrator Associate | CloudHealth
    JUNE 2021 - PRESENT
    VMWare

To view more profiles

Join Toptal
Share it with others
Hire the top 3% of freelance developers TM