Garland Kan, Developer in San Francisco, CA, United States
Garland is available for hire
Hire Garland

Garland Kan

Verified Expert  in Engineering

DevOps Engineer and Developer

Location
San Francisco, CA, United States
Toptal Member Since
May 5, 2020

Garland is a DevOps engineer and consultant who helps small and medium-sized startups run large-scale, reliable applications. Over the past five years, he's worked with many development teams to architect, design, build, optimize, and operate cloud infrastructures using AWS, Google Cloud, and Azure. Garland maintains a widely-used Kubernetes open-source project focused on securely deploying Kubernetes systems with Terraform.

Amazon Web Services (AWS)Amazon S3 (AWS S3)KubernetesDockerGoogle Kubernetes Engine (GKE)TerraformGoogle Cloud Platform (GCP)Amazon EKSPythonDjangoNode.js9-patchData MigrationCloud SecurityGoZero Trust

Portfolio

Anthem
Amazon Web Services (AWS), Cloud Security, APIs, SPIFFE, Zero Trust...
Exact Payments
Amazon EKS, Helm, Terraform, CI/CD Pipelines
SaturnCloud
Amazon Web Services (AWS), AWS Transit Gateway, HIPAA Compliance...

Experience

Amazon Web Services (AWS) - 7 yearsDocker - 5 yearsKubernetes - 5 yearsSecure Containers - 5 yearsPCI DSS - 4 yearsHIPAA Compliance - 4 yearsGoogle Cloud Platform (GCP) - 4 years

Availability

Part-time

Preferred Environment

Command-line Interface (CLI), Go, Kubernetes

The most amazing...

...project I've created is an easy way to run Kubernetes services.

Work Experience

DevOps Engineer

2020 - PRESENT
Anthem
  • Leading the technical implementation of the zero trust architecture with SPIFFE/SPIRE.
  • Built a complete replica of the application which composes of more than ten microservices in a KinD Kubernetes cluster for local development and CI usage.
  • Led the efforts on the technical security review for this new application.
Technologies: Amazon Web Services (AWS), Cloud Security, APIs, SPIFFE, Zero Trust, Amazon S3 (AWS S3), Amazon EKS, Kubernetes

Architect

2021 - 2021
Exact Payments
  • Enabled a credit card payment processor to compete in the fintech market and built the company's next-generation system to handle new features such as Apple Pay and ACH.
  • Moved the previous system, which was built using Ansible and Terraform on AWS, to a containerized cloud-native platform. I gathered information on the company's end goal and devised plans to achieve it.
  • Accelerated the project and avoided unnecessary delays, guided by my experience working on similar projects with over 30 companies over the past seven years.
  • Assisted with designing and implementing the project architecture over four months. It took another three months to pass a PCI audit and start processing credit card payments.
  • Put in place an observability system with SLOs covering all transactions completed in less than 500 milliseconds with an uptime of 99.99%.
Technologies: Amazon EKS, Helm, Terraform, CI/CD Pipelines

DevOps Engineer

2020 - 2020
SaturnCloud
  • Performed a security audit of their AWS environments (more than ten AWS accounts).
  • Produced a list of recommendations on how to secure down or select a more secure default.
  • Walked the team through the recommendations and the thought process behind each item.
Technologies: Amazon Web Services (AWS), AWS Transit Gateway, HIPAA Compliance, Google Kubernetes Engine (GKE), Secure Containers, Google Cloud Platform (GCP), Docker, Amazon S3 (AWS S3), Terraform, Flow

DevOps Engineer

2018 - 2020
Expanse
  • Implemented zero-trust computing concepts for various internal web application proofs of concept (POC) and rolled this out into production for all users of the company.
  • Played a leading role in building their Kubernetes platform in AWS and GCP environments. A full GitOps workflow for all applications running on it.
  • Worked with five development teams in a 6-month period to onboard them to the Kubernetes platform including instruction with the result that they were self-sufficient to run the additional Kubernetes and 24/7 operations on their services.
Technologies: Amazon Web Services (AWS), AWS Transit Gateway, HIPAA Compliance, Google Kubernetes Engine (GKE), Secure Containers, Google Cloud Platform (GCP), Docker, Amazon S3 (AWS S3), Terraform, Kubernetes

DevOps Engineer

2017 - 2020
HealthTap
  • Designed their next-generation application infrastructure based on infrastructure as code and Kubernetes.
  • Worked with the product management, DevOps, and the development teams on the migration plan from their old infrastructure to the new one.
  • Wrote, as an individual contributor, 75% of the code that was needed for the new infrastructure and migration.
Technologies: Amazon Web Services (AWS), AWS Transit Gateway, HIPAA Compliance, Google Kubernetes Engine (GKE), Secure Containers, Google Cloud Platform (GCP), Docker, Amazon S3 (AWS S3), Go, Python, Terraform, Kubernetes

Cloud Infrastructure/Kubernetes Consultant

2018 - 2019
Leanplum
  • Worked with the client to architect and implement a plan that moved them from the Google App Engine to a GKE environment.
  • Worked with all teams from DevOps, engineering, to data science on how each will construct their application and migrate live traffic to the new platform.
  • Educated the entire company on best practices on how to use the cloud and Kubernetes.
Technologies: Amazon Web Services (AWS), AWS Transit Gateway, HIPAA Compliance, Google Kubernetes Engine (GKE), Secure Containers, Google Cloud Platform (GCP), Docker, Amazon S3 (AWS S3), Go, Kubernetes

Infrastructure/Kubernetes Consultant

2017 - 2018
Lucidworks
  • Collaboratively worked with LucidWorks’ management and development teams to map out the problem, establish what success would look like, and to ultimately build the best solution to achieve that end result.
  • Answered key questions about how to build the infrastructure about whether to go with a configuration management tool such as Chef, Puppet, or Ansible and whether to use CloudFormation or Terraform to build the infrastructure,.
  • Helped LucidWorks decide upon a critical issue of building an infrastructure model with a configuration management base or with Kubernetes.
  • Persuaded Lucidworks that containers and Kubernetes are a better way of creating and managing infrastructure (which the passage of time has proved out) and also guided Lucidworks to build a highly scalable infrastructure on AWS.
Technologies: Amazon Web Services (AWS), HIPAA Compliance, Google Kubernetes Engine (GKE), Secure Containers, Google Cloud Platform (GCP), Docker, Amazon S3 (AWS S3), Apache ZooKeeper, Go, Python, Terraform, Relational Database Services (RDS), Kubernetes

Infrastructure/Kubernetes Consultant

2015 - 2017
Guardant Health
  • Designed and implemented a plan to run their on-premise gnome-sequencing pipeline to the cloud.
  • Designed and implemented a Kubernetes infrastructure in AWS to run all of their web applications.
  • Played a lead role in their HIPAA-compliance program.
Technologies: Amazon Web Services (AWS), HIPAA Compliance, Google Kubernetes Engine (GKE), Secure Containers, Google Cloud Platform (GCP), Docker, Amazon S3 (AWS S3), Data Migration, Jenkins, Python, Go, On-premise, Kubernetes

Online Mobile Ordering

https://managedkube.com/case-studies
The Company: Tillster creates online and mobile ordering systems for companies such as Kentucky Fried Chicken and Jollibee. They are responsible for these companies’ back end infrastructure, which often interfaced with local stores to get their menu and pricing. These systems also processed credit cards which means they are subject to PCI level 2 compliance.

The Problem: Tillster needed help in transforming their development workflow and systems. Deployment of new code was time-consuming, involved many people, and was typically performed during off-hours, which the team disliked. Plus, their infrastructure was hard to maintain.

You can see the full text in the product URL.

Tools

Google Kubernetes Engine (GKE), Amazon EKS, Terraform, Amazon Virtual Private Cloud (VPC), GoLand, 9-patch, Jenkins, Flow, Apache ZooKeeper, Helm

Platforms

Amazon Web Services (AWS), Kubernetes, Docker, Google Cloud Platform (GCP)

Storage

Amazon S3 (AWS S3), On-premise

Other

Kubernetes Operations (kOps), Secure Containers, PCI DSS, Command-line Interface (CLI), Data Migration, AWS Transit Gateway, Relational Database Services (RDS), Zero Trust, SPIFFE, APIs, Cloud Security, CI/CD Pipelines

Paradigms

HIPAA Compliance

Languages

Python, Go

Frameworks

Django, Zend Engine

Libraries/APIs

Node.js

1998 - 2001

Bachelor's Degree in Telecommunications

DeVry Institute of Technology - Fremont, CA, USA

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring