George is available for hire

George Crosby

Verified Expert in Engineering

DevOps Engineer and Software Developer

Location

London, United Kingdom

Toptal Member Since

July 30, 2020

George is a leading systems thinker, strategic advisor, and digital transformation specialist with a strong background in building secure and scalable platforms for innovative businesses. He brings over 20 years of experience in technical roles and ten years in senior leadership positions. He now provides consultancy services to the financial sector. With technical and business acumen, George takes pride in designing and delivering technical initiatives to meet business objectives.

Authentication Security Scalability SSL SSL Configurations DNS Infrastructure as Code (IaC)Cloud Architecture Cloud Security Cloud Distributed Systems Prometheus Identity & Access Management (IAM)Cloud Infrastructure AWS DevOps

Portfolio

SITA

PostgreSQL, Azure DevOps, Veeam, Veeam KastenK10, Rancher RKE2, Rancher...

Message Matrix

MSSQLCE, Jenkins, Tekton, Amazon Web Services (AWS), Kubernetes, Terraform...

Cool Cats Group LLC

Amazon Web Services (AWS), JavaScript, Web3.js, AWS Lambda, Amazon RDS...

Experience

Virtual Machines - 13 years IT Security - 12 years DevOps - 7 years Docker - 6 years Kubernetes - 6 years Agile - 5 years Terraform - 5 years Azure - 5 years

Availability

Full-time

Preferred Environment

Linux, Windows, Helm, Terraform, Microservices, Kubernetes, Embedded Linux, IP Networks, Shell Scripting, Windows Server

The most amazing...

...business objective I met was delivering a self-service cloud-agnostic IaaS development environment reducing a firm's annual IT costs by 40% in just six weeks.

Work Experience

Kubernetes Rancher Engineer

2023 - 2024

SITA

Led the creation of a highly secure on-premise Kubernetes environment, meeting FIPS compliance standards and implementing robust disaster recovery measures. Reduced vulnerabilities by 30%, fortifying SITA's infrastructure against threats.
Implemented comprehensive Kubernetes security policies and network enforcement, bolstering defense mechanisms and enhancing data protection by 40%. Proactively mitigated security risks, ensuring system integrity.
Orchestrated resilient infrastructure for edge airports, mitigating downtime risks by 50%. Deployed redundant systems and failover mechanisms, ensuring continuous operations for critical airport functions.

Technologies: PostgreSQL, Azure DevOps, Veeam, Veeam KastenK10, Rancher RKE2, Rancher, Kubernetes, Terraform, Helm, NGINX, Docker, VMware, Bash, HCL, Go, IT Security, Windows Server, Red Hat OpenShift, Azure Kubernetes Service (AKS), MySQL, MySQL Server, Jenkins Pipeline, Authentication, Apache Tomcat, Datadog, HAProxy, Databricks, Azure Cloud Security, Amazon EBS, Amazon S3 (AWS S3), Amazon EC2, Amazon Virtual Private Cloud (VPC), Scripting, Scaling, Azure

Senior DevOps Engineer

2022 - 2023

Message Matrix

Spearheaded the migration of 14 Python and C# applications from EC2 to a Terraformed AWS EKS Kubernetes environment within a tight 5-week timeframe, optimizing scalability and efficiency, resulting in a 30% decrease in infrastructure costs.
Implemented security measures, including zero-trust mTLS on service-to-service communication and OAuth for internal service user interfaces, reducing vulnerabilities by 40% and ensuring compliance with industry standards such as SOC II and NIST CSF.
Designed and deployed a cost-effective, high-availability solution for message queuing and MongoDB, leveraging fault-tolerant Kafka and MongoDB setups, resulting in a 50% reduction in downtime and enhancing system resilience against failures.

Technologies: MSSQLCE, Jenkins, Tekton, Amazon Web Services (AWS), Kubernetes, Terraform, Helm, LocalStack, RabbitMQ, NGINX, Docker, Amazon EKS, PostgreSQL, MongoDB, Apache Kafka, MQTT, Kafka Streams, C#, SQL, Python, Bash, Go, Node.js, SSL Configurations, GitLab CI/CD, Red Hat OpenShift, Red Hat Linux, Azure Kubernetes Service (AKS), MySQL, Jenkins Pipeline, 3Scale API, Multitenancy, Authentication, Monitoring, AWS Cloud Architecture, HAProxy, Amazon Simple Email Service (SES), Azure Databricks, Amazon EBS, Amazon S3 (AWS S3), Amazon EC2, Amazon Virtual Private Cloud (VPC), Scripting, Scaling, Azure

DevOps Developer

2021 - 2022

Cool Cats Group LLC

Deployed Elastic Beanstalk environments—alpha, beta, user acceptance testing (UAT), and prod—four times in Terraform as per customer request, achieving 100% uptime on production.
Designed and implemented high-availability AWS EKS Kubernetes clusters in Terraform with advanced scaling policies and network segregation rules.
Created granular permissions by mapping roles to pods using OIDC, developing Helm charts for applications, and securing high-availability EFS storage.
Developed Tekton pipelines for high-availability CI/CD tools running on Kubernetes with automatic GitHub webhook creation capabilities. The pipelines have zero-downtime rolling updates upon merge events, isolation of builds, stage, dev, and prod environments.

Technologies: Amazon Web Services (AWS), JavaScript, Web3.js, AWS Lambda, Amazon RDS, Infrastructure as Code (IaC), Infrastructure, Amazon DynamoDB, AWS CloudFormation, SSL Certificates, Identity & Access Management (IAM), Azure Virtual Machines, Networking, Web Servers, Load Balancers, CI/CD Pipelines, Continuous Integration (CI), Cloud Architecture, Cost Reduction & Optimization, Windows Subsystem for Linux (WSL), Grafana, VMware Horizon, Istio, Amazon EKS, Deployment, Red Hat Linux, MySQL, MySQL Server, Jenkins Pipeline, Multitenancy, Authentication, Monitoring, Blockchain, Amazon EBS, Amazon S3 (AWS S3), Amazon EC2, Amazon Virtual Private Cloud (VPC), Scripting, Scaling

Senior DevOps Engineer

2021 - 2021

Apple

Implemented security features for Spring boot application. Developed Python Pulumi with init container to securely retrieve Vault tokens using AWS OIDC WebIdentityTokens, providing the runtime container with all necessary environmental dependencies.
Developed Python Pulumi classes to augment platform-agnostic initiatives. Advanced YAML files configuration using anchors and pointers, merged them and interpolated environment variables. Integrated AWS IAM roles with Kubernetes service accounts.
Supported least privileged security initiative by suggesting improvements to AWS IAM role architecture.
Deployed Jenkins on Kubernetes in the offline on-premise environment, using JcasC for automated configuration management.

Technologies: Kubernetes, Amazon Web Services (AWS), Pulumi, Python 3, Infrastructure as Code (IaC), Infrastructure, Amazon DynamoDB, AWS CloudFormation, SSL Certificates, Identity & Access Management (IAM), Azure Virtual Machines, Networking, Web Servers, Cloud Infrastructure, Amazon EKS, Documentation, Red Hat Linux, Azure Kubernetes Service (AKS), Jenkins Pipeline, Authentication, Machine Learning Operations (MLOps), Amazon S3 (AWS S3), Amazon EC2, Amazon Virtual Private Cloud (VPC), Scripting, Scaling

DevOps Engineer

2020 - 2021

Veterinary Medicines Directorate

Redesigned and optimized the .NET core Docker image build process by migrating Jenkins builds to Kubernetes, moving Docker image caching to AWS EFS, and SHA256 directory checksum to speed up build times by 40% across the board while saving costs.
Designed and developed reusable, highly-available, and region-agnostic Terraform modules for AWS, S3 cross-zone replication, and EKS clusters with IAM integration using OIDC and Route53 latency-based records for Content Distribution Network.
Provided visibility and alerting for pods in production clusters by implementing Grafana, Prometheus, AlertManager, and Kiali. Fully automated deployment of Grafana dashboard and data sources using Helm logic.
Designed and developed a secure Azure environment entirely in Terraform, private subnet access via firewall NAT rules, privately zoned AKS Kubernetes, and high availability SQL Server Enterprise.
Simplified deployment processes by designing and implementing generic helm charts for all application stacks. This helped reduce management overheads by managing multiple helm charts and helped the organization maintain versions of microservices.

Technologies: Terraform, Terragrunt, Amazon Web Services (AWS), Agile, Jenkins Job DSL, Azure, Kubernetes, Docker, Site Reliability Engineering (SRE), Infrastructure as Code (IaC), Infrastructure, Amazon DynamoDB, AWS CloudFormation, Google Cloud Platform (GCP), Istio, Amazon EKS, Red Hat Linux, Azure Kubernetes Service (AKS), MySQL, MySQL Server, Jenkins Pipeline, Multitenancy, Authentication, Amazon EBS, Amazon S3 (AWS S3), Amazon EC2, Amazon Virtual Private Cloud (VPC), Scripting, Google Kubernetes Engine (GKE), Scaling

Senior DevOps Engineer

2019 - 2020

Red Deer

Re-architected AWS cloud environments to simplify and secure client data and speed up client onboarding. Implemented AWS Transit Gateway in Terraform to segregate clients with separate VPCs and designed permission boundaries for AWS IAM roles.
Re-engineered Jenkins CI/CD pipelines, reducing costly team friction and speeding up time-to-market. Containerized .NET core apps and developing DSL Groovy libraries, enabling developers to automatically deploy into staging environments.
Developed Terraform modules to deploy AWS services, AirGapped VPC's using TransitGateway, a Docker application provisioning on EC2, ECS Logstash cluster, and HA cron-jobs using Fargate spot instances and CloudWatch.

Technologies: Amazon Web Services (AWS), TeamCity, AWS CodeDeploy, Jenkins, Slack, Git, Docker, Terraform, Ansible, Terragrunt, Kubernetes, Site Reliability Engineering (SRE), Infrastructure as Code (IaC), Infrastructure, Amazon DynamoDB, AWS CloudFormation, Amazon EKS, Red Hat Linux, MySQL, MySQL Server, Jenkins Pipeline, Authentication, Amazon EBS, Amazon S3 (AWS S3), Amazon EC2, Amazon Virtual Private Cloud (VPC)

Automation Consultant

2019 - 2020

Bell Rock Capital Management

Designed, planned, and implemented a high availability on-premises infrastructure platform using a 5-node multi-master Kubernetes cluster on VMware to centralize and secure business operations.
Automated failover processes by developing tools to Failover Cisco firewall/switch network routes, transfer domain controller FSMO roles, activate passive DFS fileserver node, switch CNAMEs, and failover AlwaysOn SQL Server databases.
Developed a self-service single-sign-on Python analytics environment using JupyterHub, Enterprise Gateway, and Nginx. This provided a centralized and controlled Python environment.
Developed reusable Terraform modules to provision Azure resources; Azure Kubernetes Service, Azure Container Registry, and Azure Active Directory. AWS and EKS with OIDC integrated to IAM, CDN network with ExternalDNS, ECR repositories, and Route53.

Technologies: Templating, Go, Windows PowerShell, Bash, Python, Docker, Terraform, VMware, Kubernetes, Azure, Site Reliability Engineering (SRE), Infrastructure as Code (IaC), Infrastructure, Amazon EKS, Red Hat Linux, MySQL, MySQL Server, Jenkins Pipeline, Multitenancy, Authentication, Scaling, Azure DevOps

Head of Infrastructure and Security

2016 - 2019

Messina Quantitative Research

Re-engineered infrastructure as a service (IaaS) architecture. Migrated all business services to open source technologies, which reduced total software expenditure by 40%. Migrated the business from VMware and Nutanix over to Docker on Kubernetes.
Interfaced with data science and development teams to design and implement fast and scalable machine learning platforms.
Developed provisioning and scaling tools for Kubernetes clusters in offline on-premises environments using Matchbox, CoreOS, and Systemd unit scripting.
Deployed Kubernetes using Kops, Terraform, and bash script to form immutable cloud environments in Infrastructure as Code (IaC).
Built a centralized logging system using Elasticsearch, Fluentd, and SearchKit, which ingested Kubernetes Docker container logs and displayed them to teams. This enabled us to remove the Kubernetes UI and Kubectl permissions from developers.

Technologies: Amazon Web Services (AWS), CoreOS, Artifactory, Elasticsearch, Terraform, Apache Kafka, Jenkins, Helm, Kubernetes, Docker, Data Engineering, Infrastructure, Amazon EKS, Red Hat Linux, MySQL Server, Jenkins Pipeline, Multitenancy, Authentication, Amazon EBS, Amazon S3 (AWS S3), Amazon EC2, Amazon Virtual Private Cloud (VPC), Scaling

Experience

Ubuntu Desktop VDI on Kubernetes

An enjoyable and interesting project a client requested was to create a secure, scalable, and high-availability virtual desktop infrastructure (VDI) environment for screening candidates with technical tests. The requirements were:

• Categorize candidate environments based on their role.
• Easily scale to 100's of desktops and zero when not in use.
• Scale up from zero within ten minutes.
• Ability to change keyboard region/layout based on candidate.
• Network policies in place to whitelist DNS names outbound.
• Centralize controls for desktop configuration based on role, clipboard, hardware devices, SSH access, and desktop items.

The solution I proposed and implemented was to deploy a Kubernetes cluster with node auto-scaling as the infrastructure layer. A NoMachine server and Ubuntu container virtual desktops were deployed using Helm. The system was later used by their external data science development teams to securely create algorithms.

Secure, Platform-agnostic, and Self-service Software Development Environment

A customer requested a portable CI/CD implementation to deploy .NET Core applications. They needed to execute builds on-premises or in the cloud. Each component had to handle resource failures, be scalable and secure, and have zero-downtime upgrade capability.

The solution I proposed, designed, and implemented was to create all resources in infra-as-code: Jenkins Groovy DSL pipelines, Terraform, Kubernetes, and Helm templating. This comprised a platform-agnostic reverse DNS Nginx proxy, automated cluster scaling, CI/CD pipelines for the hierarchy of Docker image builds, and containerized and decoupled microservices.

The capabilities of the new solution were delivered within four months, resulting in a fully automated development experience for new features and applications, reduced friction between development and infrastructure teams, and improved service reliability and efficiency. They were deployed with a zero-downtime upgrade and rollback capability.

Architecture diagrams, documented code, disaster recovery plans, and group presentations were carried out as a part of the handover. These steps reduced the annual IT costs by 40% and drastically improved developer efficiency.

Migration of 14 Python and C# Applications

I designed, planned, and implemented the migration of 14 Python and C# applications running on EC2 over to a Terraformed AWS EKS Kubernetes within five weeks.

I then converted system unit files to alpine Docker images, created Helm chart inputs using a single custom-made Helm Chart, and deployed auto-scaling policies and least-privilege using OIDC.

I was the sole DevOps engineer in the business working directly with CTO to achieve high-level business objectives.

I also designed and deployed the local development environment using Kubernetes distribution called Kind and LocalStack, enabling developers to deploy their whole application stack within minutes and attach a debugger to each application using their IDE.

Skills

Libraries/APIs

Terragrunt, Jenkins Job DSL, Jenkins Pipeline, Web3.js, Node.js, 3Scale API

Tools

Helm, Terraform, Jenkins, Jira, GitHub, Amazon EKS, Grafana, AWS CloudFormation, Azure Kubernetes Service (AKS), Amazon Simple Email Service (SES), Amazon EBS, Amazon Virtual Private Cloud (VPC), VMware, Artifactory, Confluence, Apache, Logstash, Kibana, Istio, GitLab CI/CD, Apache Tomcat, Google Kubernetes Engine (GKE), Ansible, Git, Slack, AWS CodeDeploy, TeamCity, NGINX, RabbitMQ, MQTT, Kafka Streams

Paradigms

Agile, DevOps, Software-defined Networking (SDN), Distributed Computing, Automation, Continuous Integration (CI), Azure DevOps, Microservices, Templating

Platforms

Docker, Windows, Kubernetes, Azure, Amazon Web Services (AWS), Ubuntu, Windows Server 2012, Windows Server 2008, Windows Server, Red Hat OpenShift, Red Hat Linux, Amazon EC2, Linux, Apache Kafka, CoreOS, Embedded Linux, Google Cloud Platform (GCP), Blockchain, AWS Lambda, Rancher, Databricks

Storage

On-premise, Amazon DynamoDB, PostgreSQL, Amazon S3 (AWS S3), Elasticsearch, WP Engine, MySQL, MySQL Server, Datadog, MSSQLCE, MongoDB

Other

IT Project Management, Scalability, IT Security, Security, Enterprise Application Design, AWS DevOps, Cloud, Computer Security, Kubernetes Operations (kOps), Site Reliability Engineering (SRE), HAProxy, SSL, SSL Configurations, SSL Certificates, DNS, Windows Server Update Services (WSUS), Distributed Systems, CI/CD Pipelines, Architecture, Infrastructure as Code (IaC), Infrastructure, Deployment, Scripting, Active Directory Federation, Active Directory Synchronization, Prometheus, Identity & Access Management (IAM), Web Servers, Load Balancers, AWS Cloud Architecture, Cloud Architecture, Cloud Security, Cloud Infrastructure, Windows Subsystem for Linux (WSL), Documentation, Multitenancy, Authentication, Monitoring, Scaling, Agile Coaching, Scrum Master, Lean, Software Development, Amazon RDS, Data Engineering, Virtual Machines, Azure Virtual Machines, Cost Reduction & Optimization, VMware Horizon, Azure Cloud Security, Waterfall Methodology, IT Networking, Pulumi, Networking, IP Networks, Shell Scripting, Tekton, LocalStack, Veeam, Veeam KastenK10, Rancher RKE2, HCL, Azure Databricks, Machine Learning Operations (MLOps)

Languages

Bash Script, Python, Python 3, C#, Go, Bash, JavaScript, SQL

Frameworks

Windows PowerShell, .NET Core

Education

2008 - 2011

Bachelor's Degree in Electronic Engineering and Cybernetics

University of Reading - United Kingdom

Certifications

MARCH 2021 - MARCH 2024

Certified Kubernetes Application Developer

LinuxFoundation

MAY 2020 - MAY 2023

Certified Kubernetes Administrator

Linux foundation

OCTOBER 2018 - OCTOBER 2021

Agile Certified Professional

PMI

APRIL 2018 - APRIL 2021

AWS Certified Developer Associate

AWS

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring