Giovanni Ferri, Developer in London, United Kingdom
Giovanni is available for hire
Hire Giovanni

Giovanni Ferri

Verified Expert  in Engineering

Platform Engineer and Developer

London, United Kingdom

Toptal member since March 31, 2025

Expertise
DevOpsCloud EngineeringSite ReliabilityLinuxAnsibleTerraformAWSKubernetesDockerAgile DevelopmentGitSplunk
Bio

Giovanni is a seasoned platform and site reliability engineer with nearly 20 years of experience in IT infrastructure, cloud engineering, and automation. He specializes in Kubernetes, Terraform, and cloud-native technologies, designing resilient, scalable platforms across hybrid cloud and bare-metal environments. Passionate about open-source solutions and DevOps best practices, Giovanni empowers teams to build efficient, automated developer workflows.

Portfolio

Syscode Solutions Ltd
Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), Linux, Bash...
Builder.ai
Azure Kubernetes Service (AKS), Azure, Amazon EKS, Amazon Web Services (AWS)...
ORI
Amazon Web Services (AWS), Site Reliability Engineering (SRE), Terraform...

Experience

  • Bare-metal Environment - 20 years
  • Shell Scripting - 20 years
  • Linux - 20 years
  • Amazon Web Services (AWS) - 11 years
  • DevOps - 11 years
  • Kubernetes - 10 years
  • Infrastructure as Code (IaC) - 10 years
  • Site Reliability Engineering (SRE) - 6 years

Availability

Full-time

Preferred Environment

Linux, Cloud, Bare-metal Environment, Terraform, Infrastructure, Amazon Web Services (AWS), Infrastructure Architecture, Kubernetes

The most amazing...

...accomplishment has been building secure, scalable cloud platforms that improve reliability, compliance, and innovation for clients across various industries.

Work Experience

Principal Consultant

2016 - PRESENT
Syscode Solutions Ltd
  • Reduced incident resolution time by 35% by implementing structured incident response processes using tools such as Prometheus, Grafana, and Alertmanager, which enhanced detection and mitigation speed for critical failures.
  • Eliminated 90% of critical vulnerabilities pre-deployment by integrating automated security scans into the CI/CD pipeline, ensuring only secure code was released using tools like Trivy, SonarQube, and GitHub Actions.
  • Reduced infrastructure provisioning time from days to minutes by developing a self-service API using tools such as Terraform, GitLab CI, and AWS, empowering engineers to deploy secure environments instantly.
  • Prevented unauthorized software deployments by implementing container signing and verification using tools like Cosign, Kubernetes, and Flux, ensuring only trusted images were deployed.
  • Reduced security misconfigurations by 80% through automated cloud infrastructure scans, proactively identifying and resolving issues before they led to compliance violations, using tools like Prowler, Terraform, AWS Security Hub, and Cloud Custodian.
  • Halved compliance audit preparation time by automating security evidence collection and enhancing Systems and Organization Controls 2 (SOC 2) and PCI-DSS readiness using CIS Benchmarks, AWS Security Hub, GitHub Insights, Terraform, and AWS Lambda.
  • Boosted deployment speed by 60% by introducing GitOps workflows and automating infrastructure and application updates using tools like Argo CD, Flux, and Kubernetes.
  • Minimized high-severity incidents by 40% through the implementation of automated rollback mechanisms and canary deployments, preventing faulty updates from impacting users using tools like Argo CD, Kubernetes, GitOps, Grafana, and Flagger.
  • Lowered cloud costs by 30% by optimizing infrastructure provisioning, right-sizing compute resources, and automating unused resource cleanup using Terraform, AWS Cost Explorer, Kubernetes, tagging, and scaling to zero for development environments.
  • Enhanced deployment success rate by 50% by integrating automated testing, linting, and secrets detection into the CI/CD pipeline, preventing misconfigurations and accidental credential leaks using tools like GitLab CI, Terraform, Trivy, and Gitleaks.
Technologies: Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), Linux, Bash, Python, Bare-metal Environment, CI/CD Pipelines, Cloud, Datadog, GitHub, Flux CD, GitLab CI/CD, Best Practices in Design, Infrastructure as Code (IaC), DevOps, Docker, Shell Scripting, Kubernetes, Site Reliability Engineering (SRE), Kubernetes Security, Observability Tools, Docker Compose, Immutable Infrastructure, Grafana

Senior Platform Engineer

2024 - 2024
Builder.ai
  • Minimized footprint, accelerated CI/CD pipelines, automated scanning and tagging, and enhanced the efficiency of spinning up test environments.
  • Coordinated the internal tooling squad as one of the two most senior members in a team of 24 engineers, driving the creation of self-service APIs and infrastructure as code (IaC) to scale operations.
  • Managed cloud infrastructure in AWS and Azure, maintained and enhanced automation and scalability, and collaborated with engineering and developers to support the needs of the main product.
Technologies: Azure Kubernetes Service (AKS), Azure, Amazon EKS, Amazon Web Services (AWS), Terraform, Kubernetes Operations (kOps), Python, GitLab CI/CD, GitLab Runner, Grafana, SOC Compliance, DevOps, Docker, Shell Scripting, Linux, Kubernetes, Infrastructure as Code (IaC), Site Reliability Engineering (SRE), Kubernetes Security, Observability Tools, Agile, Immutable Infrastructure

Platform Site Reliability Engineer

2024 - 2024
ORI
  • Championed the establishment and enhancement of site reliability engineering (SRE) practices and procedures within the engineering organization.
  • Refactored and improved platform automation code for GitOps and Kubernetes deployments on-premises and in the cloud.
  • Provided mentorship and conducted code reviews for junior team members, fostering growth and ensuring high-quality standards.
Technologies: Amazon Web Services (AWS), Site Reliability Engineering (SRE), Terraform, Flux CD, Python, Bare-metal Environment, Linux, Kubernetes, Grafana, DevOps, Docker, Shell Scripting, Infrastructure as Code (IaC), Kubernetes Security, Observability Tools, Agile, Immutable Infrastructure, Azure Kubernetes Service (AKS)

Senior DevOps Engineer

2022 - 2023
Anglo American/FirstMode
  • Spearheaded the construction and maintenance of a highly available and secure AWS infrastructure for a global hydrogen mining platform, emphasizing security enhancement and blue team practices.
  • Fortified AWS infrastructure by implementing comprehensive security controls, including identity and access management (IAM), service control policies (SCPs), and permission boundaries, establishing a robust defense-in-depth strategy.
  • Designed and implemented security-focused CI/CD pipelines with automated vulnerability scanning to prevent insecure deployments.
  • Guided the SOC 2 compliance initiative, establishing robust security controls and comprehensive documentation, resulting in successful certification.
Technologies: Amazon Web Services (AWS), Argo CD, Terraform, Identity & Access Management (IAM), AWS Cloud Security, Amazon EKS, SOC Compliance, DevOps, Docker, Shell Scripting, Linux, Kubernetes, Infrastructure as Code (IaC), Kubernetes Security, Observability Tools, Agile, Immutable Infrastructure, Azure Kubernetes Service (AKS)

Senior Cloud Architect

2022 - 2022
ION
  • Led technical governance in a team of 12 engineers, with plans to expand to 30, serving as an SME on cloud engineering for the entire group.
  • Managed AWS cloud infrastructure, maintaining and improving automation and scalability, and collaborated with engineering to support product needs while implementing security and verifying compliance.
  • Focused on cloud architecture, security for compliance and posture, leading a core project to build core infrastructure and processes to become an MSP, selling cloud as a product to banks and financial institutions.
Technologies: Terragrunt, Terraform, Infrastructure as Code (IaC), Amazon Web Services (AWS), Ansible, Bash, Python, Docker, Kubernetes, Amazon EKS, Kubernetes Operations (kOps), Agile, CI/CD Pipelines, GitHub, Helm, Identity & Access Management (IAM), SOC Compliance, Cloud Architecture, Site Reliability Engineering (SRE), Lacework

Senior Site Reliability Engineer

2022 - 2022
Adaptive Financial Consulting
  • Delivered client requirements and managed tooling and release operations, focusing on security, regulatory compliance, and system reliability while developing product features essential for the trading market.
  • Managed cloud infrastructure in AWS, maintained and enhanced automation and scalability, and collaborated with engineering to support the needs of Adaptive's main products, Hydra and Aeron.
  • Implemented AWS single sign-on (SSO) and Cognito identity provider (IdP) with client-specific integrations using purpose-built Lambda functions.
Technologies: Amazon Web Services (AWS), Amazon Cognito, AWS Lambda, Python, Terraform, DevOps, Docker, Site Reliability Engineering (SRE), Shell Scripting, Linux, Kubernetes, Infrastructure as Code (IaC), Kubernetes Security, Observability Tools, Agile, Immutable Infrastructure, Grafana

Regional Head of Cloud/DevOps/SRE and Infra, EMEA

2021 - 2021
Kaleyra
  • Bootstraped the cloud function by hiring nine engineers with a DevOps and SRE focus to implement observability and SLI/SLO/SLA, communicate their value to team leaders, and establish a postmortem/incident management culture among stakeholders.
  • Improved the existing infrastructure team by adding metrics and visibility to the VP of Infrastructure.
  • Collaborated with the VP of Engineering and teams to deliver new products and solutions.
  • Engaged in hands-on bootstrapping of the AWS organization and structure, interfacing with AWS Technical Account Managers (TAMs), following best practices and compliance.
  • Oversaw the AWS multi-account foundation project with federated access (IAM, G Suite) and SSO.
  • Implemented a CI/CD-driven release pipeline with GitLab and Jenkins, with Kubernetes agents in legacy products missing it.
  • Worked with InfoSEC to implement regulatory compliance and GDPR.
  • Focused on automation using Terraform and Ansible, providing consolidation and uniformity to the codebase across the company, and acting as an SME.
Technologies: Amazon Web Services (AWS), Terraform, Ansible, Site Reliability Engineering (SRE), Mentorship, Management, Amazon EKS, Identity & Access Management (IAM), Security, DevOps, CI/CD Pipelines, Jenkins, GitLab CI/CD, GitLab, Italy, Italian, English, SOC Compliance, Shell Scripting, Linux, Kubernetes, Infrastructure as Code (IaC), Kubernetes Security, Observability Tools, Immutable Infrastructure

Senior Site Reliability Engineer

2020 - 2020
VIOOH
  • Implemented observability and SLI/SLO/SLA, identifying and reducing toil through structured roadmapping and execution. Utilized monitoring tools such as Prometheus and CloudWatch and integrated Slack for ChatOps.
  • Worked on fulfilling regulatory compliance by using Amazon SSM, AWS KMS, and RBAC.
  • Integrated Agile tooling into processes using Jira and Confluence.
  • Managed CI/CD processes driven by Jenkins with Kubernetes agents, focusing on automation heavily based on Terraform, while overseeing Docker and Kubernetes (Helm) container management, and utilizing Bash and Python for scripting.
Technologies: Jenkins, DevOps, Site Reliability Engineering (SRE), Kubernetes, Kubernetes Operations (kOps), Amazon EKS, Helm, AWS Key Management Service (KMS), Python, Bash, Prometheus, Amazon CloudWatch, Mentorship, Shell Scripting, Linux, Infrastructure as Code (IaC), Agile

Lead Consultant

2019 - 2019
Contino (now Cognizant)
  • Acted as a subject matter expert (SME) for AWS in a scrum team of senior cross-functional engineers at "Smith and Nephew," focusing on infrastructure topics, automation, and architecture.
  • Built the foundation of a Data Platform as Infrastructure as Code to transform executive-level business reporting across the company, supporting over 4,500 dynamic PowerBI reports using various data sources.
  • Ensured regulatory compliance by implementing compliance and security checks via AWS Config, CIS Benchmarks, and best practices, including the AWS Well-Architected Framework.
  • Led and coached team members daily, as the most senior member of the team and at a principal level, resolving technical issues and conflicts within the team and with the client.
Technologies: Amazon Web Services (AWS), CI/CD Pipelines, Terraform, Python, AWS Config, Data, DevOps, ETL, AWS Glue, Redshift, Bash, Amazon CloudWatch, Shell Scripting, Linux, Kubernetes, Infrastructure as Code (IaC), Kubernetes Security, Observability Tools, Immutable Infrastructure, Grafana

Senior DevOps Engineer

2018 - 2018
Airbus
  • Hired as an external consultant to reimagine the cloud infrastructure function of the company and crack on with unmet deliverables. Setting technical leadership and direction in a team of 39 cloud, network, and infrastructure engineers.
  • Implemented all-around automation on DevOps pipelines. Automated infrastructure deployment (Terraform, cloud formation, Ansible) via CI jobs (Jenkins) in VCS (GitHub Enterprise). Created teams and membership for the DevOps organizations on GitHub.
  • Applied AWS best practices around security, modular, redundant, and immutable infrastructure.
  • Initiated the implementation of SRE principles, incorporating concepts like measurable error rates and CI delivery speed, with an emphasis on measuring and monitoring using Splunk and AWS CloudWatch. Provided mentorship on DevOps practices.
Technologies: Jenkins, Ubuntu Linux, Amazon Web Services (AWS), Vagrant, Docker, Identity & Access Management (IAM), Role-based Access Control (RBAC), APIs, Ansible, Python, Bash, DevOps, Terraform, Shell Scripting, Linux, Bare-metal Environment, Infrastructure as Code (IaC), Immutable Infrastructure

Senior DevOps Engineer

2018 - 2018
Philip Morris International
  • Led a DevOps implementation project focused on release management and end-to-end deployments via continuous deployment (CD) as a senior cloud engineer in a team of four.
  • Implemented comprehensive automation in DevOps pipelines, reducing technical debt by creating single pipelines and stage-driven automated processes, and automated infrastructure deployment via CI jobs with Jenkins in Bitbucket.
  • Applied best practices for security, including IAM, application hardening, and the least privilege principle, alongside developing modular, redundant, and immutable infrastructure.
  • Integrated SRE principles across the release management process and improved documentation to support these enhancements.
  • Measured error budgets and developed a roadmap to reduce toil through automation and optimized processes across development teams. Provided mentorship on DevOps and CI/CD practices and principles.
Technologies: Jenkins, DevOps, Amazon Cognito, Python, Ansible, Terraform, Site Reliability Engineering (SRE), Amazon Web Services (AWS), Rancher Kubernetes Engine (RKE), Docker, Bitbucket, Shell Scripting, Linux, Kubernetes, Infrastructure as Code (IaC), Agile, Immutable Infrastructure

Senior Cloud Architect

2018 - 2018
EnelX
  • Discussed and implemented a POC architecture to validate the HTTP and gRPC proxy of central applications at scale.
  • Acted in an advisory capacity as an AWS SME for the innovation architecture group.
  • Provided documentation for a deployment plan at scale.
Technologies: Amazon Web Services (AWS), Envoy Proxy, DevOps, Infrastructure as Code (IaC), Docker, Ansible, Shell Scripting, Linux, Kubernetes, Bare-metal Environment, Observability Tools

Senior Site Reliability Engineer

2017 - 2017
Hive
  • Facilitated the transition for internal customers (product teams) to common tooling with a strong SRE focus on extracting metrics from applications to understand behavior and predict maintenance needs.
  • Improved and deployed existing tooling with a particular emphasis on security, monitoring, and metrics.
  • Led the transition from an old-fashioned monolithic service built in-house to smaller components hosted in AWS IoT and surrounding services, by decoupling it into a microservice-oriented architecture.
Technologies: DevOps, Ruby, Bash, Amazon Web Services (AWS), Vagrant, Packer, Puppet, Elasticsearch, Fluentd, AWS CloudFormation, Amazon Linux, Artifactory, Zabbix, ELK (Elastic Stack), Datadog, Shell Scripting, Linux, Kubernetes, Infrastructure as Code (IaC), Site Reliability Engineering (SRE), Observability Tools, Immutable Infrastructure

DevOps Engineer

2016 - 2017
Worldpay Group
  • Led the DevOps transformation from a Waterfall operational model, automating the development environment to establish a consistent, end-to-end automated delivery pipeline from development to production.
  • Oversaw infrastructure architecture as a senior DevOps engineer, with a focus on creating a seamless delivery pipeline across all environments.
  • Transitioned from an old-fashioned monolithic service built in-house to fully automated smaller units hosted in Docker/OpenShift environments, incorporating integrated testing by shifting to a microservice-oriented architecture.
Technologies: Amazon Web Services (AWS), DevOps, Bash, Jenkins, Ubuntu Linux, Amazon Linux, Docker, OpenShift, Ansible, Splunk, Bash Script, Python, Docker Compose, Shell Scripting, Linux, Kubernetes, Bare-metal Environment, Infrastructure as Code (IaC), Agile

Linux System Administrator

2015 - 2016
Illumina
  • Focused on DevOps design and operations by redesigning the entire automation infrastructure and configuration management with Ansible, becoming the go-to reference for automation and security within the team.
  • Developed a bare metal provisioning solution to automate the deployment of DataCenter servers, implementing hardware, firmware, and full-stack configuration using a mix of open-source tools and commercial products to enhance scalability and speed.
  • Managed the fleet of MapReduce cluster machines and services, including monitoring job progression or completion, and applying auditing and security policies on systems.
  • Maintained infrastructure as code using version control and test environments for change control, automating repetitive processes and tasks as soon as they were identified.
  • Conducted scalability forecasts and implemented remediation as needed using automation; set up logging and monitoring with Splunk and PagerDuty on call.
  • Implemented monitoring and alerting systems while working in a collaborative, code peer-review Git environment.
Technologies: DevOps, Bash, Python, PXE, Bare-metal Environment, High-performance Computing (HPC), Splunk, Ansible, Terraform, CentOS, RHEL, Artifactory, Jenkins, Agile, Hadoop, Shell Scripting, Linux, Infrastructure as Code (IaC), Docker Compose

Experience

Self-service Kubernetes for Internal Development Teams

I designed and implemented a self-service Kubernetes cluster provisioning platform to streamline internal development workflows. My goal was to provide development teams with an easy, consistent way to spin up disposable clusters for testing and development.

I gathered requirements from multiple teams, defined baseline configurations and common patterns, and built automation workflows with enough flexibility to support advanced use cases. I implemented the core interface using GitHub Actions, enabling developers to request new clusters by submitting a simple, schema-validated YAML file. Defaults ensured ease of use, while teams with higher demands could specify custom configurations within predefined limits.

I provisioned the underlying infrastructure using Terraform, deploying Amazon EKS clusters and supporting AWS resources, including VPC, S3, and IAM. To bootstrap base services into the clusters, I integrated Argo CD. I also implemented monitoring and cost-control mechanisms, feeding insights into Grafana dashboards and automating background processes to detect and clean up unused resources such as Amazon EBS and Amazon EC2. These optimizations helped manage capacity and reduce waste.

Education

1994 - 1999

High School Diploma in Mathematics and Computer Science

Liceo Scientifico - Follonica, Italy

Skills

Libraries/APIs

Terragrunt

Tools

Ansible, Terraform, Amazon EKS, GitHub, GitLab CI/CD, Observability Tools, Grafana, GitLab, Helm, AWS Key Management Service (KMS), Packer, Splunk, Jenkins, Azure Kubernetes Service (AKS), GitLab Runner, Amazon Cognito, Amazon CloudWatch, AWS Glue, Envoy Proxy, Bitbucket, Vagrant, Puppet, Fluentd, AWS CloudFormation, Artifactory, Zabbix, ELK (Elastic Stack), Docker Compose

Languages

Bash, Bash Script, Python, Ruby

Paradigms

Best Practices in Design, DevOps, Role-based Access Control (RBAC), High-performance Computing (HPC), Agile, Management, ETL

Platforms

Kubernetes, Linux, Amazon Web Services (AWS), Docker, Ubuntu Linux, Azure, Google Cloud Platform (GCP), AWS Lambda, Amazon Linux, OpenShift, CentOS

Frameworks

Hadoop

Storage

Datadog, Redshift, Elasticsearch

Other

Shell Scripting, Cloud, Infrastructure, Immutable Infrastructure, Infrastructure as Code (IaC), CI/CD Pipelines, Infrastructure Architecture, Kubernetes Security, Site Reliability Engineering (SRE), Identity & Access Management (IAM), AWS Cloud Security, DevOps Engineer, Italy, Italian, English, Flux CD, Networking, Security, Bare-metal Environment, Methodology, GitHub Actions, Mentorship, Prometheus, APIs, PXE, Argo CD, Kubernetes Operations (kOps), SOC Compliance, DevOps Research and Assessment (DORA), AWS Config, Data, Rancher Kubernetes Engine (RKE), RHEL, Cloud Architecture, Lacework

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring