Ismail is available for hire

Ismail Yenigul

Verified Expert in Engineering

AWS and Linux Developer

Location

Istanbul, Turkey

Toptal Member Since

July 31, 2020

Ismail is a senior DevOps and SRE engineer with expertise in Linux, AWS (AWS-certified solution architect and developer, IAM, EKS, ECS, EC2, RDS, S3), Kubernetes (CKAD and CKA certified, Docker, Helm), Terraform, Terragrunt, CI/CD (Jenkins, GitHub Actions), DevSecOps (AWS Security Hub, CIS benchmarks), and SRE practices. He ensures seamless deployments, infrastructure consistency, and system reliability. Proactive and customer-focused, Ismail leaves no stone unturned to deliver quality results.

Portfolio

Freelance

Jenkins, Terragrunt, Packer, Amazon Web Services (AWS), GitHub...

Vision R&D

Security, System Administration, GitLab, Jira, Python, Git, Ubuntu...

Esys

Security, System Administration, DNS, SMTP, Red Hat Linux, Linux, LPIC-1, SSH...

Experience

System Administration - 20 years Linux - 20 years Site Reliability Engineering (SRE) - 15 years DevOps - 10 years Kubernetes - 6 years AWS Certified DevOps Engineer - 5 years Google Cloud Platform (GCP) - 4 years Terraform - 3 years

Availability

Full-time

Preferred Environment

Amazon Web Services (AWS), Continuous Delivery (CD), Continuous Integration (CI), Terraform, Google Cloud, Linux, Google Kubernetes Engine (GKE), Amazon EKS, GitHub Actions

The most amazing...

...projects I've done focused on building secure and reliable AWS infrastructures with Terraform.

Work Experience

Senior DevOps Engineer | Site Reliability Engineer

2016 - PRESENT

Freelance

Deployed, automated, managed, and maintained a cloud-based production system, using AWS, Google Cloud, Azure, and DigitalOcean.
Ensured availability, performance, security, and scalability of production systems, focusing primarily on Linux environments.
Troubleshot systems and resolved problems across various application domains and platforms. Tracked and fixed issues, using Jira and GitHub.
Migrated from a manually managed system to a fully automated platform which included creating CI/CD pipelines with Jenkins, GitHub Actions, Argo CD, Flux, Harness, and application of GitOps methodology.
Managed EKS, ECR, ECS, GKE, DigitalOcean Kubernetes, Docker, and Docker Compose deployments.
Deployed AWS infrastructure (EKS, EC2, RDS, CloudFront, Route53, OpenVPN, IAM roles/policies and VPC) with Terraform.
Deployed GKE clusters, Cloud SQL, LoadBalancer, and Compute Engine, and configured GitLab to push Docker images to the container registry.
Built Docker images and deployed them to AWS Fargate with GitHub Actions.
Created a Docker build pipeline with GitHub Actions, CircleCI, and Jenkins.
Applied AWS security best practices and CIS compliance requirements; configured AWS Security Hub, AWS Config, and VPC flow; and hardened GKE cluster security.

Technologies: Jenkins, Terragrunt, Packer, Amazon Web Services (AWS), GitHub, System Administration, Cloud Security, Docker, Continuous Delivery (CD), Continuous Integration (CI), Linux, AWS Fargate, Kubernetes, Amazon EKS, Terraform, DevOps, Google Cloud Platform (GCP), AWS DevOps, AWS Certified Solution Architect, Ubuntu Server, GitHub Actions, AWS Transfer for SFTP, Postfix, IT Security, NGINX, Zabbix, Google Kubernetes Engine (GKE), Docker Compose, AWS ELB, AWS CloudTrail, Docker Hub, Amazon Elastic Container Service (Amazon ECS), Shell, Gruntwork, CircleCI, AWS IAM, Amazon Virtual Private Cloud (VPC), Google Cloud SQL, Amazon Elastic Container Registry (ECR), Containers, CI/CD Pipelines, Linux Server Administration, Site Reliability Engineering (SRE), Argo CD, HAProxy, SecOps, Nagios, Datadog, Jenkins Pipeline, Harness CI/CD, DigitalOcean, Amazon EC2, Amazon CloudWatch, Amazon Simple Email Service (SES), MongoDB Atlas, Flux, Ubuntu, Git, Redis, MongoDB, Bash Script, Jira, Ansible, AWS Elastic Beanstalk, AWS CodePipeline, AWS CloudFormation, OpenVPN, Bitbucket, Cloudflare, GitOps, DevSecOps, GitLab CI/CD, VPN, Identity & Access Management (IAM), Python, Helm, Continuous Development (CD), Azure, Bash, Containerization, Amazon RDS, CentOS, SendGrid, RHEL, Microservices, Site Reliability, Leadership, Continuous Deployment, AWS Elastic File System, Relational Database Services (RDS), Redis Cache, AWS Certified DevOps Engineer, SSL Certificates, SSL Configurations, Transport Layer Security (TLS), AWS Cloud Architecture, Apache Kafka, Monitoring, AWS Certified Developer, Networking, Elasticsearch, Kibana, Grafana, Amazon EFS, SOC 2, Cloud Services, Kustomize, Red Hat OpenShift, Amazon DynamoDB, Prometheus, Serverless Architecture, Cloud Migration, AWS Lambda, DomainKeys Identified Mail (DKIM), SPF, Domain DNS Setup, Spam Filtering, Email, Cloud, AWS NLB, SQL, Amazon CloudFront CDN, Amazon Aurora, AWS NAT Gateway, Confluence, Karpenter, Celery, Django, Amazon EBS, Keycloak, HIPAA Compliance, Cloud Infrastructure, Cost Reduction & Optimization, Observability Tools, Web Security, Scripting, NFS, Apache, LAMP, Memcached, Systems Monitoring, LPIC-1, Load Balancers, ECS, Ubuntu Linux, Red Hat Linux, SSH, AWS Cloud Computing Services

Technical Team Lead and DevOps

2010 - 2016

Vision R&D

Established the technical vision and provided leadership to department heads.
Built the development platform and managed the project, using Jira, Confluence, and GitLab.
Managed the software development and quality assurance teams.
Identified and integrated new technologies to drive the business strategy and enhance client relationships.

Technologies: Security, System Administration, GitLab, Jira, Python, Git, Ubuntu, Red Hat Linux, Linux, MySQL, Postfix, IT Security, NGINX, AWS ELB, Shell Scripting, Linux Server Administration, Site Reliability Engineering (SRE), HAProxy, Nagios, Amazon Simple Email Service (SES), DevOps, Redis, Docker, Amazon EC2, MongoDB, Bash Script, Ubuntu Server, DigitalOcean, Google Kubernetes Engine (GKE), Cloud Security, OpenVPN, Bitbucket, Cloudflare, VPN, Bash, Containerization, CentOS, SendGrid, RHEL, Microservices, Site Reliability, Leadership, Continuous Deployment, Redis Cache, SSL Certificates, SSL Configurations, Transport Layer Security (TLS), Monitoring, Networking, Elasticsearch, Amazon EFS, SOC 2, Cloud Services, DomainKeys Identified Mail (DKIM), SPF, Domain DNS Setup, Spam Filtering, Email, Cloud, SQL, Mail Servers, Confluence, GitHub Actions, Cloud Infrastructure, Observability Tools, Web Security, Scripting, NFS, Apache, LAMP, Systems Monitoring, LPIC-1, Load Balancers, GitHub, Ubuntu Linux, SSH

Linux/Unix System Administrator | Site Reliability Engineer

2007 - 2010

Esys

Designed and managed a Linux (Red Hat, CentOS, and Ubuntu) and Unix infrastructure.
Maintained security and mitigated threats as new ones were identified.
Improved infrastructure services, performance, and reliability.
Became a Master Affiliate of The Linux Professional Institute (LPI), managed the company's training partner relationship with the institute, and grew the Linux and FOSS communities—all in Turkey.
Installed and maintained web, DNS, SMTP Server, and FTP on Linux.
Assisted with shell scripting for a system and application used to automate server tasks.
Created and maintained a secure and reliable Linux environment. Managed daily activities, including user support and system administration tasks.

Technologies: Security, System Administration, DNS, SMTP, Red Hat Linux, Linux, LPIC-1, SSH, Ubuntu Linux, Git, Ubuntu Server, IT Security, NGINX, Zabbix, Linux Server Administration, Site Reliability Engineering (SRE), Nagios, Amazon Simple Email Service (SES), Ubuntu, Redis, MongoDB, Bash Script, Qmail, OpenVPN, VPN, Bash, CentOS, SendGrid, RHEL, Site Reliability, Leadership, SSL Certificates, SSL Configurations, Transport Layer Security (TLS), Monitoring, Networking, Elasticsearch, DomainKeys Identified Mail (DKIM), SPF, Domain DNS Setup, Spam Filtering, Email, SQL, Mail Servers, Web Security, Scripting, NFS, Apache, LAMP, Memcached, Systems Monitoring, Load Balancers, GitHub

International DSL TAC Engineer

2003 - 2007

Alcatel Lucent

Managed the Unix servers for AWS products deployed for telecom operators.
Provided Unix and Linux support remotely or on-site in the EMEA region.
Matured into a successful and valued member of the Unix/DSL support team in the EMEA region.

Technologies: Linux, Networks, Unix, Solaris, NGINX, Site Reliability Engineering (SRE), Bash Script, Networking, Ubuntu Linux, Red Hat Linux, SSH, System Administration

Software Developer

2002 - 2003

Oyak Teknoloji

Developed host switch servers for debit and credit card systems in C++.
Built a banking software solution based on internal customer requirements.
Increased the performance of the process, which increased customer satisfaction, gained loyal customers, and maximized profitability.

Technologies: Unix, Qmail, LAMP, Ubuntu Linux, Red Hat Linux, SSH, System Administration

Unix/Linux Systems Administrator and Developer

2000 - 2002

RT.NET

Participated in designing, implementing, securing, and maintaining Linux and the Solaris ISP for its test, development, and production environment.
Provided Linux, Solaris, and infrastructure support for internal and external clients.
Created and modified scripts and applications to perform tasks.
Improved the stability, security, efficiency, and scalability of the environment.

Technologies: System Administration, PostgreSQL, MySQL, Shell Scripting, Shell, Postfix, Qmail, DNS, FreeBSD, Linux, Solaris, Ubuntu Linux, Bash Script, CentOS, Scripting, NFS, Apache, Systems Monitoring, Load Balancers, Red Hat Linux

Experience

CIS Compliant AWS Infrastructure

I redesigned and built an AWS infrastructure by using AWS Reference Architecture and best practices with Terraform modules. The AWS components included EKS, ECR, S3, Config, Security Hub, IAM, GuardDuty, VPC Flow, RDS, and ELB.

Migration from Docker Compose to AWS EKS Cluster

I was a Devops engineer in this project and the apps were running on a single EC2 instance with docker-compose.

Tasks accomplished:

Migrated all docker-compose files to k8s manifests.
Deployed AWS EKS cluster with the following components:
AWS Load Balancer Controller
Sealed Secret to keep secrets encrypted on git repository.
External DNS to manage route 53 records automatically
Argo-CD to implement GitOps methodology
IAM assume roles to access EKS cluster

Everything was deployed with Terraform.

Implement IaC Scanner for Terraform Codes for AWS Resources

I was a DevSecOps engineer in this project and I used Checkov to scan Terraform codes on each git push and Harness deployment.

Checkov is a static code analysis tool for infrastructure-as-code.

It scans cloud infrastructure provisioned using Terraform, Terraform plan, Cloudformation, AWS SAM, Kubernetes, Helm charts,Kustomize, Dockerfile, Serverless, Bicep, or ARM Templates and detects security and compliance misconfigurations using graph-based scanning.

I implemented Terraform scanning in GitHub Actions on every push. Also created scripts to use in the Harness pipeline to check Terraform code security before deploying apps to AWS. I also contributed to the Checkov open source project by submitting code fix PR, docs, and feature requests.

AWS Cost-saving Project

The AWS cost-saving project, spearheaded by me, is characterized by a thorough examination of resource utilization and collaboration across teams. Through extensive meetings and discussions, I identified and eliminated numerous unused services within the cloud infrastructure. By prioritizing efficiency and fostering cross-team communication, the project aims to achieve substantial cost reductions while ensuring the scalability and agility of the AWS environment remain intact.

Managing Multiple AWS Accounts Access with AssumeRole and Terraform

As a DevOps professional, I implemented a game-changing solution using AWS AssumeRole and Terraform IaC. With this setup, I streamlined access control, granting temporary credentials with precise privileges while adhering to the principle of least privilege. Gone are the days of managing individual user permissions across multiple AWS accounts.

Now, through Terraform, IAM roles are defined with specific privileges, enabling seamless access within or across accounts. This implementation enhances security posture and simplifies access control, all thanks to the power of AssumeRole and Terraform.

Amazon EKS with Terraform

As a DevOps engineer, I successfully orchestrated the deployment of Amazon EKS and its core components using Terraform. This streamlined approach ensures scalability, reliability, and consistency in our Kubernetes environment. By leveraging Terraform's IaC principles, I automated the provisioning process, reducing manual errors and improving deployment speed. This implementation not only enhances our infrastructure but also empowers teams to focus more on innovation and less on managing infrastructure intricacies.

GitHub Actions to Build Docker Image and Update AWS Lambda

As a DevOps engineer, I optimized our CI/CD pipeline by integrating GitHub Actions to automate Docker image building and Lambda function updates. Leveraging OpenID Connect without the need for AWS keys on GitHub, we seamlessly push Docker images to Amazon ECR. This secure and efficient process ensures smooth deployment while maintaining robust security measures. By eliminating the need for manual intervention and AWS keys, we enhance the reliability and security of our deployment pipeline, enabling teams to focus more on innovation and less on administrative tasks.

Implement GitLab Pipeline for Google Kubernetes Engine (GKE) Deployment

As a DevOps engineer, I orchestrated the integration of GitLab pipelines to streamline our deployment workflow. Through this implementation, we automated building Docker images and seamlessly pushed them to the Google Artifact Registry. Additionally, our pipeline seamlessly deploys our applications to Google Cloud GKE, ensuring a smooth and efficient deployment process.

By leveraging GitLab pipelines, we reduced manual intervention, minimized errors, and accelerated our deployment velocity. This approach not only enhances the reliability and consistency of our deployment process but also promotes collaboration and innovation across our teams. With seamless integration between GitLab, Google Artifact Registry, and Google Cloud GKE, we established a robust CI/CD pipeline that empowers our teams to deliver high-quality software with greater efficiency.

CI/CD Pipeline Implementation with Argo CD GitOps, GitHub Actions, and Amazon EKS

As a DevOps engineer, I implemented an efficient GitOps solution using Argo CD on Amazon EKS. This setup automates the deployment process, ensuring seamless synchronization between our Git repository and the EKS cluster. Leveraging GitHub Actions, I established a streamlined pipeline for building Docker images and updating the Git repository. These updates trigger Argo CD to deploy changes to our EKS cluster automatically.

By embracing GitOps principles, we enhanced the reliability, scalability, and security of our deployment process. This approach reduces manual intervention, minimizes errors, and accelerates the delivery of changes to our Kubernetes environment. With Argo CD and GitHub Actions working in tandem, we established a robust CI/CD pipeline that promotes collaboration and innovation while ensuring the stability of our infrastructure.

Jenkins CI/CD for Amazon EKS and Amazon ECR

As a DevOps engineer, I architected a comprehensive CI/CD pipeline leveraging Jenkins to streamline our deployment process. This pipeline orchestrates the building of Docker images, pushing them to Amazon ECR repositories and deploying new tenants to Amazon EKS Kubernetes clusters using Terraform.

Furthermore, I implemented several pipelines to facilitate the seamless updating of Kubernetes deployment images through Argo CD GitOps. This approach ensures that our infrastructure stays up to date with the latest changes while minimizing manual intervention and reducing the risk of errors.

By integrating Jenkins, Terraform, and Argo CD GitOps, we established a robust and automated deployment pipeline that enhances the reliability, scalability, and efficiency of our operations. This setup empowers our teams to deliver changes to production swiftly and confidently, fostering a culture of continuous improvement and innovation.

SRE on Google Cloud Platform

As an SRE engineer, I played a pivotal role in managing Istio routes on Google GKE, ensuring the smooth functioning of our microservices communication within the Kubernetes ecosystem. This involved meticulous configuration management, monitoring traffic patterns, and promptly addressing any anomalies to uphold optimal performance and availability standards.

Moreover, I spearheaded the maintenance of Ansible Playbooks for our on-premises instances, fostering consistent configuration management and automation practices across our hybrid infrastructure. Leveraging Ansible's robust capabilities, I streamlined routine tasks, enforced configuration standards, and facilitated seamless deployment of updates and patches with minimal disruption.

Additionally, I utilized existing Terraform modules within Jenkins pipelines to swiftly create new instances on Google Cloud Platform (GCP). By integrating Terraform's infrastructure as code principles with Jenkins automation, I enabled rapid and reliable provisioning of GCP resources, ensuring scalability and agility in our cloud environment.

HIPAA-compliant AWS Infrastructure Implementation

I implemented a HIPAA-compliant AWS infrastructure using RDS, EC2, and ALB. I secured patient health data with encrypted RDS storage, hosted applications on EC2 instances, and managed traffic with ALB. This achieved comprehensive compliance, scalability, and cost-effectiveness, empowering healthcare organizations to manage sensitive data securely in the cloud.

GCP Observability Solution with Managed Prometheus and Grafana Cloud

I successfully implemented an observability solution on the Google Cloud Platform (GCP) by deploying Managed Prometheus and Grafana Cloud. I also engineered a comprehensive monitoring setup, including custom Grafana dashboards and alert configurations. This enabled proactive issue detection, scalability, and streamlined operations, enhancing system resilience and performance optimization.

Skills

Languages

Bash Script, Bash, SQL, Python

Frameworks

SPF, Flux, Django

Libraries/APIs

Terragrunt, Jenkins Pipeline

Tools

Git, Google Kubernetes Engine (GKE), Postfix, Docker Compose, GitHub, OpenVPN, Zabbix, AWS ELB, Terraform, AWS Fargate, Bitbucket, Amazon CloudWatch, AWS CloudTrail, Amazon Elastic Container Service (Amazon ECS), NGINX, MongoDB Atlas, Packer, Amazon Simple Email Service (SES), Shell, Amazon EKS, CircleCI, Jenkins, GitLab, Docker Hub, AWS IAM, Amazon Virtual Private Cloud (VPC), Amazon Elastic Container Registry (ECR), GitLab CI/CD, Helm, SendGrid, Nagios, Amazon CloudFront CDN, Confluence, Amazon EBS, Apache, Grafana, AWS CloudFormation, Jira, Ansible, VPN, Kibana, Keycloak, Celery, Istio

Paradigms

DevOps, Continuous Integration (CI), Continuous Delivery (CD), DevSecOps, Continuous Development (CD), Microservices, Continuous Deployment, Serverless Architecture, HIPAA Compliance

Platforms

Linux, Kubernetes, Docker, DigitalOcean, FreeBSD, Ubuntu Linux, Amazon Web Services (AWS), Amazon EC2, Google Cloud Platform (GCP), Red Hat Linux, Ubuntu, Unix, CentOS, AWS NLB, LAMP, AWS Cloud Computing Services, AWS Elastic Beanstalk, Red Hat OpenShift, Azure, AWS Lambda, Solaris, Apache Kafka

Storage

Google Cloud, MySQL, Amazon S3 (AWS S3), Redis, AWS Elastic File System, Redis Cache, Amazon EFS, Amazon Aurora, Memcached, PostgreSQL, MongoDB, Google Cloud SQL, Elasticsearch, Amazon DynamoDB, Datadog

Other

System Administration, Security, AWS Certified Solution Architect, LPIC-1, GitOps, Qmail, Shell Scripting, GitHub Actions, AWS DevOps, AWS Transfer for SFTP, SSH, Ubuntu Server, Cloud Security, Systems Monitoring, Cloudflare, Gruntwork, IT Security, Containers, CI/CD Pipelines, Linux Server Administration, Site Reliability Engineering (SRE), Argo CD, Infrastructure as Code (IaC), SecOps, DevOps Engineer, Identity & Access Management (IAM), Containerization, Amazon RDS, RHEL, Site Reliability, Leadership, Relational Database Services (RDS), AWS Certified DevOps Engineer, SSL Certificates, SSL Configurations, Transport Layer Security (TLS), AWS Cloud Architecture, Monitoring, AWS Certified Developer, Networking, SOC 2, Cloud Services, Kustomize, ECS, Cloud Migration, Load Balancers, DomainKeys Identified Mail (DKIM), Domain DNS Setup, Spam Filtering, Email, Cloud, Mail Servers, AWS NAT Gateway, Cloud Infrastructure, Cost Reduction & Optimization, Observability Tools, Web Security, Scripting, NFS, Prometheus, AWS CodePipeline, HAProxy, SMTP, DNS, Networks, Computer Science, Harness CI/CD, Checkov, Karpenter, Cost Analysis, Encryption

Education

2012 - 2014

MBA in Business Administration

Istanbul Kemerburgaz University - Istanbul, Turkey

1997 - 2003

Bachelor's Degree in Computer Science

Istanbul Technical University - Istanbul, Turkey

Certifications

JUNE 2022 - JUNE 2025

Certified Kubernetes Administrator (CKA)

Cloud Native Computing Foundation

FEBRUARY 2022 - FEBRUARY 2025

Certified Kubernetes Application Developer Certification (CKAD)

Cloud Native Computing Foundation

JANUARY 2018 - JANUARY 2020

AWS Certified Developer - Associate

AWS

JULY 2017 - JULY 2019

AWS Certified Solutions Architect - Associate

AWS

JULY 2011 - JULY 2016

The Linux Professional Institute — LPIC-1

The Linux Professional Institute

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring