James is available for hire
Hire JamesJames Nurmi
Verified Expert in Engineering
Cloud Architect and Developer
Location
Lisbon, Portugal
Toptal Member Since
July 22, 2021
With two decades of experience, James brings a deep understanding of matching business requirements with practical solutions. From small shops just starting to get traffic to large shops looking to increase reliability, availability, and control costs, he brings expertise and creativity to help your business grow and thrive in the cloud. With diverse skills and a tenacity for problem-solving, James helps bridge the gap between what a business needs and how it can get there.
Portfolio
Undisclosed (Private Client)
Vercel, Kubernetes, Amazon DynamoDB, Amazon RDS, CI/CD Pipelines, GitHub...
Undisclosed (Toptal Client)
Kubernetes, Amazon EKS, Apache Kafka, AWS ALB, Autoscaling Groups, Elastic APM...
Undisclosed (Toptal Client)
Amazon Web Services (AWS), Amazon EKS, Apache Kafka, AWS ALB, Site Reliability...
Experience
Availability
Full-time
Preferred Environment
Linux, Amazon Web Services (AWS), Go, Python
The most amazing...
...thing I've accomplished is helping the client cut the cloud spending from a million dollars per year to a tenth of that in weeks by knowing the right tools.
Work Experience
DevOps Consultant
2022 - PRESENT
Undisclosed (Private Client)
- Targeted resource cost and utilization policies reduce spending by more than 50% while increasing the availability of application services by orders of magnitude.
- Designed, managed, and implemented a coordinated zero-downtime effort to migrate services from a single AWS region to multiple regions to optimize service availability and compliance efforts.
- Migrated ECS workloads to an EKS backplane, supporting multiple developer and customer-facing workloads.
- Implemented security policies to ensure customer data and PII were well-protected and auditable.
- Managed integration with multiple third-party services, including Contentful, Vercel, and similar services.
- Oversaw and created CI/CD workflows for micro-service-based architecture.
Technologies: Vercel, Kubernetes, Amazon DynamoDB, Amazon RDS, CI/CD Pipelines, GitHub, Securities, Alternative Investments, Datadog, Terraform, AWS Cloud Architecture, Cloud, Amazon Elastic Container Service (Amazon ECS), AWS ALB, Apache Kafka, Site Reliability, Amazon Web Services (AWS), Infrastructure as Code (IaC), Orchestration, AWS Cloud Development, Docker, Amazon Kinesis, System Architecture, Git, DevOps Engineer, Ubuntu, PostgreSQL, Shell, Bash Script, AWS Lambda, HTTP, JavaScript, Identity & Access Management (IAM), Amazon CloudFront CDN, Cost Control, Cloud Architecture, Amazon Simple Queue Service (SQS), AWS Fargate, Node.js, Amazon Aurora, Microservices, Cloud Services
Senior DevOps
2021 - PRESENT
Undisclosed (Toptal Client)
- Managed multiple team members and led reorganizing into a DevOps as a service mentality, enabling engineering teams to quickly and independently iterate without being blocked by operations and logistics.
- Managed and migrated several workloads across several Kubernetes clusters to ensure availability and redundancy of services.
- Charged with several operational concerns, including management, security, infrastructure, SSO integrations, and others, to ensure automation and well-defined policies across the engineering teams.
Technologies: Kubernetes, Amazon EKS, Apache Kafka, AWS ALB, Autoscaling Groups, Elastic APM, Elasticsearch, MongoDB, Single Sign-on (SSO), PagerDuty, Site Reliability Engineering (SRE), Site Reliability, Scalability, Containers, Containerization, DevOps, Terraform, Amazon Virtual Private Cloud (VPC), Amazon Web Services (AWS), Amazon RDS, Infrastructure as Code (IaC), Orchestration, AWS Cloud Development, Docker, CI/CD Pipelines, Git, DevOps Engineer, GitHub, Ubuntu, PostgreSQL, Shell, Bash Script, AWS Lambda, HTTP, JavaScript, Identity & Access Management (IAM), Amazon CloudFront CDN, Cost Control, Cloud Architecture, AWS Fargate, Cloud Services
Kafka and Kubernetes Expert
2022 - 2022
Undisclosed (Toptal Client)
- Established automated monitoring between Terraform components and Datadog to ensure consistent application of company standards.
- Configured and managed multiple Kafka (MSK) clusters for highly available mission-critical services.
- Guided junior team members in learning AWS infrastructure and services.
- Provided support and troubleshooting for VPCs, peering connections, and other complex networking installations.
- Supported multiple Kubernetes clusters for production and developer use.
Technologies: Amazon Web Services (AWS), Amazon EKS, Apache Kafka, AWS ALB, Site Reliability, Datadog, Amazon RDS, Infrastructure as Code (IaC), Orchestration, AWS Cloud Development, Docker, Terraform, CI/CD Pipelines, Amazon Kinesis, System Architecture, Git, GitHub, Ubuntu, Back-end, PostgreSQL, Redis, Shell, Bash Script, AWS Lambda, Prometheus, HTTP, JavaScript, Identity & Access Management (IAM), Amazon CloudFront CDN, Cost Control, Cloud Architecture, Amazon Simple Queue Service (SQS), AWS Fargate, Node.js, Microservices, Cloud Services
DevOps Consultant
2021 - 2022
Undisclosed
- Migrated several services and Terraformed recipes to more modernized and standardized implementations.
- Managed scalability, security concerns, incident response for external threats, and internal risk management.
- Charged with spearheading much of the policy generation and implementation for ISO27001 certification of the organization.
Technologies: VPN, ISO 27001, AWS IAM, GitLab, Terraform, Amazon Virtual Private Cloud (VPC), Docker, DevOps, Kubernetes, Amazon Elastic Container Service (Amazon ECS), AWS ALB, Amazon Web Services (AWS), Amazon RDS, AWS Elastic Beanstalk, Infrastructure as Code (IaC), Orchestration, AWS Cloud Development, Ubuntu, MongoDB, PostgreSQL, Redis, Shell, Bash Script, Prometheus, HTTP, JavaScript, Identity & Access Management (IAM), Amazon CloudFront CDN, Cost Control, Cloud Architecture, Amazon Simple Queue Service (SQS), AWS Fargate, Amazon Aurora, Microservices, Cloud Services
Cloud Architect | Operations Lead
2015 - 2018
Sano Intelligence
- Created, managed, and supported the entire cloud infrastructure for the enterprise to ensure high availability and low-cost automation solutions.
- Supported internal engineering and IT groups to ensure coordinated efforts across the organization and reduce duplication.
- Implemented infrastructure scalability throughout an enterprise's formative years—ensuring the load testing, scalability, and productivity of teams working on the product.
Technologies: Linux, AWS CloudFormation, AWS Cloud Architecture, Monitoring, Scalability, Google Cloud, DevOps, Amazon Virtual Private Cloud (VPC), Amazon Web Services (AWS), Amazon RDS, Infrastructure as Code (IaC), Orchestration, AWS Cloud Development, GitHub, Ubuntu, Back-end, PostgreSQL, Shell, Bash Script, Grafana, Prometheus, HTTP, MQTT, Identity & Access Management (IAM), Networking, Amazon CloudFront CDN, Cost Control, Cloud Services
Senior Site Reliability Engineer
2012 - 2015
The Climate Corporation
- Worked to help control costs and mitigate expenses through the use of AWS technologies, including spot instances, monitoring, and active management of infrastructure.
- Acted as the primary engineer on security and infrastructure concerns within the cloud infrastructure.
- Consulted across teams within the organization for use and integration with AWS and other cloud technologies, including engineering, IT, and business analytics teams.
- Implemented and managed the authentication infrastructure for production services ensuring reliable SSO across the application suite.
- Applied the high-availability and high-reliability infrastructure to support build deployment automation and reproducibility.
Technologies: Go, Python, Ruby, Java, Amazon EC2, Amazon Elastic MapReduce (EMR), Cost Cutting, Web Security, Amazon Web Services (AWS), DevOps Engineer, DevOps, Cloud Security, Cloud Computing, Infrastructure as Code (IaC), AWS Cloud Development, Back-end, PostgreSQL, Redis, Shell, Bash Script, Grafana, HTTP, MQTT, Identity & Access Management (IAM), Networking, Cost Control, Amazon Simple Queue Service (SQS), Cloud Services
Systems Engineer
2008 - 2010
Ooyala
- Designed, negotiated purchasing, built, and provisioned the first physical data center for the company's hybrid-cloud system.
- Designed and deployed corporate and production networks, automation, IT integration, and provisioning tools.
- Acted as the first-and-final security contact for internal and external threat mitigation, management, and resolution.
Technologies: Amazon EC2, Border Gateway Protocol (BGP), Amazon S3 (AWS S3), Amazon Elastic MapReduce (EMR), VPN, IPsec, Amazon Web Services (AWS), Infrastructure as Code (IaC), Back-end, PostgreSQL, Shell, Bash Script, HTTP, JavaScript, Identity & Access Management (IAM), Networking, Cost Control, Cloud Services
Linux Administrator | Corporate Site Reliability Engineer
2004 - 2008
- Managed and maintained numerous corporate services to support the engineering organization and the corporate mission.
- Oversaw several integration points of the various technology platforms in Google's unique environment.
- Handled on-call and maintenance of tight SLAs to ensure worldwide and 24/7 availability of corporate infrastructure.
- Acted frequently as a nexus of information between the corporate and production networking teams and security, production, and corporate resources.
Technologies: Python, C, Linux, LDAP, RADIUS, Ruby, DNS, Load Balancers, Cloud, Perforce, CVS, Git, Mercurial, IP Networks, VPN, Firewalls, Kerberos, Shell, Bash Script, HTTP, JavaScript, Networking
Experience
Hrmit.io
A Go-and-JavaScript web service designed to aid companies with automating their onboarding and offboarding processes across a wide variety of web services.
By ensuring repeatable and reliable onboarding, new employees can get started faster, access the services needed for their roles, and reduce the time they spend during their first weeks asking for access to core components.
Similarly with offboarding, companies are given reliable and auditable assurance that employees no longer have access to company property after they leave, helping to control license costs, security risks and unplanned IT work.
By ensuring repeatable and reliable onboarding, new employees can get started faster, access the services needed for their roles, and reduce the time they spend during their first weeks asking for access to core components.
Similarly with offboarding, companies are given reliable and auditable assurance that employees no longer have access to company property after they leave, helping to control license costs, security risks and unplanned IT work.
Skills
Languages
Go, Bash Script, C, Python, JavaScript, C++, Java, Ruby
Frameworks
AWS HA
Libraries/APIs
Google Apps, RADIUS, Node.js
Tools
VPN, Amazon Elastic Container Service (Amazon ECS), AWS IAM, AWS ELB, Amazon EBS, AWS CloudFormation, Amazon Virtual Private Cloud (VPC), GitLab, GitHub, Amazon CloudWatch, Shell, Amazon CloudFront CDN, Amazon Simple Queue Service (SQS), AWS Fargate, Git, Amazon Elastic MapReduce (EMR), Amazon EKS, Terraform, Grafana, MQTT, Perforce, CVS, Mercurial, Jira, Atlassian, Trello, Helm
Paradigms
DevOps, Lambda Architecture, Microservices, DevSecOps, Continuous Delivery (CD), Continuous Integration (CI)
Platforms
Unix, Linux, AWS ALB, AWS Lambda, Amazon EC2, Amazon Web Services (AWS), Kubernetes, Docker, Ubuntu, AWS Elastic Beanstalk, Azure, Apache Kafka, PagerDuty, Vercel, Kubeflow
Storage
Amazon S3 (AWS S3), Amazon DynamoDB, Redis, Google Cloud, PostgreSQL, Amazon Aurora, Elasticsearch, MongoDB, Datadog
Other
DNS, Load Balancers, Cloud, IP Networks, Firewalls, Kerberos, IPsec, Cost Cutting, AWS Cloud Architecture, Monitoring, Scalability, Site Reliability Engineering (SRE), Cloud Security, AWS DevOps, DevOps Engineer, Containers, Containerization, Site Reliability, Cloud Computing, Amazon RDS, CI/CD Pipelines, AWS Certified Solution Architect, Infrastructure as Code (IaC), Orchestration, AWS Cloud Development, Amazon Kinesis, System Architecture, Back-end, HTTP, Identity & Access Management (IAM), Networking, Cost Control, Cloud Architecture, Cloud Services, LDAP, Wireless, Border Gateway Protocol (BGP), Web Security, Securities, Lambda Functions, Prometheus, Autoscaling Groups, Elastic APM, Single Sign-on (SSO), ISO 27001, Alternative Investments
Education
2000 - 2004
Bachelor's Degree in Computer Science
Virginia Polytechnic Institute and State University - Blacksburg, VA, United States
Certifications
DECEMBER 2022 - DECEMBER 2025
AWS Certified Solutions Architect Professional
AWS
APRIL 2022 - APRIL 2025
AWS Certified Security - Specialty
Amazon Web Services
MARCH 2022 - PRESENT
AWS Certified DevOps Engineer - Professional
Amazon Web Services
Collaboration That Works
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
1
Share your needs
Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2
Choose your talent
Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3
Start your risk-free talent trial
Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.
Top talent is in high demand.
Start hiring