Kevin Mai, Developer in Copenhagen, Denmark
Kevin is available for hire
Hire Kevin

Kevin Mai

Verified Expert  in Engineering

Bio

Kevin has a decade of experience as a systems administrator and developer. His expertise includes working with cloud providers in enterprise routing and switching and security, primarily with Fortigate and Juniper in addition to Cisco. Kevin has worked with companies worldwide where he has utilized his language skills to better serve his clients—he is fluent in Spanish and English with competency in Italian and German.

Portfolio

Datariah OU
Azure, Kubernetes, Terraform, Go, GitHub, CircleCI, Jenkins, AWS, DevOps...
Penneo A/S
Kubernetes, Azure, Elasticsearch, MySQL, Terraform, GitHub, CI/CD Pipelines...
Poolit
Terraform, AWS, CI/CD Pipelines, SOC 2( Service Organization Control)...

Experience

Availability

Part-time

Preferred Environment

Kubernetes, Go, PHP, Python, Amazon Web Services (AWS), Azure, CTO, GitHub

The most amazing...

...thing I've achieved is a platform for developers to be able to deploy applications without worrying about DNS, certificates, or scaling.

Work Experience

DevOps Engineer/Lead

2020 - PRESENT
Datariah OU
  • Provided advice to customers regarding specific matters such as performance, security, compliance, migrations, and CI/CD pipelines.
  • Provisioned infrastructure for customers based on their requirements, ranging from simple AWS VPCs to complex network topologies bound to specific security requirements.
  • Developed CI/CD pipelines from scratch to enable companies to perform proper build, testing, releasing, and deployment of their products.
  • Assisted customers with requirements and support regarding AWS and cloud-native architectures in Kubernetes.
Technologies: Azure, Kubernetes, Terraform, Go, GitHub, CircleCI, Jenkins, AWS, DevOps, AWS Lambda, Architecture, Amazon EKS, Amazon API, Argo CD, Containers, Interim CTOs, AWS DevOps, AWS NAT Gateway, AWS RDS, Amazon Virtual Private Cloud (VPC), AWS Cloud, Networking, Cloud Architecture

Director of Platform Engineering

2019 - PRESENT
Penneo A/S
  • Promoted from senior infrastructure engineer to lead infrastructure engineer in 2022 and to director of platform engineering in 2023 as part of the re-arrangement of the engineering management strategy for growth.
  • Designed and implemented architecture to issue qualified electronic signatures (QES) within the eIDAS framework, which allows the company to be listed as a qualified trust service provider within the European Union.
  • Interacted with the company's C-level executives while directly reporting to the CTPO on 24-month financial forecasting and the team's hiring and growth plans.
  • Scaled the company's infrastructure, which went public and grew from 20 to 100 employees in three years.
  • Collaborated with cloud service providers, overall infrastructure stakeholders, and prospect and current customers under request for information processes, as well as with auditors during compliance checks.
  • Reduced AWS consumption by 20% in less than two weeks.
  • Implemented infrastructure as code (IaC), reducing human errors while provisioning, changing, or removing cloud resources.
  • Rolled out a transit network in the cloud, improving efficiency and security and allowing developers to access services without exposing them to the internet.
  • Led the adoption of Kubernetes on new projects in close collaboration with development teams.
  • Defined maturity criteria for prototypes and new services, enhancing observability, security, and compliance before these services were even launched.
Technologies: Kubernetes, Azure, Elasticsearch, MySQL, Terraform, GitHub, CI/CD Pipelines, Travis CI, Helm, AWS, DevOps, AWS Lambda, Architecture, Amazon EKS, Argo CD, ETL Tools, Node.js, Bash, Redis, VPN, Load Balancers, Apache Kafka, Software Design Patterns, Containers, Interim CTOs, AWS DevOps, AWS NAT Gateway, AWS RDS, Technical Leadership, Leadership, Amazon Virtual Private Cloud (VPC), Direct Connect (DC), AWS Cloud, Networking, Cloud Architecture

DevOps and Cloud Engineer

2022 - 2022
Poolit
  • Rolled out new multi-account architecture for the company, which also involved migrating existing environments.
  • Migrated the infrastructure from Terragrunt into a Git-flow-based Terraform Cloud deployment while curating existing modules. Created also new modules to support new requirements.
  • Implemented zero trust access using Teleport with an approval flow as part of the preparations for SOC 2 compliance.
  • Implemented basic governance by using Amazon CloudTrail, AWS Config, and AWS Security Hub and delivering such logs into Datadog.
  • Assisted the team in defining a proper build and release strategy on GitHub Actions.
Technologies: Terraform, AWS, CI/CD Pipelines, SOC 2( Service Organization Control), AWS Elastic Beanstalk, GitHub Actions, Containers, Bash, Load Balancers, Software Design Patterns, AWS DevOps, AWS NAT Gateway, AWS RDS, Amazon Virtual Private Cloud (VPC), AWS Cloud, Networking, Cloud Architecture

Technical Training Subject Matter Expert and AWS DevOps

2021 - 2022
Toptal
  • Presented an AWS-based curriculum to multiple cohorts of engineers, aiming to prepare them to pass different AWS certification exams.
  • Tailored technical content to prepare engineers for the challenges they could face every day based on actual AWS experience and knowledge.
  • Wrote own content and slides for office hours to showcase real scenarios beyond the actual certification exams.
Technologies: AWS, Technical Writing, Design Consulting, Mentorship, Software Design Patterns, Containers, AWS DevOps, AWS NAT Gateway, AWS RDS, Amazon Virtual Private Cloud (VPC), Networking, Cloud Architecture

TechOps Engineer and Go Developer

2021 - 2021
Plotly Technologies
  • Developed a back-end service that would listen for Kubernetes events directly from its API to propagate them to other clusters.
  • Aggregated events from multiple Kubernetes clusters through Kafka topics to consolidate an event stream, which would be used to display usage to different tenants.
  • Extended a custom Kubernetes operator to support the installation of CockroachDB.
Technologies: Go, DevOps, Kubernetes, GitHub, Containers, Software Design Patterns, Apache Kafka, AWS DevOps, AWS NAT Gateway, AWS RDS, Networking, Cloud Architecture

Senior DevOps Engineer

2018 - 2019
Akelius GmbH
  • Implemented a hub-spoke network to connect the entirety of the company's networks to a centralized router (using dynamic routing) to reduce management overhead and increase performance and security.
  • Developed an internal tool in Python to provision Azure subscriptions and properly map them to the correct teams/users.
  • Led application integrations with SSO using Auth0 and Azure Active Directory to reduce management overhead and employee onboarding/offboarding process duration.
Technologies: Azure, Terraform, Juniper, Border Gateway Protocol (BGP), Django, Python, Kubernetes, Kubernetes Operations (kOps), AWS, DevOps, Architecture, Load Balancers, Software Design Patterns, Containers, AWS DevOps, AWS NAT Gateway, AWS RDS, Amazon Virtual Private Cloud (VPC), AWS Cloud, Networking, Cloud Architecture

Senior Systems Engineer/DevOps

2017 - 2018
Edrans
  • Performed data center-to-cloud migrations for several customers, reducing TCO, data recovery, and infrastructure provisioning.
  • Developed internal services to be used by legacy applications, using tools like Consul and HAProxy.
  • Presented multiple technical talks about configuration management, infrastructure as code, and general cloud solution architectures.
Technologies: Terraform, Consul, HAProxy, OpenShift, Kubernetes, AWS, DevOps, AWS Lambda, Architecture, Bash, VPN, Load Balancers, Software Design Patterns, Containers, AWS Elastic Beanstalk, AWS DevOps, AWS NAT Gateway, AWS RDS, Amazon Virtual Private Cloud (VPC), AWS Cloud, Networking, Cloud Architecture

Chief Information Security Officer

2016 - 2017
Municipalidad de San Miguel
  • Managed entire government network infrastructure with more than 10,000 users, ranging from police officers to health professionals.
  • Led a network migration project to transition from a flat broadcast network to a fully routed, secure network built on top of Juniper hardware. This allowed the network to be collision-free and increase its performance tenfold.
  • Performed security assessments for internal applications using Kali Linux and OWASP.
  • Hardened production environments using network encryption, firewall management, site-to-site VPNs, and other best practices.
  • Managed non-Windows infrastructure across the entire municipality, being responsible for uptime, performance, security, and access control.
Technologies: VMware, Juniper, OWASP, Debian, System Security, BlueJeans, Architecture, Bash, VPN, Load Balancers, Networking

Senior PHP Developer

2015 - 2016
City of Buenos Aires
  • Developed an application to track teachers' hours, presence, holidays, and absences, allowing the government to perform payroll tasks more reasonably.
  • Implemented object-oriented programming (OOP), resulting in increased reliability and cleanliness of business logic in the core application.
  • Re-designed certain UI components to use asynchronous queries, resulting in a more friendly user experience with non-technical users, such as teachers, directors, and government agents.
Technologies: PHP, MySQL, Apache, jQuery, Bash, Software Design Patterns

Support Lead

2014 - 2014
NetLabs IT Solutions
  • Led the support team to achieve customer satisfaction and achieve SLOs/SLAs.
  • Contributed to the internal products development, enhancing network quality of service and performance of the customer ISPs' clients.
  • Performed critical network migrations on regional ISPs, impacting thousands of end customers.
  • Coached team members to qualify them to take over certain implementation projects.
Technologies: RAS, RADIUS, Open Shortest Path First (OSPF), Border Gateway Protocol (BGP), Bash, VPN, Load Balancers, Interim CTOs, Networking, Cloud Architecture

IT Lead

2011 - 2012
Friendball.net
  • Led the infrastructure team, responsible for application service-level agreement (SLA), security, costs, and performance.
  • Collaborated with the development team to achieve product maturity in a cloud environment.
  • Oversaw the communication with the C-level, responsible for coordinating deliveries, launches across different countries, and compliance.
Technologies: PHP, HHVM, Nginx, AWS, Architecture, Bash, Software Design Patterns, Interim CTOs, AWS DevOps, AWS NAT Gateway, AWS RDS, Cloud Architecture

Senior Unix Administrator

2011 - 2011
IBM
  • Performed change management tasks to fulfill scaling requirements or achieve incident resolution.
  • Led Linux workstation adoption by interacting with internal tooling development teams and providing constant feedback.
  • Provided Linux/Unix support for technical projects across different accounts.
Technologies: AIX, Solaris, RHEL, Architecture, Bash, Networking

IT Consultant

2010 - 2010
Ministerio de Relaciones Exteriores y Culto de la República Argentina- Cancillería
  • Improved ccTLD .ar DNS configuration, enhancing reliability and security by performing a trial deployment of the root zone using DNSSEC.
  • Migrated mail servers to Zimbra Collaboration Suite, increasing collaboration tools available to the ministry with services like instant messaging and file sharing.
  • Performed the migration of legacy servers running Unix from the 1980s to actually running in virtualized environments.
  • Managed the infrastructure of Argentinian embassies and consulates all over the world.
Technologies: BIND 9, Zimbra, Postfix, Juniper, Apache Tomcat, System V, FreeBSD, VMware, Architecture, Bash, Load Balancers, Software Design Patterns, Networking

Backbone Engineer

2009 - 2009
Avaya
  • Provided support for critical communication systems, guaranteeing SLOs and SLAs of large contact centers.
  • Performed data recovery procedures on Oracle 10g databases used by predictive dialing systems.
  • Coordinated integrations between Avaya telecommunication products and open-source telephony services, increasing support for integrations against non-commercial products.
Technologies: Integrated Services Digital Network (ISDN), IP PBX, SNMP, Oracle Development, IVR, Architecture, VPN, Load Balancers, Networking

Network and Systems Administrator

2008 - 2009
Facultad de Agronomía - Universidad de Buenos Aires
  • Implemented monitoring for UPSes to be able to detect and react to power outages and under/over voltage events.
  • Managed core services (LDAP, email, DNS, etc.) for an entire university faculty with more than 10,000 active users per month.
  • Successfully migrated 20+ servers from workstations to virtual machines running in VMWare, reducing management overhead and improving reliability.
Technologies: MySQL, Nagios, Linux, LDAP, PostgreSQL, Architecture, Bash, VPN, Load Balancers, Networking

Penneo

https://app.penneo.com
A platform that leverages eIDs (electronic identification) and PKI (public key infrastructure) to provide digital signatures for documents.

I was accountable for the actual availability and performance of the company's products and the CI/CD pipelines.

Preparation of Material for AWS Learning Path

I adapted the required curriculum for the AWS Developer Associate and SysOps Administrator certifications into weekly sessions in which certain topics were presented to recurring cohorts.

This topics were related to the certifications but also focused on preparing attendees to tackle different challenges present in the day to day work when using AWS.

Go Microservice That Interacted With Kubernetes API

https://plotly.com/
A Go service that is built to consume events from Kubernetes and perform certain operations on them before pushing such events into a queue for further processing on a data lake.

I was the main developer responsible for the design and implementation of all requirements of the project.

General AWS Consultancy

https://thepoolit.com
Acted as the engineer responsible for the AWS infrastructure and CI/CD pipelines. I advised the client on achieving SOC 2 compliance in certain infrastructure aspects, such as access and security controls. Also, I implemented zero-trust access with an approval workflow to gain elevated access.

Libraries/APIs

RADIUS, jQuery, Node.js

Tools

Nginx, Terraform, GitHub, Helm, Amazon Virtual Private Cloud (VPC), VPN, VMware, Amazon EKS, Nagios, Zimbra, Postfix, Apache Tomcat, Apache, Travis CI, CircleCI, Jenkins

Languages

PHP, Python, Bash, PHP, Go

Paradigms

DevOps, RAS

Platforms

Kubernetes, Azure, Linux, Debian, AWS, FreeBSD, AWS Lambda, System V, AIX, Solaris, OpenShift, Amazon EC2, Docker, AWS Elastic Beanstalk, Software Design Patterns, Apache Kafka

Storage

Redis, MySQL, PostgreSQL, Oracle Development, Elasticsearch, Amazon S3, Datadog

Frameworks

Django

Other

BIND 9, System Security, CI/CD Pipelines, Amazon Route 53, Architecture, Load Balancers, AWS Cloud, AWS DevOps, AWS NAT Gateway, AWS RDS, Cloud Architecture, Technical Leadership, Juniper, RHEL, System Security, Direct Connect (DC), Networking, Leadership, LDAP, Integrated Services Digital Network (ISDN), IP PBX, SNMP, IVR, HHVM, Open Shortest Path First (OSPF), Border Gateway Protocol (BGP), OWASP, BlueJeans, Consul, HAProxy, Kubernetes Operations (kOps), Amazon API, Argo CD, SOC 2( Service Organization Control), Technical Writing, Design Consulting, Mentorship, Teleport, GitHub Actions, Web Application Firewall (WAF), Interim CTOs, Containers, ETL Tools, AWS Certified Advanced Networking - Specialty

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring