Milan Jezdik
Verified Expert in Engineering
DevSecOps Engineer Architect and Developer
Prague, Czech Republic
Toptal member since February 1, 2016
Milan is an experienced DevSecOps engineer specializing in on-premise, cloud, and hybrid infrastructure. He also has a vast experience in virtualization, Linux, LAMP, databases, high availability (HA), business continuity plan (BCP), and disaster recovery (DR). Milan is a dedicated and focused individual, able to take on any infrastructure challenge and provide the most efficient solutions. Over the last few years, Milan focused on AI/ML platforms (MLOps) and security compliance, such as SOC-2.
Portfolio
Experience
Availability
Preferred Environment
Amazon Web Services (AWS), Linux, Terraform, Compliance, SOC 2, Cloud Security, High Availability Disaster Recovery (HADR)
The most amazing...
...project I executed is a data center relocation. I did 40+ racks, 100+ services, and two distant data centers with no downtime.
Work Experience
Head of IT Infrastructure
The Mead Group, Inc.
- Automated application deployment. Used Ansible for in-house infrastructure orchestration.
- Reviewed and consolidated infrastructure backups. Proposed and implemented optimization changes and monitoring.
- Proposed a data center upgrade plan (VMware, Dell hardware, and Cisco) with a temporary service relocation to the cloud (AWS).
Head of Infrastructure | CSO
Tillful
- Prepared the company for SOC-2 certification. Successfully passed year-on-year security assessments conducted by 3rd parties and clients within the organization.
- Successfully rolled out company-wide MDM solution integrated with Endpoint Protection and security policies to comply with compliance requirements.
- Introduced IaaC into the organization (Terraform). Included IaaC as part of the CI/CD pipeline (Jenkins).
- Introduced SSO and mandatory MFA across all internal services, as well as all SaaS partners (where applicable).
IT Consultant
PriceBlink
- Consolidated legacy infrastructure in the Rackspace cloud.
- Provided recommendations for PHP code changes and migrated services to AWS cloud.
- Established a secure path between end user applications and core systems.
IT Consultant | System Administrator
One Door
- Managed and grew a SaaS service used by top brands around the world.
- Contributed to AWS and Azure deployments with CDN in place and a high level of security.
- Provided continuous integration and continuous delivery using Jenkins.
- Implemented single sign-on (SS0) (Okta, OneLogin) integrations.
Head of IT
Flowcast Inc.
- Deployed and managed an AI solution (in-house infrastructure) used by one of the largest banks in Singapore.
- Performed AWS deployment and managed an AI solution for a world-renowned retailer.
- Managed Flowcast core IT infrastructure, including AWS, GCP, Attlassian, internal MDM, and RBAC.
Group IT Operations Manager
Claranet Group
- Created and maintained secure/scalable/highly available IT/IS infrastructure supporting all group services and key shared hosting platforms.
- Increased high availability of database servers (multi-master replication).
- Moved part of the physical infrastructure into a private cloud (VMware ESXi, Nutanix, 10 Gbps network).
- Provided PaaS to development teams including automated tests and builds.
- Configured a Juniper Firefly virtual firewall in HA mode.
- Created a log search tool allowing support teams to filter and process logs from a shared hosting platform.
- Managed NetScaler VPX load balancer, including SSL certificates.
- Provided GitLab instance to all group members.
- Managed a corporate website—BGP Anycast cache domain (using Varnish) with LAMP back end.
- Upgraded Puppet and used dynamic environments and automatic manifests propagation via r10k.
Senior Systems Administrator
Claranet UK
- Migrated three legacy shared hosting platforms onto a new multitenant platform.
- Deployed a highly available database cluster (MySQL).
- Upgraded servers running a legacy OS to the latest LTS versions.
- Performed a security assessment of the infrastructure and platforms.
- Rolled out new BGP any-cast DNS nodes around Europe.
Infrastructure Specialist
Boltblue International
- Managed a mobile content delivery network (in-house CDN).
- Migrated the whole infrastructure from a UK, London-based data center into AWS cloud.
- Created and validated disaster recovery procedures.
- Created and managed business reports supporting marketing campaigns and a sales team.
- Worked with vendors on continuous service improvement (message delivery).
Lead Architect
Barda SW, HW, s.r.o.
- Built a framework for SMS processing (a food ordering platform).
- Wrote code for various automatic bank payment systems.
- Wrote code to generate HACCP reports required by local legal entities.
- Wrote code for automated direct debit processing with banks.
- Wrote code for online ordering via a web portal (PHP).
- Managed Linux infrastructure to support the business.
- Worked on an ID card management and processing system used by clients for automated food ordering.
Systems Administrator
Sport Media Group - Go Content Ltd.
- Optimized database schema and indexes for the internal CMS.
- Upgraded and consolidated the DNS platform (BIND).
- Implemented IT policies (configuration, release, and incident management).
- Built a highly available network infrastructure in two distant sites.
- Built, configured, and managed a newsletter mail platform used for mail distribution.
Web and WAP Systems Administrator
T-Mobile Czech Republic a.s.
- Managed network and application load balancers with SSL offload.
- Managed the primary customer portal—T-Zones—using Jakarta EE, Tomcat, and Apache.
- Managed a WAP gateway for all T-Mobile customers (Openwave MAG).
- Implemented the Oracle directory service (LDAP) used by the client portal.
- Directly involved in the roll-out of the 1st unified messaging service in Europe (Paegas Click service).
Experience
Data Center Relocation
My role was to prepare a high-level and detailed relocation plan for all services (100+). I was also responsible for actioning the plan with my team of four engineers. I was in charge of designing, purchasing, and delivering the new infrastructure, relocating the services, working closely with service owners, and changing the team. I had to manage my team to split the project work and the BAU work in order to keep on track with the tight schedule.
I am proud I managed to vacate the old DC site in less than nine months. The project delivered a new, completely virtualized, resilient, secure, scalable, and power-efficient infrastructure providing high availability and resiliency to all relocated services.
The new site uses a hyper-converged infrastructure (Nutanix and VMware) running on a 10Gbps network (Cisco, Dell, Juniper, Citrix).
DR Site
http://www.claranet.comI was in charge of designing, purchasing, and delivering the new geographically dislocated DR site in one of Claranet's data centers in Germany. I managed to prepare the whole site remotely with only a little help from the local DC team (patching and configuring the remote access cards on the blades).
The DR site is fully virtualized, including the networking (Cisco CSR, Juniper Firefly, and Cintrix NetScaler VPX). The project delivered DR plans and HA solutions (in an active-active mode where possible) for business-critical applications such as Exchange, Lync, internal CRM, and customer portals.
Infrastructure Move to AWS
Architecture Update
The migration required testing and cooperation with the development team. While working on the transition, I also automated the server build process and deployment (CI/CD).
Education
Bachelor's Degree in Information Technology
University of Technology Brno - Brno, Czech Republic
Skills
Libraries/APIs
Puppet.js, Amazon EC2 API, Redis Queue
Tools
Jenkins, Amazon CloudWatch, Amazon Simple Email Service (SES), Chef, Apache, Amazon Elastic Container Service (ECS), AWS CLI, AWS ELB, Amazon Virtual Private Cloud (VPC), VPN, Terraform, Nagios, Zabbix, Iptables, Apache Tomcat, VMware, Varnish, NGINX, Squid Proxy Server, Helm, Puppet, Quagga, Unbound, Kibana, Logstash, Passenger, Ansible, GitHub, Jira, Google Workspace, VMware vSphere
Languages
Bash, Ruby, Java, Visual FoxPro, Python, HTML, PHP, CSS
Paradigms
DevOps, DevSecOps, Continuous Delivery (CD), Continuous Integration (CI), Automation
Platforms
Amazon EC2, Amazon Web Services (AWS), Linux RHEL/CentOS, Percona, FreeBSD, Kubernetes, Docker, LAMP, Oracle, WebSphere, Rackspace, Linux, Windows, Azure, Web, Google Cloud Platform (GCP)
Storage
Amazon S3 (AWS S3), Memcached, PostgreSQL, MySQL, MySQL/MariaDB, MariaDB, MongoDB, Redis, Data Centers, Databases
Frameworks
Ruby on Rails (RoR)
Other
Load Balancers, HAProxy, HTTPS, HTTP, SMTP, DNS, VMware ESXi, HTTP Server, Infrastructure as a Service, Cloud Security, Containers, Security Architecture, Security, BIND9, Border Gateway Protocol (BGP), UDP, TCP/IP, IMAP, SOC 2, ISO 27001, Cisco, Juniper, Exim, PowerDNS, Google, BIND 9, Storage, Corporate, Compliance, IT, High Availability Disaster Recovery (HADR), CI/CD Pipelines, MDM, Machine Learning, Infrastructure, Web Security, Veeam, System Administration, Virtualization, HTTP2, Data Center Migration, Disaster Recovery Plans (DRP), Networking, Migration, Cloud, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Web Application Firewall (WAF), Content Delivery Networks (CDN)
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring