Verified Expert in Engineering
Cloud Security Developer
Sergey is a seasoned DevOps and cloud architect with more than a decade of experience building infrastructures for large-scale web projects. With a background in cybersecurity and server-side development, he's successfully built secure, fault-tolerant, and scalable solutions running on bare metal as well as in the cloud. A big fan of Cloud Native principles and technologies such as Docker and Kubernetes, Sergey's enjoying working with distributed teams in agile fast-paced environments.
The most amazing...
...project I've worked on is an open-source cloud-agnostic infrastructure-as-code framework that manages the full lifecycle of Kubernetes applications.
Hybrid Cloud Architect
- Designed hybrid cloud solutions for CDW customers (CI/CD pipelines to enable multi-cloud microservices deployments and Kubernetes enablement/migration/assessment projects).
- Mentored fellow engineers to help with certifications required by vendor partnerships.
- Worked with Google engineers and customers to drive GCP adoption projects.
- Contributed to a number of Cloud Native open source projects.
- Designed a highly scalable, secure, and cost-effective solution to handle live metric streaming from a massive pool of IoT devices for AI-based predictive analysis.
- Designed a cloud organizational structure and security model, following principles of separation and least privilege.
- Provided leadership and strategic guidance during the solution implementation process to ensure that business requirements are met.
- Established key processes and guidelines, aiming for the desired level of security compliance.
- Worked on solution documentation, created playbooks for the most common situations and scenarios to ensure a smooth handoff.
Imbellus (via Toptal)
- Helped to troubleshoot and resolve issues with existing architecture and processes to improve development velocity and reduce operations toil.
- Automated infrastructure deployments to support on-demand resource provisioning in regions closest to the end-customer to minimize latency.
- Upgraded an existing CI/CD workflow to reduce build failure rates and support multi-region deployments.
- Optimized infrastructure observability with centralized logging and log-based metrics.
- Improved incident response times by establishing key metrics and configuring alert policies based on them.
- Designed a centralized identity management solution for edge authentication and access control.
- Provided technical guidance to ensure best practices and to plan smooth migration of existing workloads to containers and Kubernetes.
Raising the Floor
- Worked on the design and implementation of a FERPA-compliant cloud-agnostic infrastructure-as-code framework that manages the full lifecycle of Kubernetes applications.
- Migrated legacy EC2-based Kubernetes deployments to GKE.
- Designed and implemented an application-transparent cloud KMS-based secrets management system with the support of secret/key material population and rotation.
- Designed and implemented a Locust-based universal load testing solution, capable of simulating real-world web application user behavior on the scale from dozens to millions of simultaneous users.
- Led the DevOps team by acting as a facilitator between development, operations, and the customer success teams.
- Supported the physical infrastructure of the running project: kept relationships with providers, vendors and DC crew, and supervised required maintenance tasks.
- Hardened the production system's security, established workflows and procedures, prepared documentation to pass the security/availability principle part of the SOC II security audit.
- Completed the infrastructure automation using Chef and Terraform, unified multiple environments (production, stage/QA, on-premise, private cloud) within the same Chef codebase which improved the Dev/QA experience and reduced maintenance costs for Ops.
- Improved the system architecture for private cloud installations using Docker, Kubernetes, and Terraform.
- Implemented the required changes to the application stack and built CI/CD tooling.
- Designed and implemented a new bare-metal architecture of a low-latency triple-redundant sharded file system with hot failover, real-time replication, and off-site backups for needs of shared SVN, Git, Perforce, and Mercurial repository hosting.
- Designed and performed the seamless migration of existing customer base (AWS) into the new infrastructure.
- Implemented a CI/CD workflow that allowed the team to safely execute over 50 deploys into production per day.
- Built a bare-metal KVM cluster and developed the required tooling to provide the underlying infrastructure for staging/CI environments.
- Improved the existing monitoring solution—reducing the number of false positives and increasing the retention periods and resolution for historical metrics.
Lead Server-side Developer
- Built a system of distributed proxies and crawlers to automatically collect and parse more than 500,000 legal documents per day.
- Developed fuzzy-logic-data-collection algorithms for data crawlers.
- Constructed a document-indexing pipeline using Sphinx.
- Designed a simple-and-effective infrastructure-monitoring system using Nagios.
- Created an HA and fault-tolerant MySQL cluster architecture with ring replication and real-time snapshots using Percona and HAProxy.
Python, Bash, Go, Java, Ruby, PHP
Google Cloud API, TensorFlow
Terraform, Rake, Google Stackdriver, Helm, Subversion (SVN), Nagios, Git, Chef, Apache, Make, Jetty, Passenger, Capistrano, RabbitMQ, Vagrant, NGINX, Perforce, Jenkins, PHP-FPM, Pacemaker, Errbit, Logstash, Istio, Amazon Cognito, Amazon CloudFront CDN, AWS Key Management Service (KMS), Amazon Simple Queue Service (SQS), AWS Simple Notification Service (SNS), Amazon Virtual Private Cloud (VPC), Amazon EKS, AWS CodeBuild, Google Kubernetes Engine (GKE), BigQuery, Cloud Dataflow, VMware, Fluentd, Grafana, Mercurial, Monit
Continuous Integration (CI), Continuous Delivery (CD), DevOps, Agile Software Development, Microservices Architecture, Concurrent Programming, Scrum
Google Cloud Platform (GCP), Kubernetes, Linux, Docker, Amazon Web Services (AWS), Alpine Linux, Percona, AWS Elastic Beanstalk, AWS Lambda, AWS IoT Core, Cloud Native, New Relic, KVM
Auto-scaling Cloud Infrastructure, MySQL, CouchDB, Elasticsearch, Amazon S3 (AWS S3), BigTable, Google Cloud, Google Cloud SQL, Redis, Sphinx Search Engine, Memcached, Ceph, DRBD
Site Reliability Engineering (SRE), Cloud Security, Unix Shell Scripting, Container Orchestration, Infrastructure Monitoring, Infrastructure as Code (IaC), Linux Administration, Cloud Infrastructure, Google BigQuery, HAProxy, Hubot, Cisco, ASA, Amazon Kinesis, Identity & Access Management (IAM), Relational Database Services (RDS), Amazon Route 53, AWS CodePipeline, Firebase Cloud Functions, Cloud, Networking, Cloudflare
Cybersecurity, Project Management, Security
Master's Degree in Cybersecurity
Samara State University - Samara, Russia
Professional Cloud Network Engineer
Concurrency in Google Go
University of California, Irvine via Coursera
Cloud Native Master Specialist
Professional Cloud Security Engineer
Certified Kubernetes Administrator
Cloud Native Computing Foundation
Professional Cloud DevOps Engineer
TensorFlow in Practice
Deeplearning.ai via Coursera
Machine Learning with TensorFlow on Google Cloud Platform
Professional Cloud Architect