Hybrid Cloud Architect
2019 - PRESENTCDW- Designed hybrid cloud solutions for CDW customers (CI/CD pipelines to enable multi-cloud microservices deployments and Kubernetes enablement/migration/assessment projects).
- Mentored fellow engineers to help with certifications required by vendor partnerships.
- Worked with Google engineers and customers to drive GCP adoption projects.
- Contributed to a number of Cloud Native open source projects.
Technologies: Docker, Terraform, Kubernetes, Google Cloud Platform (GCP)Architect
2019 - 2019Green Cloud- Designed a highly scalable, secure, and cost-effective solution to handle live metric streaming from a massive pool of IoT devices for AI-based predictive analysis.
- Designed a cloud organizational structure and security model, following principles of separation and least privilege.
- Provided leadership and strategic guidance during the solution implementation process to ensure that business requirements are met.
- Established key processes and guidelines, aiming for the desired level of security compliance.
- Worked on solution documentation, created playbooks for the most common situations and scenarios to ensure a smooth handoff.
Technologies: Identity & Access Management (IAM), Cloud, TensorFlow, Cloud Dataflow, Google Cloud SQL, BigQuery, BigTable, AWS IoT Core, Google Kubernetes Engine (GKE)DevOps
2019 - 2019Imbellus (via Toptal)- Helped to troubleshoot and resolve issues with existing architecture and processes to improve development velocity and reduce operations toil.
- Automated infrastructure deployments to support on-demand resource provisioning in regions closest to the end-customer to minimize latency.
- Upgraded an existing CI/CD workflow to reduce build failure rates and support multi-region deployments.
- Optimized infrastructure observability with centralized logging and log-based metrics.
- Improved incident response times by establishing key metrics and configuring alert policies based on them.
- Designed a centralized identity management solution for edge authentication and access control.
- Provided technical guidance to ensure best practices and to plan smooth migration of existing workloads to containers and Kubernetes.
Technologies: Elasticsearch, AWS CodePipeline, AWS CodeBuild, Jenkins, Terraform, Amazon EKS, Amazon Route 53, Amazon Virtual Private Cloud (VPC), Amazon S3 (AWS S3), Relational Database Services (RDS), AWS Simple Notification Service (AWS SNS), Amazon Simple Queue Service (SQS), AWS Key Management Service (KMS), Identity & Access Management (IAM), Amazon CloudFront CDN, Amazon Cognito, AWS Kinesis, AWS Lambda, AWS Elastic BeanstalkDevOps
2018 - 2019Raising the Floor- Worked on the design and implementation of a FERPA-compliant cloud-agnostic infrastructure-as-code framework that manages the full lifecycle of Kubernetes applications.
- Migrated legacy EC2-based Kubernetes deployments to GKE.
- Designed and implemented an application-transparent cloud KMS-based secrets management system with the support of secret/key material population and rotation.
- Designed and implemented a Locust-based universal load testing solution, capable of simulating real-world web application user behavior on the scale from dozens to millions of simultaneous users.
Technologies: Amazon Web Services (AWS), Security, Istio, CouchDB, Locust, Helm, Terraform, Google Cloud Platform (GCP), KubernetesDevOps Lead
2014 - 2018Assembla- Led the DevOps team by acting as a facilitator between development, operations, and the customer success teams.
- Supported the physical infrastructure of the running project: kept relationships with providers, vendors and DC crew, and supervised required maintenance tasks.
- Hardened the production system's security, established workflows and procedures, prepared documentation to pass the security/availability principle part of the SOC II security audit.
- Completed the infrastructure automation using Chef and Terraform, unified multiple environments (production, stage/QA, on-premise, private cloud) within the same Chef codebase which improved the Dev/QA experience and reduced maintenance costs for Ops.
- Improved the system architecture for private cloud installations using Docker, Kubernetes, and Terraform.
- Implemented the required changes to the application stack and built CI/CD tooling.
Technologies: Amazon Web Services (AWS), Kubernetes, Docker, Logstash, Grafana, Elasticsearch, Vagrant, Terraform, Google Cloud Platform (GCP), LinuxDevOps
2010 - 2014Assembla- Designed and implemented a new bare-metal architecture of a low-latency triple-redundant sharded file system with hot failover, real-time replication, and off-site backups for needs of shared SVN, Git, Perforce, and Mercurial repository hosting.
- Designed and performed the seamless migration of existing customer base (AWS) into the new infrastructure.
- Implemented a CI/CD workflow that allowed the team to safely execute over 50 deploys into production per day.
- Built a bare-metal KVM cluster and developed the required tooling to provide the underlying infrastructure for staging/CI environments.
- Improved the existing monitoring solution—reducing the number of false positives and increasing the retention periods and resolution for historical metrics.
Technologies: Amazon Web Services (AWS), ASA, Cisco, Hubot, KVM, Ceph, Elasticsearch, RabbitMQ, Bash, Apache, Jetty, Errbit, Monit, Cloudflare, New Relic, Nagios, HAProxy, Passenger, Capistrano, Pacemaker, Jenkins, DRBD, Chef, Ruby, Mercurial, Perforce, Subversion (SVN), Git, LinuxLead Server-side Developer
2007 - 2010Pravo- Built a system of distributed proxies and crawlers to automatically collect and parse more than 500,000 legal documents per day.
- Developed fuzzy-logic-data-collection algorithms for data crawlers.
- Constructed a document-indexing pipeline using Sphinx.
- Designed a simple-and-effective infrastructure-monitoring system using Nagios.
- Created an HA and fault-tolerant MySQL cluster architecture with ring replication and real-time snapshots using Percona and HAProxy.
Technologies: Memcached, Nagios, Sphinx Search Engine, Percona, MySQL, PHP-FPM, HAProxy, NGINX, Apache, Linux