Senior DevSecOps/SRE | AWS-first | Terraform/CDK | Containers & Serverless | Observability & Incident Response
- ๐ Cloud & Security: IAM least privilege, mTLS, PrivateLink, WAF, Security Hub, secrets mgmt
- โ๏ธ Platforms: AWS (ECS/EKS/Lambda/API Gateway/CloudFront/S3), VPC endpoints, NAT optimization
- ๐ IaC: Terraform, CDK, CloudFormation, Serverless Framework/Compose
- ๐ CI/CD: GitHub Actions, GitLab, Jenkins, GitOps, distroless containers, image scanning (Trivy, Clair, SonarQube)
- ๐ Observability: CloudWatch (logs/metrics/alarms/X-Ray), ADOT/OTEL, Prometheus, Grafana, Loki, New Relic
- โก๏ธ Languages: Python, TypeScript/Node.js, Bash
- ๐ก Data/Events: EventBridge, SQS/SNS, Kinesis, MSK/Kafka
- ๐ง SRE: Runbooks, RCAs, capacity planning, performance tuning
- CloudFront OAC + API Gateway โ Multi-tenant delivery with signed URLs/cookies, Bedrock/Transcribe/Comprehend/Translate, full CloudWatch observability.
- Private Facial Age Verification โ NLBโALB mTLS, ACM PCA, PrivateLink, Lambda layers for JWT/JWS, OTEL + CloudWatch, encrypted audit trails.
- Weather โ MSK โ EKS โ Real-time ingestion with Lambda/EventBridge, Kafka fan-out, EKS microservices, Prometheus + OTEL tracing.
- Cost Optimization Framework โ Python/boto3 cleanup for EBS/AMIs/RDS snapshots, log retention enforcement, scheduled EC2 shutdowns.
- Serverless Migration (50% faster) โ Rebuilt Bash+CloudFormation into Serverless Framework + Compose, parallelized deploys.
- Hardening AWS edges (network/IAM) with clean IaC patterns
- Low-noise observability (SLOs, alarms, traces) and incident runbooks
- Secure serverless/container delivery with fast CI/CD and guardrails