Deep hands-on experience across cloud-native platforms, Kubernetes, DevSecOps, and infrastructure automation at production scale.
I architect cloud infrastructure that balances agility with operational reliability. My focus is on designing multi-cloud and hybrid environments — AWS, Azure, and on-premise RKE2 clusters — that teams can actually maintain. I don't just draw diagrams; I own the implementation, from network topology to cost modeling.
Kubernetes is my core platform. I manage production clusters running 29+ microservices across dev, UAT, and prod environments. I've implemented ArgoCD App-of-Apps patterns, designed Helm umbrella charts for cohesive multi-service deploys, and built the GitOps workflows that eliminate configuration drift.
I build pipelines that teams trust. My GitLab CI/CD pipelines handle multi-chart Helm deployments with environment-aware promotion, parallel job safety via resource groups, Slack notifications with structured blocks, and artifact caching strategies that keep build times tight.
Security is integrated into my engineering workflow, not layered on afterward. I work extensively with HashiCorp Vault for KV v2 secrets management, loading secrets at application startup via SDK rather than injecting into environment variables. mTLS with Istio, network security with Cilium eBPF, and shift-left testing in CI pipelines.
I implement full-stack observability stacks that surface actionable signals. Prometheus and Grafana for metrics and alerting, Elastic Stack for log aggregation, and Elastic APM for distributed tracing across .NET microservices. Observability is the lens through which I validate every infrastructure change.
All infrastructure is code. I use Terraform for declarative cloud resource provisioning and Ansible for configuration management and cluster bootstrapping (Kubespray). Treating infrastructure as versioned, reviewable, and testable code is not optional — it's the foundation of operational confidence.