Designed and operate multi-cluster EKS platform across CICD, non-prod, and production, managed declaratively through Terragrunt and ArgoCD with GitOps overlay patterns to eliminate configuration drift.
Stabilized a 160-node production cluster by diagnosing a Karpenter memory leak through longitudinal Grafana cache analysis; authored cluster-wide upgrade plan.
Led compute cost program projecting 46–62% reduction via Graviton/ARM64 migration, workload right-sizing, and AWS Savings Plan modeling.
Built organization-wide observability platform on Prometheus and Loki; authored dashboards for CI/CD economics, GitOps sync health, and resource right-sizing.
Architected zero-downtime PostgreSQL migration via AWS DMS Change Data Capture, fully codified in Terraform for repeatable deployment.
Designed cross-account IAM architecture using IRSA with least-privilege spoke roles; routed GuardDuty findings to Wazuh SIEM.
Enforced infrastructure-as-code governance by building a continuous reconciliation system with Steampipe and Argo CronWorkflows that flags any AWS resource not represented in Terraform, ensuring nothing exists in production without being declared in code.
Deployed DataHub for data discovery and governance across Dagster, Airbyte, and BigQuery.
Rebuilt Terraform into modular, reusable architecture across GCP and AWS, accelerating deployments and eliminating cross-team duplication.
Designed site-to-site VPN tunnels between GCP and AWS, enabling secure cross-cloud workload communication.
Consolidated GitLab CI pipelines across cross-functional teams, reducing build complexity and standardizing deployments.
Cut Datadog spend by reducing noisy logs and metrics ingestion while improving incident signal-to-noise ratio.
TerraformGCPAWSGitLab CIDatadog
Guideline—DevOps Manager2022–2023
Established Terraform as the IaC foundation across GCP, centralizing monitoring and logging alongside it.
Designed data pipelines for engineering and science teams using BigQuery, Datastream, Fivetran, and Looker.
Rationalized CI/CD tooling across GoCD, Bamboo, and CircleCI, improving pipeline reliability and standardizing deployment practices.
Modernized Kubernetes clusters by removing Dockershim and deprecated components to align with current standards.
Standardized Helm chart development with DRY principles, improving consistency across deployments.
Performed monolith database split, improving performance and reducing disaster recovery time.
KubernetesHelmBigQueryDatastreamTerraformGCP
Brace—Senior DevOps Engineer2021–2022
Containerized new and existing applications on Kubernetes, establishing standards for resource configuration and deployment patterns.
Managed multiple AWS accounts end-to-end with Terraform, developing reusable modules to enforce consistency across environments.
Partnered with CISO to strengthen security posture, meeting and exceeding SOC2 requirements.
Upgraded EKS clusters with zero-downtime node group rotation, establishing repeatable lifecycle management.
Architected ETL pipelines and data management improvements for engineering and data teams.
KubernetesAWSEKSTerraformSOC2Docker
CultureIQ—Lead DevOps Engineer2020–2021
Owned IaC with Terraform, including automated deployment pipelines with approval gates and environment promotion controls.
Decomposed multi-language monolith into containerized multi-service architecture on Fargate and Kubernetes.
Implemented CI/CD pipelines using Drone and Jsonnet to maintain DRY configurations.
Developed centralized logging and monitoring using Datadog, InfluxDB, and Telegraf.
Ensured infrastructure processes exceeded SOC2 and GDPR compliance standards.
KubernetesFargateTerraformDroneDatadogSOC2GDPR
Ticket Evolution—Lead DevOps Engineer2018–2020
Migrated entire infrastructure from bare-metal datacenter to containerized Kubernetes in AWS with minimal downtime, improving performance 5x.
Built and maintained autoscaling Kubernetes clusters serving a $20B API marketplace at 200+ req/sec.
Built continuous deployment system enabling developers to deploy, monitor, and rollback releases via Slack and CLI.
Migrated large PostgreSQL database from standalone to Aurora RDS using DMS with minimal downtime.
Implemented full-stack observability using Grafana, Graphite, Prometheus, Datadog, and CloudWatch.
Leveraged Kong as ingress controller for granular traffic routing, removing bottlenecks without code changes.
KubernetesAWSHelmKongDMSPrometheusGrafanaAurora
CoachCare—Lead DevOps Engineer2016–2018
Built scalable infrastructure supporting 100k active users across hybrid Node.js and PHP platform.
Provisioned and managed AWS infrastructure with reserved instance planning to reduce costs.
Migrated PostgreSQL to RDS and implemented RabbitMQ and Redis for queuing and token storage.
Established containerized infrastructure foundation using Kubernetes and Docker, enabling cloud-native deployments.
Built CI/CD pipelines using CircleCI with NewRelic and Sumo Logic monitoring.
KubernetesAWSRDSCircleCIDocker
Reliant Security—Director of DevOps2009–2016
Director of DevOps (2014–2016) · Senior DevOps Engineer (2011–2014) · Security Engineer (2009–2011) — Joined as one of the first employees doing security engineering; grew through automation-heavy roles into DevOps leadership as the platform scaled from startup to enterprise.
Scaled infrastructure to manage over 12,000 production nodes.
Technical lead for designing and deploying Reliant's Debian-based security and virtualization platform.
Designed and implemented PCI-compliant AWS environments using private VPCs.
Assisted clients with PCI and SOX audits and developed remediation plans.
Consolidated virtualization across KVM/QEMU, OpenVZ, and VMware to reduce datacenter footprint.
Onboarded and mentored engineers across multiple levels as the team grew alongside the platform.
AWSKVMVMwarePCIDebian
▸Earlier career2005–2009
Qwikker—Senior Systems Administrator2008
Designed infrastructure managing 20,000+ Mobile Content Servers. Led datacenter migration and established Follow-the-Sun 24x7 support model.
WebMD—Systems Engineer2007–2008
Lead administrator for Medscape Mail (30,000+ doctors). Migrated from Sun Solaris to distributed RHEL platform and implemented MySQL Cluster for HA.
IGXGlobal—Systems Security Engineer2005–2007
Lead datacenter administrator. Redesigned web server infrastructure for HA, implemented Nagios monitoring, and managed firewall and SSL VPN security.
certifications
CISSP — Certified Information Systems Security Professional · Active since 2010