Solutions Architect Devops Engineer

NANDA GOPISETTI

*****.****@*****.***

mailto:*****.****@*****.***** No: +1-919-***-****

SUMMARY:

Senior Cloud DevOps Engineer, AWS Certified Solutions Architect and Kubernetes Certified with 12 Years of experience Cloud, DevOps, Site Reliability and Systems Engineering.

Skilled at supporting, automating, and optimizing missing critical deployments, leveraging configuration management, continuous integration and continuous delivery, and DevOps processes.

CERTIFICATIONS:

AWS Certified Solutions Architect – Professional

AWS Certified Solutions Architect – Associate

Certified Kubernetes Administrator (CKA)

Certified Kubernetes Application Developer ( CKAD )

TECHNICAL SKILLS:

Cloud: AWS, Azure, GCP and Nimbula

Operating Systems: Ubuntu, Red hat Linux, CentOS Windows Server

Version Control Systems: Git, GitHub, Gitlab and Bitbucket

IAAS/Config Management: Terraform, Ansible, Chef and Puppet

Monitoring: Nagios, Prometheus, Grafana, Alert Manager, CloudWatch and Data Dog

Web/Proxy Server: Tomcat, Apache, Nginx

Containers/Orchestration: Docker, Kubernetes, ECS and EKS/AKS

Devops Tools: GIT, GitHub, Bitbucket, Jenkins, GitLab, SonarQube, Checkmark, OWASP Zap, Nexus, Maven, Gradle, Docker, Helm, Kubernetes and Argo CD

Automation Tools and Scripts: Cloud Formation, Terraform, Shell scripting, Python and Ansible

EDUCATION:

Jawaharlal Nehru Technological University, Hyderabad, India (August 2010)

Bachelor’s Degree

EXPERIENCE:

Client: Amex, Phoenix, Arizona Jan 2024 to Present

Role: Sr Devops Engineer II/ Architect

Responsibilities:

Improved code deployment efficiency by automating manual release processes through robust CI/CD pipelines, reducing deployment time and human error.

Designed and optimized GitHub Actions workflows using conditional triggers and change-based filters, eliminating redundant executions and improving pipeline efficiency by up to 40%.

Integrated Dependabot across microservice repositories to automate dependency upgrades, proactively mitigating security vulnerabilities and reducing manual intervention in CI/CD pipelines.

Architected containerization strategy using Docker and Kubernetes, improving scalability, deployment consistency, and resource utilization across dev, staging, and production environments.

Built and deployed containerized applications with Docker and automated CI/CD pipelines in gitlab to manage image builds, registry pushes, and Kubernetes deployments across multiple environments.

Implemented advanced deployment strategies such as Blue/Green and Rolling Updates in Kubernetes, enabling seamless releases with minimal downtime and controlled rollback capabilities.

Performed Kubernetes cluster upgrades and patching with zero-downtime strategies, maintaining high availability and minimizing disruption during version migrations.

Designed and provisioned AWS infrastructure using Terraform, including VPCs, subnets, IAM roles, ECS clusters, S3, CloudWatch, ALB, Route 53, and RDS, enabling scalable and resilient environments across multiple stages.

Implemented IAM least privilege policies, automated role-based access control (RBAC) for ECS/EKS workloads using IAM Roles for Service Accounts (IRSA) and ensured compliance across multi-account AWS org using SCPs.

Integrated AWS Systems Manager (SSM) for secure access and patching across EC2 instances, enabling centralized session management and automated OS patch compliance.

Deployed centralized logging solution using CloudWatch Logs, CloudTrail, and S3, with lifecycle policies and Athena integration for compliance and audit.

Automated S3 bucket policy management and encryption enforcement using Terraform, ensuring compliance with internal data protection standards.

Orchestrated cost optimization reviews using AWS Trusted Advisor and Cost Explorer, achieving a 20% reduction in monthly spend by identifying idle resources, right-sizing EC2, and converting to Reserved Instances.

Used AWS EventBridge and Lambda to automate event-driven remediation workflows, including security group rule cleanups and instance tagging enforcement.

Created CloudWatch dashboards and integrated anomaly detection for key AWS services, improving operational visibility and reducing MTTR.

Client: Estee Lauder, New York, NY May 2021 to Dec 2023

Role: Sr Cloud Devops Engineer/ Architect

Responsibilities:

Built entire infrastructure on AWS using hub & spoke models for all environments

Reduced system downtime for critical applications by implementing robust monitoring and alerting tools.

Developed application and security program (SAST and DAST) level to identify, report and remediate security vulnerabilities from applications deployed in Dev, Pre-Prod and Prod environments.

Standardized configuration management practices using Ansible for better visibility into infrastructure changes.

Implemented Ansible automation for configuration management, orchestration, and deployment tasks, streamlining infrastructure provisioning and ensuring consistency across environments.

Proficient in using all amazon web services like VPC, EC2, ECS, EKS, Sage Maker, Bedrock, CloudFront, EBS, IAM, S3, ELB, RDS, VPC, Route 53, Cloud Watch, Event Bridge, SNS, SQS, Lambda, Cloud Formation, AWS Codepipeline, API Gateway etc.

Designed and implemented machine learning workflows using AWS Sage Maker, integrating with other AWS services to create end-to-end ML solutions.

Experience in Experience in Cloud FinOps / Cloud spend optimization.

Experience using AWS Cost Explorer and other AWS Cost Management tools.

Brought up unique tagging policies for most of the resources in AWS

Setup organizational AWS backup strategy for Prod, Dev environments.

Used AWS trusted advisor to delete unused resources, resized the resources across different AWS accounts.

Implemented DR setup for multiple applications between different regions

Worked on setting up & trouble shooting Kubernetes(K8) clusters

Solid experience in setting up ECS cluster, services & task

Automated infrastructure & application pipe line using GitLab CI

Implemented WAF (Web application firewall) in front of application load balancer & CloudFront for DDOS attacks, bad bot detection.

Designed, implemented, and managed Site-to-Site VPN connections between on-premises data centres and Azure/AWS cloud environments, ensuring secure and reliable communication channels.

Cost optimized by converting on demand EC2 & RDS to Reserved instances

Migrated the entire application from one region to another region with zero down time using DMS

Implemented security best practices across all accounts like WAF rules implementation, tightening security groups & NACL, implementation of Guard duty

Involving in security and compliance audits like PCI and SOCS.

Automated Migration of standalone Postgres database to Aurora Postgres Compatible database & used SSM to store database credentials

Integrated AWS, Datadog, PagerDuty & status page for seamless monitoring, on call & status notification.Setup Datadog monitors, logging and PagerDuty services from Scratch

Implemented Lambda function using python to pull ALB log, WAF logs & cloud trail logs from S3 to data dog to set up monitors around them.

Worked on LDAP configuration on aws servers and troubleshooting if any issues arise.

Implemented S3 DLP (Data loss prevention) using Cloud Trail on s3 buckets, CloudWatch events, SNS, Python Lambda function to trigger Slack notifications for unauthorized Copy Object events to S3

Strong experience in setting up VPCs, VPC peering and routing traffic between VPCs.

Worked extendedly on AWS ACM certificates and go daddy certificates

Written multiple cloud formation/Terraform templates to provision entire infrastructure that includes various AWS services.

Developed and maintained custom scripts and automation using Terraform ( IaC ) to simplify infrastructure management and enhance productivity.

Worked extensively on Centos, Amazon Linux, Red hat Linux, Ubuntu and windows operating systems.

Experience on installing, managing, troubleshooting web and application servers (Apache, Tomcat, WebLogic, WebSphere etc.) and hands on experience on starting / stopping services.

Client: ORACLE, Hyderabad, Telangana Sep 2018 to April 2021

Role: Senior Cloud DevOps Engineer

Responsibilities:

Experience in setting up CI/CD pipelines for various applications based on team requirement.

Integrated Terraform into CI/CD pipelines using tools like Jenkins to automate infrastructure provisioning and deployment processes.

Monitor, analyses, and report performance statistics for cloud hosted environments.

Supported oracle Development/Production infra related issues like – disk utilization, LDAP, NFS, kernel issues, patching individual utilities as per team request, user lock issues, samba setup, managing SUDO access etc.

Worked on installing/upgrading server software as per client requirement.

Worked with various vendors, to replace Faulty components on HP hardware.

Analyses system performances using top, sar, vmstat, netstat, iostat commands.

Worked with several application teams on supporting in Application deployment.

Automated process with Cron that checks disk usage and clean up using shell scripting and other repetitive tasks.

Supported development teams by providing them temporary OS platforms through docker.

Responsible for automating configuration automation setup using ansible for application team and other development teams.

Worked with software development and testing team members to design and develop robust solutions to meet client requirements for functionality, scalability, and performance.

Client: JP MORGAN CHASE AND CO, Hyderabad, Telangana March 2016 to August 2018

Role: AWS DevOps Engineer

Responsibilities:

Managed infrastructure through Jira tickets and responsible to provide troubleshooting, resolution and providing root cause analysis.

Experience in writing AWS cloud formation templates to spin up entire infrastructure and also experience on migrating CFT templates to terraform.

Implemented and managed Infrastructure as Code (IaC) using Terraform to automate cloud provisioning, reducing manual intervention and increasing system reliability and scalability.

Developed reusable Terraform modules to standardize and streamline infrastructure deployment across multiple environments.

Setting up VPC Peering & Creating brand new VPCs, public subnet, private subnet, Route tables

Written multiple cloud formation templates to provision entire infrastructure that includes EC2, IAM roles and S3 buckets, ELBS, Auto scaling groups, Launch configuration and Route 53

Experience in automated deployment of EC2 instances.

Enable MFA for privileged users and Monitor activity in AWS account Used security groups to develop logical firewall to ensure high security for control applications.

Also, managed roles and permissions of users to AWS account through Identity and Access Management

Used Cloud Front to deliver content from AWS edge locations to users, allowing for further reduction of load on front-end servers.

Set up Auto Scaling Groups based on memory and CPU to adapt to unforeseen spikes without having outage or needing manual intervention.

Set up Elastic Load Balancers for different applications to ensure high availability of applications.

Used Amazon S3 to backup database instances periodically to save snapshots of data.

Setup application environments to test load and behaviour of docker containers, its orchestration using Kubernetes on EKS.

Client: SABRE TRAVEL TECHNOLOGIES, Bangalore November 2015 to March 2016

Role: Senior Linux Administrator

Responsibilities:

Building servers for clients and creating filesystems based on client requirements.

Increased capacity & Performance of production machines by upgrading Hardware such as Disks, CPU, Memory, IO board, Power cooling unit, Mother Board & firmware.

Automated patch management using ansible, reducing manual intervention and ensuring timely updates.

Automated system monitoring and reporting with ansible, providing real-time insights into system performance.

Client: KPIT TECHNOLOGIES LIMITED, Bangalore February 2015 to November 2015

Role: Senior Systems Engineer

Responsibilities:

Installed configured and upgraded of Red Hat Linux/ CentOS using PXE Boot/ Kickstart

Deploying and configuring Virtualization technologies such as VMware ESX/ESXi and created and managed VMs (RHEL/CentOS) and got involved in virtual server maintenance.

Responsible for installing and managing YUM and RPM Packages

Also created local yum repository for offline

Managed systems routine scheduling jobs and enabling Cron jobs.

Configured and managed physical volumes, volume groups, and logical volumes.

Configured various RAID levels such as RAID 0, 1, 5 and 6 for redundancy.

Configuring NFS server and mount exported NFS resources at client side.

NFS Administration, exporting file systems, mounting exported file systems.

Tuned kernel parameters to optimize system performance.

Automated repetitive tasks through shell scripting and python.

Client: HIGH POINTS TECHNOLOGIES, Bangalore December 2012 to February 2015

Role: Unix System Administrator

Responsibilities:

Worked on Data centre migrations.

Upgraded and applied patches for RedHat/Solaris Servers.

Carry out Server Builds/Server De-commissioning Activities.

Worked on File system Administration on LVM.

Good experience on software installations and server configurations using shell scripting.

Periodically checked server logs and took corrective actions.

File system administration using Veritas Volume Manager and Configuring Veritas Clustering on Linux/Solaris servers.

Contact this candidate