DevOps Engineer - Azure/AWS - CI/CD - Kubernetes & IaC
Resume:
Mahesh Bathili
DevOps Engineer
Location: Denton, Texas Mail: ****************@*****.*** Ph: +1-940-***-****
www.linkedin.com/in/mahesh-bathili-884777167
PROFESSIONAL SUMMARY:
DevOps Engineer with 5+ years of expertise in architecting and implementing scalable, secure, and highly available infrastructure and CI/CD pipelines for critical financial and telecom systems using Azure DevOps, AWS CloudWatch, Terraform, Kubernetes AKS, Docker, Helm, Jenkins, GitLab CI/CD, ArgoCD.
Proficient in leveraging Azure and AWS for multi-region deployments, utilizing Terraform and Pulumi for Infrastructure as Code with integrated policy enforcement via OPA, Checkov, and Sentinel.
Expert in securing DevSecOps workflows through comprehensive integrations of Veracode, Snyk, Twistlock, Fortify, and Black Duck in Azure DevOps, Jenkins, and GitLab CI/CD pipelines, alongside HashiCorp Vault and Azure Key Vault for dynamic secrets management and CIS Benchmarks hardening.
Proven ability to orchestrate Kubernetes (AKS) microservices with Helm, KEDA, and HPA, engineer Apache Kafka event streaming, and implement centralized monitoring/logging using ELK Stack, Splunk, and AWS CloudWatch.
Skilled in advanced automation with Python, Groovy, and Bash scripting for real-time health checks, anomaly detection, and optimizing release cycles, ensuring high performance, compliance, and significant operational efficiency gains.
TECHNICAL SKILLS:
Cloud Platforms: Microsoft Azure (AKS, Azure DevOps, Azure Blob Storage, Azure API Management, Azure Key Vault), AWS (EC2, ECS, Lambda, CloudWatch, Route 53)
Infrastructure as Code (IaC): Terraform (modularization, remote backends), Pulumi, OPA (Open Policy Agent), Sentinel, Checkov
Containerization & Orchestration: Docker, Kubernetes, AKS, Helm 3, KEDA, HPA (Horizontal Pod Autoscaler), ArgoCD
Databases: PostgreSQL, MongoDB, SQL Server, MySQL
CI/CD & Build Automation: Jenkins, GitLab CI/CD, GitHub Actions, Azure DevOps Pipelines, Maven, Gradle
DevSecOps & Security: Veracode (SAST), Snyk, Fortify, Black Duck, SonarQube, Checkmarx, Nessus, HashiCorp Vault, Azure Key Vault, RBAC, CIS Benchmarks
Scripting & Automation: Python, Bash, Groovy
Monitoring & Logging: ELK Stack (Elasticsearch, Logstash, Kibana), Splunk, AWS CloudWatch, NetFlow, Wireshark, tcpdump, SNMP
Networking & Protocols: FIX, SWIFT, ISO 20022, SIP, RTP, Diameter, LTE, VoLTE, IMS, Cisco CLI, Nokia AirScale
API Management & Integration: Azure API Management Gateway, RESTful APIs, Bloomberg API, Reuters API
Artifact & Package Management: Nexus Repository Manager, Docker Registry
Event Streaming & Messaging: Apache Kafka, Kafka Connect, Schema Registry
Code Quality & Governance: SonarQube (quality gates), Checkmarx, FFIEC/SOX compliance standards, technical debt analysis
Version Control & Collaboration: Git, GitHub, GitLab
Project & Release Management: Agile/Scrum, Release Orchestration, Secure SDLC, Environment Promotion Workflows
PROFESSIONAL EXPERIENCE:
JPMorgan Chase – TX August 2024 – Present
DevOps Engineer
Accelerated infrastructure provisioning by 66% through the development of reusable, environment-specific Terraform and Pulumi modules, integrated with OPA (Open Policy Agent) for policy-as-code enforcement, ensuring compliance with financial data handling standards.
Proactively eliminated 98% of critical security vulnerabilities in pre-production builds by embedding Veracode, Snyk, and Twistlock scans into Azure DevOps CI pipelines, enhancing DevSecOps maturity across all trading platforms.
Automated multi-region Azure resource deployments using Terraform with remote backends in Azure Blob Storage, incorporating Checkov and Sentinel policies to enforce regulatory and internal security benchmarks.
Accelerated multi-cloud (GCP, AWS, Azure) provisioning 66% using modular Terraform modules with Jenkins pipelines and remote backends, enforcing OPA policies for financial compliance.
Orchestrated microservices deployment on AKS clusters leveraging Helm 3, KEDA for event-driven autoscaling, and HPA (Horizontal Pod Autoscaler) to ensure low-latency and high-availability performance for real-time trade execution systems.
Integrated HashiCorp Vault into Jenkins/Terraform pipelines for Kubernetes (AKS/GKE) secrets management, enabling dynamic RBAC for GCP/AWS resources.
Engineered Kafka streaming on Kubernetes clusters using Terraform/Jenkins, with ELK/Splunk monitoring of PostgreSQL/MongoDB/MySQL/SQL transaction data for fraud detection.
Strengthened DevSecOps practices by integrating Veracode SAST, Fortify, and Black Duck into end-to-end CI/CD workflows to meet FFIEC and SOX compliance standards for secure code delivery in core banking applications.
Built Python and Groovy automation scripts to validate trade settlement workflows, perform real-time health checks, and monitor FIX protocol connectivity across equity and derivative trading systems.
Enforced secure secrets management across CI/CD pipelines by configuring HashiCorp Vault and Azure Key Vault, implementing fine-grained RBAC and dynamic secrets for ephemeral credential provisioning.
Implemented centralized logging pipelines using the ELK Stack (Elasticsearch, Logstash, Kibana) and integrated with Splunk to monitor SWIFT, FIX, and ISO 20022 transaction patterns for anomaly detection and fraud analysis.
Engineered real-time event streaming architecture using Apache Kafka with schema registry and Kafka Connect to support asynchronous trade lifecycle tracking and downstream credit risk analytics.
Managed internal artifact lifecycle by configuring Nexus Repository Manager for Java and Docker assets, implementing SonarQube quality gates and staging promotions in accordance with banking release protocols.
Secured Bloomberg and Reuters API connectors via Azure API Management Gateway, enabling encrypted data interchange and usage tracking to meet financial data license agreements and cybersecurity mandates.
HCLTech – India May 2019 - July 2023
DevOps Engineer
Optimized CI/CD pipelines using Jenkins, GitLab CI/CD, and ArgoCD to streamline automated deployments of 4G/5G core network services, achieving 70% faster release cycles for mission-critical telecom applications.
Performed advanced network diagnostics using Wireshark, NetFlow, and tcpdump to analyze and resolve SIP, RTP, and Diameter protocol issues, ensuring 99% uptime for voice and data services.
Engineered and maintained Helm charts for Kubernetes-based deployments of telecom applications, automating upgrades and rollbacks, which reduced operational overhead by 85%.
Engineered Helm charts for Kubernetes microservices using Terraform/Jenkins, automating PostgreSQL/MongoDB/MySQL/SQL upgrades/rollbacks, reducing overhead 85%.
Deployed ELK Stack on GCP/AWS Kubernetes via Terraform/Jenkins for real-time VoIP/5G monitoring, resolving SIP/Diameter issues in under 30 minutes.
Deployed and configured ELK Stack (Elasticsearch, Logstash, Kibana) for centralized logging and real-time monitoring of network events, enabling proactive identification and resolution of VoIP and 5G core issues within 30 minutes.
Configured and monitored AWS CloudWatch for real-time telemetry of EC2 instances, ECS clusters, and Lambda functions, while leveraging Route 53 for resilient DNS configurations in telecom service delivery.
Enforced CIS benchmarks and conducted Nessus vulnerability scans to harden telecom infrastructure, achieving 100% compliance with industry security standards and mitigating 98% of identified risks.
Automated health checks/log rotation using Python/Bash in Jenkins pipelines, monitoring PostgreSQL/MongoDB/SQL performance on Terraform-provisioned Kubernetes clusters.
Accelerated zero-downtime deployments 65% via Jenkins/ArgoCD on GCP/AWS EKS/GKE, integrating SonarQube/Checkmarx for telecom codebases with SQL persistence.
Developed and maintained Python and Bash scripts to automate critical tasks, including log rotation, server health monitoring, and network performance checks, reducing manual effort by 75%.
Integrated SonarQube and Checkmarx for continuous code quality and security analysis, reducing technical debt by 40% and ensuring robust telecom application codebases.
Configured and optimized LTE, IMS, and VoLTE protocols using Cisco CLI, SNMP, and Nokia AirScale equipment, ensuring seamless integration and management of network devices.
Accelerated deployment cycles by 65% through advanced Jenkins and ArgoCD workflows, enabling zero-downtime deployments for containerized telecom microservices on Kubernetes clusters.
Enhanced infrastructure security by implementing HashiCorp Vault for dynamic secrets and CIS-compliant hardening, reducing vulnerabilities by 97% across 4G/5G network servers.
EDUCATION:
Masters in Computer Engineering - University of North Texas, Denton, Texas, USA
Bachelor of Technology - Gudlavalleru Engineering College, A.P.- India
CERTIFICATION:
AWS Certified Solutions Architect - Associate
Contact this candidate