DevOps Engineer - Cloud Automation, Kubernetes, CI/CD

BEN BERDIBEK DEVOPS

Texas 224-***-**** Green Card Holder ***.********@********.*** https://www.linkedin.com/in/ben-berdibek

DevOps Engineer with 5+ years building and managing infrastructure for companies serving millions of users. Strong track record maintaining high availability for customer-facing platforms and accelerating release cycles through IaC automation, Kubernetes orchestration, and CI/CD pipelines. Experience spans:

●Shure, global audio technology leader with products deployed in major venues and broadcast networks worldwide

●iManage, enterprise SaaS platform serving thousands of law firms and financial institutions with document management infrastructure

●Softech, regional IT solutions provider managing hybrid cloud and on-premises infrastructure for enterprise clients

KEY ACHIEVEMENTS

●Earned CKA certification and applied knowledge deploying Kubernetes workloads serving audio streaming platforms processing thousands of concurrent streams during live concerts and corporate conferences. Automated application delivery through CI/CD pipelines reducing deployment time from hours to minutes while eliminating manual infrastructure setup

●Led Microsoft 365 migration for enterprise IT environment moving email, identity, and endpoint management to cloud. Implemented email authentication controls eliminating spam and phishing attempts while maintaining zero downtime during business-critical period for 300+ users

●Built Python automation toolkit processing incident data from Datadog and PagerDuty for the operations team. Integrated monitoring alerts with Slack notifications and automated log collection from Kibana eliminating hours of manual reporting work weekly while improving incident visibility across teams

●Configured observability dashboards tracking audio quality metrics and system health indicators for conferencing platforms. Integrated real-time alerting for performance degradation and streaming issues preventing customer experience impact during high-traffic events

●Deployed infrastructure automation using Terraform and GitOps for multi-tenant SaaS platforms serving legal and financial services clients. Standardized environment provisioning across development, staging, and production ensuring consistent deployments while reducing configuration errors

Expertise in cloud infrastructure, container orchestration, CI/CD automation, observability and incident response.

Green Card Holder. Authorized to work for any U.S. employer without visa sponsorship.

PROFESSIONAL EXPERIENCE

Shure, Chicago, IL July 2022 – Present

-Global leader in audio technology with $1B+ revenue, providing microphones, wireless systems, and conferencing solutions used in Madison Square Garden, Sydney Opera House, and major broadcast networks worldwide

DEVOPS ENGINEER

Managed cloud infrastructure and deployment automation for audio conferencing platforms serving enterprise customers and live event production teams. Built AWS environments, Kubernetes workloads, and CI/CD pipelines enabling engineering teams to ship updates for streaming services used during concerts, broadcasts, and corporate events.

●Deployed containerized applications on EKS, using Terraform to manage supporting platform infrastructure and Helm with Argo CD for GitOps based deployments, enabling more consistent releases across audio processing and conferencing services

●Migrated ingress traffic routing from NGINX Ingress Controller to AWS Load Balancer Controller on streaming platform. Implemented TargetGroupBinding moving routing logic to ALB layer improving traffic distribution during high-concurrency events while integrating AWS WAF security rules protecting against DDoS attacks

●Configured Datadog monitoring dashboards tracking audio-specific quality metrics including jitter, packet loss, and stream drops across live conferencing platforms. Integrated alerts detecting audio degradation issues during broadcasts and live events preventing customer experience impact at enterprise clients

●Configured pod-level access controls using IRSA for IAM permissions and Kubernetes admission policies for EKS workloads processing sensitive audio data. Implemented PodDisruptionBudgets and health probes ensuring application availability during cluster maintenance for live streaming services

●Improved resource efficiency by implementing Karpenter autoscaling replacing over-provisioned EC2 instances with right-sized compute for containerized workloads. Configured Spot instance strategies for non-critical development environments maximizing cloud budget utilization while maintaining performance standards

●Built CI/CD pipeline automating Docker image builds, ECR registry uploads, and EKS deployments supporting audio processing microservices. Integrated automated testing and deployment approvals accelerating code delivery to streaming platform with reduced manual intervention

●Developed Python automation scripts integrating Spot instance scaling events with Sumo Logic logging, CI/CD runner monitoring with PagerDuty alerts, and StrongDM access auditing with Slack notifications. Reduced manual operational tasks for infrastructure team while improving visibility into system events

●Supported AI, data, and SaaS cloud services by assisting with Terraform based infrastructure changes, deployment reviews, and incident response. Helped improve environment consistency and rollout safety while reducing service disruption during releases and traffic spikes

●Managed incident response handling 150+ issues quarterly using Datadog alerts and Kibana log analysis across audio streaming platforms. Followed escalation procedures and documented troubleshooting steps ensuring reliable service delivery during high-stakes live events and broadcasts

iManage November 2020 – May 2022

Enterprise SaaS platform serving 3,000+ law firms and financial institutions globally, managing document and email workflows with high availability and compliance requirements

CLOUD ENGINEER

Designed and operated multi-tenant SaaS infrastructure on AWS for document management platform serving law firms and financial institutions. Implemented cloud architecture, disaster recovery planning, and compliance requirements for enterprise clients handling sensitive legal and financial data.

●Configured multi-tenant AWS architecture isolating client data across separate RDS databases and S3 buckets within a legal document management platform. Implemented IAM policies and VPC networking ensuring data segregation meeting compliance requirements mandated by law firms handling confidential case files

●Executed migration of on-premises document repositories to iManage Cloud SaaS using parallel sync workflows and multipart S3 uploads serving legal clients. Validated content integrity and coordinated cutover timing minimizing business disruption at firms managing active legal cases

●Implemented compliance-focused security controls for legal and financial SaaS platforms including KMS encryption at rest, TLS 1.2+ in transit, S3 bucket access policies, and CloudTrail audit logging to SIEM. Configured private subnet architecture and least-privilege IAM roles meeting SOC2 and data protection regulations for clients handling confidential legal documents

●Designed network architecture implementing VPC isolation, private subnets for RDS databases, public subnets for ALB, and NAT Gateway for outbound traffic across development, staging, and production. Maintained environment consistency and network segmentation reducing security risks for multi-tenant platform

●Implemented infrastructure changes using Terraform modules to standardize provisioning of VPCs, subnets, IAM roles, security groups, EC2, RDS, and S3 resources across dev, staging, and production, reducing manual setup and improving environment consistency for the multi-tenant platform

●Optimized AWS spending through data lifecycle management implementing S3 Intelligent-Tiering, Glacier archival for inactive documents, EC2 Reserved Instances for predictable workloads, and Spot instances for batch indexing jobs. Balanced cost efficiency with retrieval performance SLAs for legal clients requiring fast access to active case files

●Developed event-driven automation using Python Lambda functions triggered by SQS, SNS topics, and EventBridge rules for document ingestion workflows. Automated metadata extraction, indexing jobs, and notification delivery reducing manual processing tasks for platform operations team

●Configured Dynatrace monitoring and performance baselines for document management platform tracking API latency, database query execution, and S3 storage metrics. Created alerting workflows triggering when response times degraded allowing proactive performance tuning before legal professionals experienced slowdowns

●Implemented blue-green deployment strategy enabling application releases to SaaS platform. Configured automated traffic switching between environments, health validation checks, and instant rollback capability ensuring zero-downtime updates relied upon by clients requiring platform availability

Softech February 2019 – August 2020

Regional IT solutions provider delivering infrastructure and support services to enterprise clients

SYSTEM ADMINISTRATOR

Managed hybrid Windows and Linux server infrastructure across on-premises data centers and cloud environments for regional IT solutions providers. Maintained reliable operations for business-critical systems serving 300+ users including Active Directory domain services, DNS/DHCP networking, file and print servers, web applications, and SQL databases through proactive monitoring and capacity planning.

●Administered Active Directory domain and Azure AD for user and service accounts across multiple business units. Designed organizational unit structure, implemented Group Policy baselines for security settings and software deployment, configured delegated administration, and automated user provisioning/deprovisioning workflows ensuring consistent access management for enterprise environment

●Led enterprise email migration to Microsoft 365 (Exchange Online) using phased cutover strategy for business operations. Configured SPF, DKIM, and DMARC email authentication eliminating spoofing and phishing attempts. Coordinated mailbox migration batches, tested email flow, and completed zero-data-loss transition on schedule minimizing business disruption

●Deployed endpoint management through Microsoft Intune/Endpoint Manager enforcing security baselines for corporate devices. Implemented BitLocker full-disk encryption on Windows laptops, FileVault on macOS, and application deployment policies. Standardized device configurations improving compliance posture for remote and office workers

●Developed PowerShell and Bash automation scripts for IT operations including user account provisioning, permission audits, credential rotation for service accounts, and compliance reporting for quarterly security reviews. Reduced manual administrative work and eliminated human errors in repetitive tasks

●Implemented performance management infrastructure using service health checks and log forwarding to SIEM for critical business systems. Configured alert thresholds for server performance, disk utilization, and service availability reducing alert noise while improving response times during system outages

●Led incident response during critical system outages coordinating internal IT teams and external vendors. Performed root cause analysis, documented detailed runbooks and playbooks, and implemented corrective actions preventing repeat failures for file servers, email systems, and business applications

●Designed disaster recovery procedures for critical infrastructure achieving defined recovery point objectives (RPO) and recovery time objectives (RTO) for email, file storage, and Active Directory services. Conducted quarterly DR drills testing backup restoration and failover processes validating business continuity readiness

●Managed network infrastructure projects including WiFi installation for institute building, LAN configuration, and network equipment deployment. Coordinated with building facilities and end users ensuring reliable connectivity for educational and administrative operations

EDUCATION

Bachelor's Degree in Computer Science and Engineering, KRAO University

LEADERSHIP

DevOps Mentor helping junior engineers transition into cloud and infrastructure roles through one-on-one sessions covering AWS architecture, Kubernetes best practices, and CI/CD pipeline design

Technical Volunteer supporting local tech community events and workshops focused on cloud computing and infrastructure automation

PROFESSIONAL DEVELOPMENT

AWS Certified Solutions Architect – Associate, Amazon Web Services

HashiCorp Certified: Terraform Associate, HashiCorp

Certified Kubernetes Administrator (CKA), Cloud Native Computing Foundation

EXECUTIVE STRENGTHS

Cloud Infrastructure Architecture, Infrastructure as Code, Container Orchestration, Continuous Integration/Continuous Deployment, Site Reliability Engineering, Incident Management, Disaster Recovery Planning, Configuration Management, Secrets Management, Observability, Monitoring, Log Aggregation, Performance Optimization, Cost Optimization, Security, Compliance, Network Architecture, Database Administration, Linux System Administration, Windows Server Administration, Active Directory Management, Identity and Access Management, Scripting, Automation, DevOps Best Practices, Agile Methodologies, Cross-Functional Collaboration, Technical Documentation, Problem Solving, Mentoring

TECHNICAL SKILLS

Cloud Platforms: AWS (EKS, EC2, VPC, Transit Gateway, RDS, S3, Lambda, SQS, SNS, EventBridge, CloudFormation, CloudFront, Route 53, ALB/NLB, WAF, IAM, KMS, Secrets Manager, CloudWatch), GCP, Microsoft Azure

Container: Kubernetes, Docker, Amazon EKS, Helm, Karpenter, Argo CD, ECS

Infrastructure as Code: Terraform, Terraform Cloud, CloudFormation, Ansible, Chef

CI/CD: GitHub Actions, Jenkins, GitLab CI/CD, CircleCI, Bitbucket Pipelines, Git

Monitoring: Datadog, Prometheus, Grafana, Dynatrace, CloudWatch, PagerDuty, Kibana, Sumo Logic

Security: HashiCorp Vault, AWS KMS, AWS Secrets Manager, IAM, IRSA, TLS/SSL, ACM

Programming: Python, Bash, PowerShell, Go, YAML, JSON

Databases: RabbitMQ, Apache Kafka, AWS SQS, Redis, ElastiCache, PostgreSQL, MySQL, SQL Server

Networking: VPC, Transit Gateway, Security Groups, NACLs, DNS, DHCP, Load Balancers, CDN

Agile: Jira, Confluence, Slack, Miro, Agile, Scrum, Kanban

Operating Systems: Linux (Ubuntu, CentOS, RHEL, Amazon Linux), Windows Server, macOS

Microsoft Technologies: Active Directory, Azure AD, Microsoft 365, Exchange Online, Intune, Endpoint Manager, Group Policy, PowerShell

Contact this candidate