viniyan

Participated in the creation of an AI based interview platform, integrating with LLM's to enhance HR processes. I also collaborated within a multidisciplinary team of 20+ professionals, delivering intelligent and high-impact solutions. In my daily work, I utilized technologies such as Python 2.7 and 3.1, Gitlab CI/CD pipelines, Linux operating systems in GCP cloud enviroment, the relational database Mysql, and back-end frameworks like Pyramid. One of my key achievements was participating in the planning and implementation of a OS migration along with fail2ban implementation to enhance security across all networking layer 7. Another key achievement was the mapping of a on-prem network infrastructure, suggesting improvements in firewall rules, port security for switches and VLAN segregation for WIFI endpoints. I also participated in the preparation of a document for a bidding process for a European Union agency, serving as a reference for best practices in cloud infrastructure and DevSecOps. Provided client support and conducted root cause analysis. Automated tasks using python/bash scripting. Maintained legacy applications based in GCP and AWS VMs and functions. Delivered improvements in observability and monitoring using Datadog. Defined and implemented FinOps best practices suited for the operation. Adapted to ISO 27001 implementation. Conducted Threat modeling. Terraform and Ansible IaC management.

I managed the AWS Infrastructure creation/modernization using Cloudformation, for a blockchain based service. Delivered security best practices such as bastion host, IAM policy creation, E2E encryption, secret management/rotation. Created bash scripts for automation purposes, enhancing internal processes. Conducted CI/CD pipeline modernization working with NPM packages, directly improving the SDLC process.

Guided cloud, database and registry migration, saving up to 50% of related costs. Implemented registry cleanup policies saving up to 70% of related costs. Created and optimized CI/CD pipelines for different stacks. Creation and management of 4 different test environments enhancing internal productivity. Conducted Root cause analysis. Implemented caching to improve application performance. Provided Tracing analysis and resource rightsizing. Guided Vault implementation. Tested OWASP ZAP DAST implementation in development scenarios. Enhanced NPM and docker CI/CD build/publish thorugh CI/CD pipelines. IMplemented redirecting through sidecar design pattern and Init container database migration. Optimized Network layer 4 and 7 security/availability, working withhHealth checks and security context inside Kubernetes. ALso participated in deploying Twingate/OpenVPN access restriction. Technologies used: Agile, Kanban. Rancher. DigitalOcean, GCP, AWS. GAE, GKE. GSM Secret Manager. Cloudlare, Atlas, Vercel. Serverless vpc, cdn. IAM, RBAC. ELK, Grafana, Prometheus and Metrics-Server for metrics and visualization. Istio integration alongside NGINX ingress/sidecars. Lens for general management, custom resource definitions events aggregation. Helm chart creation/configuration. Loader.io, locust and k6 for application performance and scaling test purposes. GraphQl. AWS EC2 pipeline runner integration with Bitbucket. Github actions. Health check, liveness/readiness probe. Node affinity/antiaffinity configuration. Serverless and bucket cloud storage. Redis caching. ksniff for packet capture. Sentry/ElasticSearch for APM. Elastic security for SIEM. OWASP ZAP DAST. ChatGPT, Adrenaline for debugging purposes. New relic, eBPF, Pixie. Hashicorp vault, External Secrets Operator, CSI Driver. Kyverno for policies and rules. Cloudflare for CDN a zero trust VPN/SSO.

Responsible for the architecture of a microservices system in the geoprocessing sector, representing development, test and production environments. Creating and monitoring a Kubernetes cluster on the DigitalOcean cloud platform, using technologies such as Grafana and Prometheus for metrics analysis, Loki for log analysis/storage, Kiali for topology, Jaeger for tracing, Keda for autoscaling, Chaos Mesh for testing. Responsible for deployment/helm charts of microservices in an architecture based on Service Mesh, containing Api Gateways (Istio). Creation and maintenance of documentation of the technologies used, technical writing. Implementation of best practices in SecOps such as identity, authentication, authorization through JWT/RBAC; rate limit; mTLS for inbound connections; proxying; OpenID connect and Oauth; MFA/2FA; public key cryptography, digital signature, UUID/GUID, protocol conversion etc. SPIFFEE/SPIRE, x.509 standards. Extensive experience with open-source platforms. Experience building Api's django, flask, and vue.js. Swagger docs. Experience with Jira, Scrum and Agile Methods. BitBucket CI/CD. App publishing on the most famous app stores. Using GitFlow. PostgreSql, Redis and MySql databases. NFS (Network file server). Insomnia, Postman. RabbitMq. Ansible, Terraform. OpenSSL, Cert Manager.