12/21/2025 updated
100 % available
AWS certified Security Specialist and GCP Solution Architect
Austin, USA Bachelor in Computer Sciences
About me
I’m an AWS Certified Security Specialist & DevOps Engineer who helps companies save on cloud costs ($260k+) and achieve SOC2 & HIPAA compliance (4 SOC2, 1 HIPAA) without compromising performance.
Amazon Web ServicesAmazon CloudfrontAmazon Elastic Compute CloudAmazon S3Google App EnginesAutomationBash ShellCloud ComputingCloud EngineeringDatabasesData VisualizationDatabase QueriesDevOpsAmazon DynamoDBGitHub
AWS and Cloud Technologies
Extensive experience with AWS services, including EC2, S3, CloudFront, and CloudWatch. Proficient in cloud architecture design and optimization.
DevOps Tools and Practices
Expert in CI/CD pipelines, using tools such as Jenkins, GitHub Actions, and AWS CodePipeline. Skilled in infrastructure as code with Terraform and Ansible.
Containerization and Orchestration
Advanced knowledge of Docker and Kubernetes for containerization and orchestration of applications in cloud environments.
Programming Languages
Proficiency in Python, Ruby on Rails, and Bash scripting for automation and application development.
Monitoring and Visualization
Experience with tools like Prometheus, Grafana, and AWS CloudWatch for system monitoring and data visualization.
Security and Compliance
Implementation of SOC2 and HIPAA compliance and security best practices in cloud environments.
Database Management
Optimization of database queries and management of various database systems including Mysql, DynamoDB.
Languages
EnglishFluent
Project history
- Reduced monthly cloud spend by 30% by modernizing and migrating infrastructure from a private cloud monolithic hosting to AWS EKS (auto mode).
- Strengthened AWS security through multi-account provisioning using AWS Control Tower as per AWS best practices, using Pod Identity for inter-service communication, following the IAM least privilege access principle, and secret management using AWS Secret Manager.
- Optimized infrastructure provisioning through Terraform, remote state management and CICD pipeline using AWS CodePipeline.
- Improved high availability and scalability through multi-AZ deployment by Karpenter and PDBs.
- Accelerated SDLC by containerizing the applications (Angular + Java), maintaining Git repositories for each application, and automating the deployment through AWS CodePipelines and Argo CD.
- Enhanced observability and operational awareness by integrating AWS CloudWatch Container Insights and setting up proactive alerting for critical application and infrastructure metrics using AWS SNS.
- Reduced monthly AWS spend by saving $40,000/year ($80,000+ in 2 years) at EZO through strategic billing optimizations and saving plans, instance right-sizing, resource cleanup, retention policies, and architectural improvements.
- Ensured 99.99%+ uptime for four SaaS applications by implementing automated monitoring, alerting, and self-healing mechanisms.
- Hardened security for cloud infrastructure with IAM policies, data encryption at rest and in transit, the least privilege principle, logging and monitoring, change management, disaster recovery, etc., to support SOC 2, HIPAA and PCI DSS compliance.
- Optimized CI/CD pipelines for zero-downtime deployments and to cut deployment time by 40% using Jenkins, GitHub Actions, and AWS CodePipeline for four SaaS applications.
- Optimize GKE/EKS cluster costs on GCP/AWS with pod/node dynamic autoscaling, right-sizing of instances, and upgrade to newly available versions to avoid extended support costs, etc.
- Automate infrastructure provisioning for 15+ accounts on AWS and GCP using Terraform, Ansible, and GitHub Actions, resulting in an 80% reduction in manual efforts.
- Managed Azure cloud for SaaS applications, integrating SCIM and Azure AD to enable automatic user provisioning within the ITAM tracking applications.
- Enhanced infrastructure and application monitoring through consolidated dashboards and proactive alerting systems using tools like Grafana, Prometheus, AWS CloudWatch, GCP Cloud Monitoring/Logging, and DataDog, ensuring high availability and early detection of issues across cloud infrastructure and SaaS applications.
- Enhanced DDOS/DOS protection using AWS WAF, NACL, SGs, and the SIEM solution, Wazuh.
- Enhanced the software development lifecycle (SDLC) by working closely with a team of over 50 developers and 10 QA resources, reducing bottlenecks through automated testing and deployments using Jenkins with tools such as Selenium, Playwright, Robocop, Bullet, and RSpec.
- Ensured high availability for APIs through decoupled and serverless architectures with Lambda written in Python, SQS, ALB/API Gateway, and DynamoDB for monolithic applications.
- Managed on-call rotations and defined SLIs, SLOs, and SLAs to ensure service quality and meet business objectives, especially with large-scale SaaS clients with private clouds.
- Fine-tuned Apache worker processes, boosting WordPress site performance and resource utilization with autoscaling, handling 100k+ requests per minute.
- Optimizing AWS to achieve over 60% cost savings ($30,000/year) by scheduling old EBS snapshots, introducing lifecycle policies for Amazon S3, deleting old and unused resources (AMIs, snapshots, backups), reducing cross-region data transfer, removing unused compute resources (RDS, EC2) and replacing VPC NAT Gateways with VPC endpoints.
- Optimized website performance globally with AWS CloudFront (CDN), enhancing user experience through faster content delivery.
- Strengthened email security with SPF, DKIM, and DMARC setup, plus regular DMARC report analysis.
- Managed a global WordPress site with a scalable and high-availability design, achieving 99.999% uptime and zero-downtime updates, and enhanced security using AWS WAF.
- Reduced code and OS patching time by 60% through Ansible and AWS Systems Manager Patch Manager.
- Initiate monthly AWS training for development teams, empowering them with skills in auto-deployments and secure access.
- Reduced manual efforts by 80% in AWS recurring tasks through bash scripting, i.e., ALB rules update, customer’s SSL certificates upload to ACM, etc.
- Upgraded Ubuntu servers, slashing application startup time from 3 minutes to 20 seconds (88%).
- Reduced the onboarding time by 80% for new hires by automating the provisioning of local setup using a containerized solution (Docker) and demos.
Portfolio
AWS Cost Optimization Expert
We're looking for an experienced AWS cost optimization specialist to help us reduce unnecessary spending and improve our cloud efficiency.
✅ If you help us save over $1,000/month, we pay only one month’s worth of those savings as your service fee, otherwise nothing
AWS Cost Optimization Specialist to Reduce Expense
We are seeking an experienced AWS Cost Optimization Specialist to analyze our current AWS environment. Your role will involve identifying unnecessary resources and providing recommendations to downsize the remaining resources effectively. Candidates should have strong understanding of AWS services.
AWS audit for SOC 2 & HIPAA)
Conduct AWS security & compliance review (SOC2/HIPAA): assess IAM, encryption, networking, logging, backups, DR, and incident response. Deliver a gap report, remediation plan, evidence pack, and audit handoff with control and policy templates.
AWS Discovery Audit & Well-Architected Review
Read‑only assessment of S2B’s AWS environment to document the current state and deliver prioritized recommendations for security, cost, and operational resilience—no changes made.
Deliverables:
• PDF report summarizing findings and a prioritized remediation plan (impact, effort, owner).
Identify and Resolve Security Issues in AWS IAM
Seeking an experienced DevOps/Security Engineer to audit AWS IAM users, roles, and access keys. Identify unusual activity, assess security posture, and recommend fixes (rotation, least privilege, CloudTrail). Deliver audit report, mitigation plan, and updated configs if needed.
AWS Test Environment Setup for Existing Project
Seeking an AWS expert to set up a cost‑efficient Test (Dev) environment mirroring production. Must know AWS (EC2, S3, SQS, VPC), CI/CD (GitLab), and environment isolation. Goal: enable smooth QA, manual approvals, and reliable dev workflows for Nevuto’s microservice‑based apps.