Senior DevOps Engineer · CFI
Leading DevSecOps across the SDLC for a regional fintech.
- Lead DevSecOps across the SDLC — threat-modeling services and embedding SAST (SonarQube), SCA, and container image scanning into CI/CD, reducing high/critical vulnerabilities reaching production by 90% and auto-blocking insecure builds.
- Centralized secrets and credentials across all applications with HashiCorp Vault, eliminating hard-coded secrets and enabling short-lived, dynamic credentials.
- Secured internet-facing workloads with Cloudflare (WAF, DDoS protection, DNS, and zero-trust access).
- Operate business-critical, highly available Kubernetes clusters on self-managed AWS EC2, sustaining 99.95% uptime with zero-downtime upgrades.
- Provision cloud and on-prem infrastructure as code with Terraform for repeatable, version-controlled deployments.
- Build and maintain GitHub Actions CI/CD pipelines with automated testing, security gates, and deployment across all services.
- Design, provision, and operate OpenSearch clusters on AWS alongside Prometheus and Grafana for proactive monitoring, alerting, and security visibility.
- Implement New Relic APM to surface latency, errors, and bottlenecks across services.
- Administer and secure on-prem MySQL, PostgreSQL, and MongoDB, plus highly available RabbitMQ and Kafka on Kubernetes, with backup, replication, and HA strategies.