Dr. K.

Cloud Technology Proficiency: Extensive experience across AWS, Google Cloud, and Azure. Proficient in AWS Batch, Lambda, CloudFormation, EC2, S3, ELB, VPC, etc. Skilled in Google Cloud services like Compute Engine, Cloud Storage, Kubernetes Engine, and Cloud Run, Strong grasp of Azure services covering Compute, Network, Blob Storage, RDS, Azure SSO, etc. Kubernetes: Implemented robust Kubernetes security measures, including RBAC, network policies, and Pod Security Policies to ensure compliance with stringent banking regulations. Managed secure multi-tenant Kubernetes clusters with encrypted data at rest and in transit to meet financial industry standards. Conducted regular security audits and vulnerability assessments on Kubernetes environments and package management using HELM. Containerization Logging and Orchestration: Expertise in Kubernetes, Helm, covering deployment, scaling, and management of containerized applications. Skilled in implementing image security, managing golden container images, and setting up private registries. Proficient in fixing CVEs using tools like Trivy, AquaSec, and Windows Defender on AKS. Experienced in intrusion detection on pods using Falco. Infrastructure as Code (IaaC) Mastery: Well-versed in IaaC practices with Terraform, Terragrunt, and TFLint. Proficient in Terraform operations: initialization, planning, application, and destruction. Familiarity with Terragrunt for enhanced configuration management and TFLint for code quality. Security Expertise: Mastery in security practices including AWS Secret Manager and KMS. Proficient in creating, storing, and retrieving secrets with advanced knowledge of AWS KMS concepts. Skilled in managing IAM permissions related to KMS for robust security measures. Automation and Scripting: Hands-on experience with Infrastructure as Code (IaaC) using Terraform, AWS CLI, PowerShell, ARM templates, and Jenkins. Network and Authentication: Expertise in maintaining DNS across various providers and configuring MX, SPF, DKIM, etc. Proficient in Single Sign-On (SSO) integration with AAD, OKTA, AWS Directory Services, LDAP, and Kerberos Authentication. Troubleshooting and Observability: Strong troubleshooting skills, delivering timely solutions within Service Level Agreements (SLAs). Extensive experience with Linux servers (RHEL, Ubuntu, CentOS), monitoring software (Nagios, Cacti, CA Nimsoft, SonicWALL Bandwidth Analyzer, Grafana, Prometheus), and database backups and maintenance (MS SQL, MySQL). Virtualization and VPN: Proficient in Xen Server and Xen Centre, including VM creation, migration, backups, and automation scripts. Expertise in deploying and configuring SoftEther VPN server with AD authentication integration. Storage Solutions: Well-versed in both software and hardware-based Network Attached Storage (NAS) solutions, contributing to efficient data management. IAM: Identify access management like Keyclock, Octa, RABC, SAML, Oath, Oauth2 FinOps role: cost optimization and financial governance