DevOps Engineer with 1.5+ years of production experience designing secure CI/CD pipelines and highly available AWS cloud infrastructure for containerized workloads.
I specialize in shift-left DevSecOps β embedding automated security gates into every stage of the delivery pipeline so vulnerabilities are caught at build time, not after deployment. My pipelines have achieved zero vulnerable artifact promotions to production across all environments I've managed.
- Current focus: Kubernetes orchestration, Terraform IaC, GitOps with Argo CD, and cloud-native DevSecOps
- Open to: Full-time DevOps / Cloud Infrastructure roles
- Location: Bihar, India Β· Remote/On-site-ready
| Metric | Result |
|---|---|
| π Release frequency improvement | 3Γ faster production releases |
| β±οΈ Deployment time reduction | 35% faster average deploy |
| π Vulnerable artifacts reaching production | Zero (6 automated security gates) |
| βοΈ Infrastructure provisioning speed | 70% faster via modular Terraform |
| π Release downtime (Kubernetes rollout) | 80% reduction |
| π₯οΈ Server config management | 20+ Linux servers, zero drift |
| π Incident detection (MTTD) | 40% lower with CloudWatch + SNS |
| β¬οΈ Infrastructure availability | ~99.9% uptime maintained |
Cloud
Infrastructure as Code
CI/CD & GitOps
Containers & Orchestration
DevSecOps Tooling
Monitoring & Observability
OS & Scripting
Shift-left security pipeline with 100% scan coverage per commit and zero unscanned artifacts reaching runtime.
- Consolidated 6 security tools (Bandit, Trivy, Gitleaks, Hadolint, pip-audit) into reusable multi-stage CI templates
- Built artifact promotion gates blocking vulnerable container images from reaching production
- Achieved 40% reduction in pipeline maintenance overhead through standardized, reusable templates
- Fully auditable delivery trail with no manual intervention required at any stage
** 8-workflow parallel pipeline β all security gates must pass before artifact promotion **
Production-grade, 3-tier AWS stack across 2 availability zones built with Terraform.
- Architected scalability, traffic routing, and network isolation patterns for enterprise-level reliability
- Achieved 70% faster provisioning through modular Terraform vs manual setup β with reusable team templates
- Enforced private subnet workload placement with ALB-controlled ingress and encrypted S3 lifecycle policies
- Validated zero-downtime failover between both AZs via live load testing
End-to-end DevSecOps pipeline for a containerized microservices architecture with Docker Compose.
- Achieved 60% Docker image size reduction through multi-stage builds and distroless base images
- Integrated Trivy, Hadolint, and Gitleaks scanning at every pipeline stage β zero security defect escapes
- Designed service mesh networking with isolated bridge networks enforcing least-privilege inter-service communication
- Validated zero data loss during container restarts via named volume persistence strategies
π Advanced Cloud & DevOps Program β Intellipaat Γ IIT Roorkee (2025)
π Automation Hero β Recognized among 500+ participants in the #90DaysOfDevOps challenge (TrainWithShubham) for high-impact pipeline automation work shared across the cohort
βοΈ Technical author β 10+ hands-on DevOps engineering tutorials on Hashnode covering container internals, CI/CD design, and AWS infrastructure patterns β read by engineers across multiple countries
π See real feedback from the community:
π https://community.trainwithshubham.com/heroes
πhttps://tih.iitr.ac.in/certificate/intellipaat/IPTIH26030271.jpg
Open to DevOps / Cloud Infrastructure / Platform Engineering roles
