Nishwa
DevOps Engineer
Phone: (xxx) xxx-xxxx | Email: abcd@gmail.com | LinkedIn: www.linkedin.com | Location: City,
State, Zip
SUMMARY
I am a Senior DevOps Engineer with 10+ years of experience across healthcare, finance, telecom, and
banking domains. I specialize in cloud platforms like AWS, Azure, and GCP, and build resilient CI/CD
pipelines using Jenkins, Azure DevOps, GitLab CI, and GitHub Actions. My expertise includes
Kubernetes, Docker, Helm, Terraform, Ansible, Vault, and Snyk. I implement monitoring with
Prometheus, Grafana, ELK, and Splunk, and automate deployments, security, and observability using
Python, Bash, and Shell scripting.
---------------------------------------------------------------------------------------------------------
----------------
Design and implement secure CI/CD pipelines using Jenkins, Azure DevOps, GitLab CI, and
GitHub Actions to ensure smooth integration and deployment across critical services.
Develop Infrastructure-as-Code templates with Terraform, CloudFormation, Ansible, and Pulumi
to automate provisioning and maintain configuration consistency across multi-cloud ecosystems.
Deploy and manage Kubernetes and OpenShift clusters using Helm charts and Docker
containers to support scalable and resilient microservices architecture.
Monitor system performance using Prometheus, Grafana, ELK Stack, Datadog, and Splunk to
enable real-time visibility and rapid incident response across production environments.
Enforce DevSecOps practices using Vault, IAM, Snyk, SSL, and CIS Benchmarks to secure
infrastructure and maintain compliance with HIPAA and financial regulations.
Migrated legacy financial and healthcare apps to containerized workloads in Azure and AWS,
enabling flexible scaling and reducing operational complexity.
Automated disaster recovery strategies using Lambda, Azure Functions, CLI scripts, and backup
vaults to ensure high availability of critical business systems.
Wrote Python, Bash, Groovy, and Shell scripts to automate testing, logging, secrets
management, and backup workflows, saving extensive manual hours.
Integrated monitoring alerts into ServiceNow and Jira workflows, creating auto-ticketing for
failures and driving faster triaging and issue resolution.
Deployed stateful Kubernetes services across AKS, EKS, and GKE with custom Helm charts and
RBAC configurations, enhancing service segmentation.
Built parameterized pipelines to support multiple deployment environments and integrated code
scans and policy checks using Snyk and Vault.
Hardened cloud environments by applying CIS Benchmarks and auditing access policies in Azure
IAM, AWS IAM, and GCP IAM for secure operations.
Configured NGINX, Azure Application Gateway, and Kubernetes Ingress Controllers to load
balance traffic and secure entry points in banking APIs.
Implemented GitOps workflows using GitHub Actions and Bitbucket pipelines to drive declarative
deployments and minimize drift.
Provisioned Azure and GCP networking, IAM, and storage resources with reusable Terraform
modules to support consistent cloud adoption patterns.
Set up ELK and Splunk integrations for microservices logs and user behavior tracing across
customer-facing portals in healthcare and finance.
Supported team knowledge transfer by documenting CI/CD pipelines, IaC modules, runbooks,
and SOPs using Confluence and Git-based wikis.
TECHNICAL SKILLS
Cloud Platforms: AWS (EC2, EKS, Lambda), Azure (AKS, Functions), GCP (GKE, Cloud Build)
CI/CD Tools: Jenkins, GitHub Actions, GitLab CI, Azure DevOps, Bamboo
IaC & Config Tools: Terraform, Pulumi, Ansible, CloudFormation, ARM Templates
Containerization & Orchestration: Docker, Kubernetes, Helm, OpenShift
Monitoring & Logging: Prometheus, Grafana, ELK Stack, Splunk, Datadog, CloudWatch
Scripting Languages: Python, Bash, Shell, Groovy
Security & Compliance: Vault, IAM, SSL, Snyk, CIS Benchmarks, Azure Defender
Version Control Systems: Git, Bitbucket, Azure Repos, SVN
Ticketing & Collaboration: Jira, ServiceNow, Confluence
Networking & DevOps Tools: NGINX, Application Gateway, RBAC, Azure Monitor, Log
Analytics
� EDUCATION
Bachelors in Computer Science,
WORK EXPERIENCE
Target
Senior DevOps Engineer Aug
2023 – Present
CloudOps Modernization: I led the healthcare infrastructure modernization initiative by implementing
scalable DevOps pipelines and containerized microservices across hybrid cloud platforms like AWS and
Azure. I architected multi-stage CI/CD pipelines using Jenkins, GitHub Actions, GitLab CI, and Azure
DevOps. Infrastructure provisioning was fully automated using Terraform, CloudFormation, Pulumi, and
Ansible. I streamlined Kubernetes and OpenShift deployments with Helm charts and Docker image
registries. Monitoring was enforced via Prometheus, Grafana, ELK Stack, Datadog, and Splunk. Security
compliance with Vault, IAM, CIS Benchmarks, SSL, and Snyk was enforced. I maintained robust Git-
based workflows and integrated Jira and ServiceNow for release governance, incident tracking, and
change automation.
---------------------------------------------------------------------------------------------------------
----------------
Built scalable CI/CD pipelines using Jenkins, GitHub Actions, and GitLab CI to streamline code
integration and enable faster testing and deployments across cloud-native and hybrid
infrastructures.
Automated multi-cloud provisioning using Terraform, CloudFormation, and Pulumi to improve
infrastructure consistency and reduce manual configuration drift in healthcare-critical systems.
Developed Kubernetes-native Helm charts for microservices to standardize deployment
workflows and reduce operational overhead in managing multi-tenant environments.
Configured Prometheus and Grafana dashboards with alert rules to ensure real-time monitoring
of containerized workloads and minimize downtime in patient-facing systems.
Enforced secure authentication with Vault, IAM policies, and CIS Benchmarks to harden
infrastructure and protect sensitive healthcare data against compliance risks.
Created declarative Infrastructure-as-Code templates using Ansible for zero-touch provisioning,
ensuring faster rollouts across Azure and AWS environments.
Migrated legacy applications to Docker-based container stacks with OpenShift integration to
increase portability, scalability, and reduce vendor lock-in.
Streamlined application telemetry by implementing centralized ELK stack and Splunk logging
pipelines for real-time observability and RCA in incident scenarios.
Deployed environment-specific pipelines through Azure DevOps, improving environment parity
across dev, staging, and production systems for healthcare release governance.
Used Bash and Python to script automation around image scanning, log rotation, and package
deployments to minimize repetitive operational effort.
Integrated Snyk and Vault with Git-based CI workflows to perform early-stage vulnerability
detection and secrets scanning in pipeline triggers.
Built distributed monitoring using Datadog integrations with Kubernetes nodes to ensure
dynamic resource allocation for critical health data pipelines.
Designed Git branching models in Bitbucket and GitHub to enforce controlled pull request
practices and enhance code review accountability.
Built incident workflows with ServiceNow APIs to auto-create tickets from alerts, enabling real-
time triaging during release or production incidents.
Introduced container hardening practices through Dockerfile linting and AquaSec audits to
ensure minimal CVEs across healthcare compliance environments.
Automated backup and DR workflows using AWS Lambda, Azure Functions, and Cron Shell
Scripts for policy-based scheduling and HA zone replication.
Configured load balancing and ingress rules with NGINX and Azure Application Gateway to
improve traffic control and multi-region resiliency.
Implemented secrets rotation scripts using Python and Vault APIs to enforce dynamic secrets
management across Redis, MongoDB, and RDS clusters.
Optimized pipeline parallelism using Groovy for Jenkinsfiles and YAML workflows for GitHub
Actions to reduce build times and increase throughput.
Secured service mesh communications with mutual TLS (mTLS) configurations using Linkerd and
Istio for encrypted service-to-service traffic in patient systems.
Validated production health with smoke tests using PyTest and shell scripts post-deploy,
triggering rollback in case of SLA breaches.
Integrated Jira with GitOps workflows to auto-close release tickets and enforce audit trail
compliance across all change deployments.
�Environments: AWS (EC2, EKS, S3, Lambda), Azure (AKS, ADO, Key Vault), Jenkins 2.x, GitHub Actions,
GitLab CI 15.x, Terraform 1.5+, CloudFormation, Ansible 2.10+, Pulumi, Docker 24.x, Kubernetes 1.29,
Helm 3.x, OpenShift 4.x, Prometheus 2.x, Grafana 10.x, ELK Stack 8.x, Datadog, Splunk, Python 3.11,
Bash 5.x, Groovy, Git 2.40, Bitbucket, Jira, ServiceNow, Vault 1.14, Snyk, SSL, CIS Benchmarks
State Of SC (DOH)
DevOps Engineer Mar 2021
– Aug 2023
Public Health DevOps: I drove critical modernization initiatives by automating infrastructure and
deployment pipelines across Azure and GCP cloud ecosystems. I developed secure, scalable CI/CD
pipelines using Jenkins, GitHub Actions, GitLab CI, and Azure DevOps to support HIPAA-compliant
healthcare applications. Infrastructure was provisioned with Terraform, Pulumi, Ansible, and
CloudFormation. I containerized services with Docker and deployed them using Kubernetes, Helm, and
OpenShift. Monitoring was handled through Prometheus, Grafana, ELK Stack, Datadog, and Splunk.
Security automation included Vault, IAM, Snyk, CIS Benchmarks, and SSL hardening. Code and
operations governance was maintained using Git, Bitbucket, Jira, and ServiceNow.
---------------------------------------------------------------------------------------------------------
----------------
Built CI/CD pipelines across Azure DevOps, GitLab CI, and Jenkins to automate build-test-release
cycles for HIPAA-compliant government health applications across distributed cloud
environments.
Deployed infrastructure using Terraform, CloudFormation, Pulumi, and Ansible to ensure
reproducibility, compliance, and reduced manual provisioning on GCP and Azure.
Containerized monolithic applications using Docker and migrated workloads to Kubernetes with
Helm charts to improve scalability, resiliency, and fault tolerance.
Integrated centralized logging using ELK Stack and Splunk for distributed services to enable root
cause analysis and system-wide visibility across public health apps.
Established dashboards using Prometheus and Grafana for real-time monitoring, reducing
response time for incident remediation across critical public health systems.
Automated secrets management with HashiCorp Vault and implemented IAM roles, SSL
encryption, and CIS Benchmark guidelines to ensure data security and regulatory alignment.
Refactored legacy shell scripts into modular Python and Bash automation workflows to enhance
clarity, error handling, and reusability across deployment scripts.
Designed container orchestration using OpenShift and Kubernetes to maintain high availability
for web services delivering COVID-19 and Medicaid eligibility data.
Streamlined release processes by integrating Jira, ServiceNow, and Git-based workflows to
maintain audit trails, ticket traceability, and automated change control.
Implemented proactive vulnerability scanning using Snyk and Git pre-commit hooks to block
insecure code merges and improve shift-left security posture.
Designed scalable ingress and load balancing solutions using Azure Application Gateway and
Kubernetes NGINX controllers to distribute traffic for web portals.
Built reusable Helm templates for service mesh deployments, supporting dynamic routing and
canary releases across isolated network environments.
Established automated rollback triggers for failed deployments by integrating health probes and
PyTest-based smoke test verifications post-release.
Enabled multi-cloud deployments with hybrid connectivity by configuring VPC peering, Azure
VNets, and GCP Private Service Connect.
Used Python and Groovy to script CI tasks like image scanning, artifact signing, and container
metadata tagging within Jenkins and GitLab pipelines.
Designed GitOps workflows using GitHub Actions and Bitbucket to simplify cluster state
reconciliation and eliminate drift in deployment environments.
Managed infrastructure documentation and SOPs using Confluence, Markdown, and Git
repositories to improve onboarding and ensure process transparency.
Integrated ServiceNow APIs to auto-create incident tickets from Prometheus alerts and maintain
real-time observability for 24/7 managed services.
Created custom alert rules in Grafana and Datadog using query expressions and JSON exporters
to monitor patient portal latency and API availability.
Secured Kubernetes namespaces with RBAC policies, network segmentation, and pod security
standards aligned with NIST healthcare guidelines.
Conducted postmortems with ELK log correlation and Grafana metrics to identify bottlenecks
and eliminate repeat failure scenarios in release cycles.
Participated in compliance reviews by automating evidence collection around SSL expiry checks,
Vault token usage, and Terraform plan logs.
Environments: Azure (AKS, ADO, Key Vault, Functions), GCP (GKE, Cloud Build, Secret Manager),
Jenkins 2.x, GitHub Actions, GitLab CI 15.x, Terraform 1.3+, Pulumi, Ansible 2.9+, CloudFormation,
�Docker 23.x, Kubernetes 1.25+, Helm 3.x, OpenShift 4.x, Prometheus 2.x, Grafana 9.x, ELK Stack 7.x,
Splunk, Datadog, Python 3.10, Bash 5.x, Groovy, Shell, Git 2.35, Bitbucket, Jira, ServiceNow, Vault 1.12,
Snyk, CIS Benchmarks, SSL, IAM
City Bank
Cloud Engineer Sept 2019 –
Mar 2021
Azure Cloud Automation: I worked as a Cloud Engineer to design and automate enterprise-scale
infrastructure across Azure cloud services. I built and maintained CI/CD pipelines using Azure DevOps,
GitLab CI, and Jenkins for financial applications. Infrastructure provisioning was handled with Terraform,
Ansible, and ARM templates. I deployed containerized applications via Docker and Kubernetes, and
configured Helm for managing microservices. Monitoring was enforced using Azure Monitor, Grafana,
and ELK Stack. I secured the environment using Azure Key Vault, IAM, Snyk, SSL policies, and CIS
Benchmarks. I streamlined release cycles and operational workflows using Git, Jira, and ServiceNow,
ensuring compliance and governance in banking operations.
---------------------------------------------------------------------------------------------------------
----------------
Automated Azure infrastructure deployments using Terraform and ARM templates to reduce
manual provisioning and standardize cloud configurations across financial applications.
Developed CI/CD pipelines using Azure DevOps and GitLab CI to automate build, test, and
deployment workflows for mission-critical banking microservices.
Containerized .NET and Java applications using Docker and deployed to Kubernetes clusters to
ensure high availability, fault tolerance, and cost-efficient scaling.
Integrated Azure Monitor and ELK Stack for system diagnostics, enabling visibility into latency,
API errors, and service uptime across multiple banking environments.
Configured Azure Key Vault for managing application secrets and credentials to maintain
security posture and meet internal risk and compliance guidelines.
Implemented Git branching strategies for version control and automated pull request validation
using pre-merge pipelines and Azure Repos policies.
Wrote Ansible playbooks to configure virtual machines, install middleware, and automate
repetitive tasks to reduce human error in manual setups.
Used Helm charts for consistent deployment of Kubernetes workloads and service discovery
across dev, QA, and production environments.
Enabled Snyk integration with Azure DevOps pipelines to scan open-source libraries and detect
vulnerabilities before code promotion.
Orchestrated post-deployment smoke tests using Python and PyTest to validate service uptime
and rollback in the event of critical failure.
Created role-based access policies (RBAC) using Azure IAM for granular control of resources and
compliance with least privilege principles.
Monitored application performance and network traffic with Grafana dashboards and Azure Log
Analytics to identify bottlenecks in transaction systems.
Designed backup and disaster recovery workflows using Azure Backup and Recovery Services
Vault to ensure financial data durability and business continuity.
Automated SSL certificate rotation and renewal using Bash and Azure CLI scripts to maintain
secure communications across internal APIs and external endpoints.
Configured Azure Policy and Blueprints for regulatory compliance enforcement across financial
infrastructure footprints and auditing requirements.
Conducted cost analysis and resource right-sizing via Azure Cost Management and Advisor to
optimize cloud expenditure and avoid budget overruns.
Enabled service health alerts using Azure Alerts and Log Analytics queries to proactively respond
to system anomalies before customer impact.
Designed firewall and network security groups to isolate workloads and enforce zero trust
architecture across sensitive payment processing zones.
Participated in infrastructure readiness audits by providing documentation for Terraform plans,
RBAC roles, CI/CD logs, and patching policies.
Enhanced cloud security posture using Microsoft Defender for Cloud by integrating threat
detection, security recommendations, and automated remediation.
Coordinated with cross-functional teams using Jira and ServiceNow to manage release cycles,
change requests, incident tracking, and root cause analysis.
Built DevSecOps workflows with GitHub integration to validate container images, infrastructure
code, and cloud resource configurations in pre-prod pipelines.
Environments: Azure (AKS, Azure DevOps, Functions, Key Vault, Monitor, Backup, App Gateway),
Jenkins 2.x, GitLab CI 14.x, Terraform 0.14+, Ansible 2.9+, ARM Templates, Docker 20.x, Kubernetes
1.20, Helm 3.x, ELK Stack 7.x, Grafana 7.x, Azure Monitor, Azure Log Analytics, Python 3.8, Bash 5.x,
Git 2.29, Azure Repos, Jira, ServiceNow, Snyk, SSL, IAM, CIS Benchmarks
�Charter Communications
DevOps Cloud Engineer Jan 2018
– Sept 2019
Azure CI Automation: I led cloud infrastructure automation and CI/CD pipeline implementation efforts
across enterprise-grade telecom systems. I worked primarily on Azure, designing resilient deployments
using Azure DevOps, Jenkins, and GitLab CI. Infrastructure was managed with Terraform, ARM
templates, and Ansible. I deployed Docker containers to Kubernetes clusters, orchestrated via Helm.
Real-time monitoring was established using ELK Stack, Azure Monitor, and Grafana. I implemented
secure DevSecOps practices using Azure Key Vault, IAM, SSL, and CIS Benchmarks. Configuration
control and operations traceability were enforced through Git, Bitbucket, Jira, and ServiceNow. The
project modernized legacy environments and enhanced deployment velocity.
---------------------------------------------------------------------------------------------------------
----------------
Developed Azure DevOps pipelines for continuous integration and delivery to reduce manual
release overhead across telecom configuration systems.
Automated infrastructure provisioning using Terraform, ARM templates, and Ansible to enforce
consistency and reproducibility in cloud resources.
Containerized existing .NET workloads using Docker and orchestrated them via Kubernetes for
scalability and deployment automation.
Implemented Helm-based deployments for stateful microservices across multiple Azure
Kubernetes Service (AKS) clusters.
Configured Azure Monitor and Log Analytics with custom metrics to track container health, API
performance, and system anomalies.
Designed Git-based branching strategies using Bitbucket and Azure Repos to manage release
control and maintain clean audit trails.
Secured service accounts and application secrets using Azure Key Vault and role-based access
control (RBAC) models.
Built automated rollback mechanisms into CI/CD flows using health checks and PyTest scripts to
catch regressions in pre-production.
Developed custom Bash and Python scripts to orchestrate patching, cleanup, and file operations
in automated jobs.
Set up alerting workflows with Grafana, ELK, and Azure Alerts to provide early warnings for
service degradation.
Integrated Snyk into DevOps workflows for automated vulnerability scanning of container
images and third-party libraries.
Collaborated with network engineers to configure Azure Application Gateway and NSGs for
secure service communication and ingress routing.
Managed configuration drift detection using Terraform plan audits and Azure Resource Graph to
maintain policy compliance.
Enabled DevSecOps by integrating SSL, IAM, and CIS Benchmark policies across all pipeline
stages for infrastructure hardening.
Documented SOPs and pipeline configurations using Markdown in Git repositories for team
enablement and handoff consistency.
Established automated change control by linking Git commits with Jira tickets and ServiceNow
tasks for traceable releases.
Streamlined environment provisioning using parameterized Terraform modules and YAML-based
deployment templates.
Participated in DR drills by scripting VM snapshots, resource backups, and service redeployment
routines using Azure CLI.
Used Azure Blueprints and Policy to enforce governance across production and staging
subscriptions.
Managed distributed logging with ELK Stack to capture microservice logs and enhance
observability for telecom order workflows.
Conducted security reviews with logs from Azure Defender, endpoint monitoring tools, and
access analytics.
Performed RCA and capacity analysis using performance graphs in Grafana and Log Analytics for
recurring customer-facing issues.
Environments: Azure (AKS, Azure DevOps, Key Vault, App Gateway, Log Analytics), Jenkins 2.x, GitLab
CI 13.x, Terraform 0.12+, Ansible 2.7+, ARM Templates, Docker 19.x, Kubernetes 1.17+, Helm 2.x, ELK
Stack 6.x, Azure Monitor, Grafana 6.x, Python 3.6, Bash 4.x, Git 2.20, Bitbucket, Jira, ServiceNow, Snyk,
IAM, SSL, CIS Benchmarks
ICICI Bank
�Junior DevOps Engineer Jun
2015 – Dec 2017
AWS DevOps Foundation: I supported cloud-native transformation projects as a Junior DevOps
Engineer with a primary focus on AWS-based deployment automation and infrastructure
standardization. I assisted in building CI/CD pipelines using Jenkins and Bamboo, handled infrastructure
provisioning through CloudFormation and Ansible, and maintained EC2-hosted applications with Docker
containerization. I contributed to Kubernetes workload deployments and monitored application
performance via CloudWatch, ELK Stack, and Nagios. I used Bash and Python scripting for automating
manual tasks and integrated IAM, SSL, and CIS Benchmark guidelines for enhanced security
compliance. Code versioning and issue tracking were performed using Git, SVN, Jira, and ServiceNow.
---------------------------------------------------------------------------------------------------------
----------------
Assisted in building CI/CD pipelines using Jenkins and Bamboo to streamline application
deployments for retail banking services.
Deployed infrastructure using AWS CloudFormation and Ansible to automate EC2 provisioning
and maintain consistent environments.
Supported containerization initiatives using Docker for packaging microservices, reducing
environment drift during deployments.
Participated in Kubernetes cluster setup and managed basic pod deployments to aid scaling and
HA capabilities for digital banking portals.
Monitored infrastructure health with CloudWatch alarms and ELK Stack to improve visibility and
proactive incident detection.
Scripted administrative tasks using Bash and Python to automate log rotation, service checks,
and configuration file updates.
Configured IAM roles and policies to enforce least-privilege access across developers, testers,
and DevOps teams.
Maintained Git repositories with proper branching strategy and pull request validations to
support clean code integrations.
Configured SSL certificates and updated web servers to ensure secure communications in
customer-facing web applications.
Used Nagios to set up basic host monitoring and email alerting for critical services and backend
APIs.
Troubleshot build failures in Jenkins and resolved plugin and dependency issues to reduce
deployment downtime.
Contributed to writing Ansible playbooks for middleware installation and service restarts across
environments.
Updated AWS EC2 security groups, VPC rules, and Route 53 DNS mappings for internal and
external services.
Participated in cost optimization efforts by identifying idle EC2 instances and underutilized
volumes using AWS Trusted Advisor.
Maintained changelogs and deployment documentation using Confluence and internal wikis to
track environment history.
Integrated Jira with Git to manage user stories, sprint deliverables, and automate branch
creation for new features.
Used ServiceNow for incident management and change request documentation as part of
DevOps compliance workflows.
Supported Lambda-based automation for log archival, file transfers, and backup snapshot
creation on S3 buckets.
Followed CIS Benchmark guidelines to audit EC2 configurations and assist with periodic internal
security reviews.
Coordinated with QA teams to automate pre-deployment smoke tests using Python scripts and
basic Selenium checks.
Helped configure AWS CloudTrail to track user activity and support internal audit processes
across AWS accounts.
Reviewed IAM access logs and helped design access controls based on user roles and
application criticality.
Environments: AWS (EC2, S3, Lambda, CloudFormation, CloudWatch, CloudTrail, IAM), Jenkins 1.x,
Bamboo, Ansible 2.4, Docker 17.x, Kubernetes 1.6+, ELK Stack 5.x, Nagios, Python 2.7/3.x, Bash 4.x,
Git 2.10, SVN, Jira, ServiceNow, SSL, CIS Benchmarks
