About

PROFESSIONAL SUMMARY Cloud DevOps Engineer with 8+ years of experience in designing, configuring, managing, deploying, automating, optimizing, supporting cloud infrastructure (AWS, Azure) to ensure scalability, security, high availability, system reliability, and operational efficiency. Skilled in Terraform, Kubernetes, CI/CD pipeline, GitOps, Monitoring, and DevSecOps best practices.

TECHNICAL SKILLS Cloud Platforms: AWS (EC2, S3, VPC, Lambda, RDS, IAM, EKS), Azure (VMs, AKS), OpenStack Containerization & Orchestration: Docker, Kubernetes, Helm, Kustomize CI/CD Tools: Jenkins, GitHub Actions, GitLab CI/CD, CircleCI, Argo CD, Vercel Infrastructure as Code (IaC) & Configuration: Terraform, Pulumi, AWS CloudFormation, AzureRM, Bicep, ARM Templates, Ansible Monitoring & Logging: Prometheus, Grafana, ELK Stack (Elasticsearch, Logstash, Kibana), Datadog, New Relic, Sentry Security & Compliance: Trivy, Aqua Security, Snyk, HashiCorp Vault, Open Policy Agent (OPA), Falco Databases & Services: SQL (MySQL, PostgreSQL), Apache, Tomcat, message queues (RabbitMQ, Kafka), virtualization (VMware, XEN, OpenStack) Programming & Scripting: Python, Shell Version Control & Collaboration: Git (GitHub, GitLab, Bitbucket), Jira, Confluence, Slack, Notion

EXPERIENCE

PNC Bank, Pittsburgh, PA, USA Senior DevOps Engineer (Contract) May 2024 – June 2025 • Modernized banking platform by designing a hybrid cloud microservices architecture on AWS EKS and Azure Kubernetes Service (AKS); built CI/CD pipelines using Jenkins, GitHub Actions and Azure DevOps with integrated security scans, cutting deployment time by 80 % and driving daily releases with less than 5% change failure rate. • Designed and maintained hybrid cloud infrastructure using Terraform, Azure Bicep, and AWS CloudFormation, automating deployments across AWS and Azure with secure and compliant IaC practices. • Updated and maintained scalable CI/CD pipelines using GitHub Actions, Jenkins, and ArgoCD for microservices deployed on EKS, AKS, and OpenShift clusters. • Reduced cloud costs by 30% using AWS Cost Explorer & Azure Cost Management with auto-scaling, rightsizing, and budget alerts. • Secured existing pipelines by integrating DevSecOps practices (Trivy, Aqua, Vault, Azure Key Vault, Policy-as-Code), cutting critical vulnerabilities by 40%. • Implemented GitOps workflows for Kubernetes using Helm, Kustomize, and maintain Secrets, ensuring consistent and auditable deployments across Dev, QA and Prod environments. • Provided hands-on mentorship in Terraform, Helm, and Vault across AWS and Azure environments, boosting deployment velocity and security posture for 3+ application teams. Environments: AWS, Azure, EKS, AKS, OpenShift, Terraform, AWS CloudFormation, Azure Bicep, Helm, Kustomize, Vault, Jenkins, GitHub Actions, Azure DevOps, Argo CD, Docker, Kubernetes, Helm, Kustomize, Trivy, Aqua Security, HashiCorp Vault, Azure Key Vault, Prometheus, Grafana, OpenTelemetry, AWS CloudWatch, Azure Monitor, Git (GitHub, GitLab), Jira, Confluence, Slack.

Decision Trust, Kathmandu, Nepal Senior DevOps Engineer Oct 2020 – Nov 2022 • Designed infrastructure in AWS using Docker, Kubernetes, Helm and Terraform; built multi region routing and load balancing to deliver 99 % availability as transaction volume doubled. • Designed GitOps workflow using Argo CD for multi-tenant Kubernetes clusters with Helm, enabling zero-downtime blue/green and canary releases across dev, QA, and prod. • Automated release workflows by creating Jenkins CI/CD pipelines with Argo CD, feature flags and canary deployments to shift from weekly to daily releases and reducing lead time for changes to less than 8 hours with change failure rate less than 8%. • Migrated legacy shell-scripted pipelines to fully declarative GitLab CI templates with dynamic configuration; reduced pipeline maintenance by 40% and standardized DevOps practices across 12+ teams. • Integrated Snyk, SonarQube, and GitLab Code Quality scans into CI workflows; reduced codebase security violations by 60% within three quarters. • Wrote Python scripts using Boto3 to start, stop EC2 instances based on CloudWatch schedules or cost optimization rules and created IAM role auditing to scan IAM roles & policies across accounts, identify over-permissive privileges, and auto-generate remediation suggestions in JSON improving security compliance. • Mentored and developed talent through onboarding guides, weekly knowledge sessions and blameless post mortems; increased team productivity by 30 %, reduced on call escalations by 20 % and developed junior engineers into independent DevOps contributors. Environments: AWS, Docker, Kubernetes, Helm, Load Balancer, GitOps, ArgoCD, CICD, GitLab CI, Snyk, SonarQube, Python, Boto3, EC2, CloudWatch, IAM roles and Policies, JSON.

NTC, Kathmandu, Nepal AWS Cloud Engineer Jan 2018 – Sept 2020 • Migrated telecom services to AWS, designing multi AZ VPCs with auto scaling groups, load balancers and RDS; achieved 99.9 % uptime, reduced latency by 40 % and supported 500 K+ concurrent users during peak traffic. • Designed and implemented VPC peering, transit gateway, and private endpoints across AWS accounts for secure inter-service communication, eliminating data risks and improving latency by 25%. • Automated AMI creation, lifecycle policies using EC2 Image Builder and AWS Systems Manager; reduced OS-level patching errors by 50% across Dev, Staging, Production environments. • Created custom CloudWatch dashboards and anomaly detection for critical services; detected 2+ major outages in advance and reduced downtime impact by over 60%. • Automated infrastructure provisioning by developing CloudFormation and later Terraform templates and using Ansible for configuration; slashed setup time by 70 % and reduced provisioning errors by 80 %. • Led IAM roles, permissions refactor initiative, introducing least-privilege policies and automated access reviews with AWS Access Analyzer; improved compliance posture and passed internal security audits with zero findings. • Built CI/CD pipelines on Jenkins with integrated testing, code quality checks and blue/green deployments; increased release cadence from monthly to weekly and cut change lead time from days to hours while keeping failure rate under 10 %. • Strengthened security & compliance by implementing IAM policies, VPC security controls, AWS Config and CloudTrail auditing, enabling ISO 27001 compliance and cutting security incidents by 30 %. • Developed backup and versioning strategy for S3 buckets handling customer records and logs; enforced lifecycle rules and encryption at rest with KMS, achieving 40% data retention policies within 6 Months. • Organized weekly “DevOps” sessions to improve tooling adoption, address pain points, and share lessons learned leading to a 20% reduction in support tickets over 6 months. Environments: AWS, VPC, Auto Scaling, RDS, AMI, CloudWatch, Terraform, IAM, Jenkins, VPC security, AWS Config, CloudTrail, S3 bucket, KMS, DevOps.

Mercantile, Kathmandu, Nepal Linux/Cloud Engineer July 2015 – Dec 2017 • Maintained and patched 100+ RHEL/CentOS servers for enterprise web, DNS, mail, and application services; reduced critical downtime by 20% via scheduled maintenance and automation scripts. • Automated repetitive system admin tasks using Bash scripts and cron jobs (log rotation, disk cleanup, backups), saving 10+ hours/week in manual effort. • Assisted in migrating legacy services to VMware-based private cloud and later introduced OpenStack for internal IaaS; improved infrastructure scalability and server provisioning speed by 3 times. • Deployed and configured monitoring tools (Nagios, Zabbix) and centralized syslog servers to track system health and performance; enabled faster detection and triage of critical issues. • Supported network configurations (DNS, DHCP, firewalls, VLAN tagging) and helped enforce basic security hardening across internal servers (fail2ban, iptables, and SELinux policies). • Gained foundational skills in version control, containerization, and cloud operations by experimenting with Git, Docker, and AWS EC2 in test lab environments. • Collaborated with senior DevOps teams on setting up basic CI tasks via Jenkins and scripting deployment steps for test environments laying groundwork for future Cloud DevOps responsibilities. Environments: RHEL/CentOS, Server, Web, DNS, Bash, Shell Scripting, VMware, OpenStack, DHCP, Firewall, VLAN, Git & GitHub, Docker, Jenkins, Ansible, CI.

EDUCATION Westcliff University Irvine, CA, USA Master of Science, Information Technology (Cloud Computing), GPA 3.86 / 4 Feb 2023 –June 2025 Capstone Project: “PNC Bank's Digital Transformation: Hybrid Cloud DevSecOps Banking Infrastructure” Big Data Analytics and Visualization, Business Architecture and Organizational Transformation, Information Technology Project Management, Leading Strategic Change with Technology, Virtualization and Storage, APIs and scripting, AWS and Azure, cloud security and Disaster Recovery, and Strategic cloud implementation. Pokhara University Kathmandu, Nepal Bachelor of Electronics & Communication Engineering, GPA 3.34 / 4 Aug 2010 – Dec 2014 Relevant Coursework: C, C++, Database, Operating Systems, Computer Network, Computer Architecture, MatLab, Discrete Math, Logic circuits, Graphics Designing, Web Technology, OSI Models, TCP/IP.