I'm a DevOps & Cloud Infrastructure Engineer specializing in building, automating, and securing production-grade cloud environments. With deep expertise in Kubernetes orchestration, Azure cloud architecture, and CI/CD pipeline engineering, I design infrastructure that is resilient, scalable, and cost-optimized.

My engineering philosophy centers on infrastructure as code, zero-downtime deployments, and shift-left security — ensuring every system I build meets enterprise reliability standards from day one. I work across the full infrastructure lifecycle: from provisioning VMs and networking in Azure to deploying containerized applications with Helm, Nginx Ingress, and automated pipelines.

I thrive at the intersection of platform engineering and application delivery, bridging the gap between development teams and production environments with robust automation and observability.

⚙️ Enterprise Kubernetes Platform — Azure Private Cluster

Production-grade Kubernetes infrastructure on Azure with private networking, Ingress-Nginx, MetalLB load balancing, and Fortinet VPN integration for secure hybrid connectivity.

Aspect	Details
Stack	+ Ingress-Nginx · MetalLB · Cert-Manager
Scale	Multi-node cluster with horizontal pod autoscaling
Networking	Private cluster · DNAT via Fortinet · site-to-site VPN to on-prem DC
Security	NSG-locked subnets · no public IPs · RBAC · TLS termination · webhook isolation
Automation	Helm-based deploys · automated cert rotation
Repository	Private — Enterprise Client Infrastructure

Designed and deployed a fully private Kubernetes cluster on Azure for an enterprise client, integrating with on-premises resources via Fortinet-managed VPN tunnels. Engineered selective public exposure for webhook endpoints while maintaining strict network isolation for all other workloads.

🏗️ Full-Stack Application Deployment — React + Spring Boot on Azure

End-to-end deployment infrastructure for a React frontend and Spring Boot backend connecting to an on-premises MSSQL database through Azure's hybrid networking stack.

Aspect	Details
Stack	· Ubuntu 24.04 LTS · Standard D4s v6
Networking	Private subnet 10.3.2.x · Fortinet site-to-site VPN (AZ-DC-FG-vnet)
Security	No public IP · SSH locked to Citrix static IP · 30-day backup · soft delete
Infra	protectedsubnet · static private IP · NSG ingress rules
Repository	Private — Client Deliverable

Built and documented the complete Azure infrastructure for a client-facing application, including VM provisioning, network security configuration, backup policies, and cross-site database connectivity through existing VPN infrastructure.

📦 Private Container Registry & Artifact Management

Nexus Repository-based private Docker registry with pull/push port separation, integrated into CI/CD pipelines for secure artifact management across environments.

Aspect	Details
Stack	+ Nexus Repository OSS
Scale	Centralized registry serving multiple deployment targets
Security	Pull port 6001 / push separated · internal network only · authenticated
Automation	Automated image builds and promotion via CI pipeline
Repository	Private — Internal Tooling

Configured and maintained a Nexus-based private container registry as the central artifact store for all containerized applications, with strict port-based access control and CI/CD integration.

Responsible for designing, deploying, and managing cloud infrastructure and CI/CD pipelines for client-facing enterprise applications on Azure. Collaborating with cross-functional teams including developers, network administrators, and client-side stakeholders to deliver production-ready infrastructure.

• Provisioned and hardened Azure VMs, VNets, subnets, and NSGs for multi-client environments
• Deployed and managed Kubernetes clusters with Helm, Ingress-Nginx, and MetalLB
• Engineered CI/CD pipelines for automated build, test, and deployment workflows
• Coordinated DNAT, Fortinet firewall rules, and VPN tunnel routing with network teams
• Infrastructure as Code for repeatable, auditable environment provisioning
• Managed Nexus Repository for private Docker image hosting and artifact lifecycle
• Implemented monitoring stacks, backup policies, and disaster recovery configs

Recognition	Details
Enterprise Infrastructure Delivery	Successfully delivered production Kubernetes infrastructure for enterprise clients on Azure
Technical Documentation Excellence	Authored comprehensive Azure infrastructure documents meeting client audit and compliance standards
Security-First Architecture	Designed zero-public-IP cloud environments with Fortinet VPN and NSG-based micro-segmentation
Pipeline Automation	Reduced deployment time with fully automated CI/CD pipelines from code commit to production

"Infrastructure is code. Reliability is culture. Automation is freedom."