Senior DevOps, Cloud and Security Engineer with 17+ years of experience, including 11+ years in AWS and Kubernetes. Experienced in building scalable, secure and compliant cloud platforms — from infrastructure automation and CI/CD pipelines to cost optimisation and SRE practices.
Currently working as Senior System Engineer / SRE Lead at NAGRA in Madrid, Spain, where I own release readiness, platform reliability, and observability across multiple production environments.
- Strong hands-on expertise in AWS EKS, EC2, IAM, VPC, Lambda, S3, OpenSearch
- Deep experience in Terraform, Ansible, CloudFormation and Python for infrastructure automation
- Led Kubernetes architecture migrations (AMD to ARM), cluster standardisation and Helm-based deployments
- Skilled in setting up end-to-end monitoring with Prometheus, Grafana, CloudWatch and OpenSearch
- Worked across security and compliance frameworks including SOC2, HITRUST CSF, GuardDuty, WAF and KMS
Cloud & Platforms
AWS Security Services
Infrastructure as Code & Automation
Containers & Orchestration
CI/CD & Version Control
Monitoring & Observability
Security & Compliance
SRE Lead at NAGRA — Currently serving as SRE Lead, owning release readiness, lab environments and cross-team coordination to ensure high availability across multiple production releases.
Automated Helm Upgrade Solution — Designed and implemented an automated Helm upgrade workflow that removed manual steps and saved approximately 5 man-days per release cycle.
Kubernetes Architecture Migration — Led migration from AMD to ARM-based Kubernetes architecture, including cluster standardisation and Helm-based application management.
Prometheus Alerting Refactor — Rebuilt the Prometheus alerting system to be platform-agnostic, removing hardcoded thresholds and improving long-term scalability.
250+ Server Migration to CIS Level 2 — Migrated servers to CIS Level 2 compliant images using Ansible, directly supporting HITRUST certification with minimal downtime.
Full AWS Account Migration — Led end-to-end migration of 200+ EC2 instances, RDS, Jenkins, Bitbucket, JIRA, Confluence, Docker and DNS across AWS accounts.
Security Hardening — Implemented AWS Secrets Manager, IAM-based RDS access, automated patching via SSM and Session Manager-based access to reduce attack surface.
Observability Modernisation — Migrated from NGINX/ELK to ALB, Istio and OpenSearch, adding custom metrics and dashboards for deeper platform visibility.
Expanding into MLOps and data platform services on AWS — applying existing DevOps and infrastructure knowledge to machine learning workflows.
| Certification | Issuer |
|---|---|
| AWS Certified Solutions Architect – Associate | Amazon Web Services |
| VMware Certified Professional 5.0 | VMware |
| Red Hat Certified Engineer (RHCE) – Enterprise Linux 5.0 | Red Hat |
Bachelor of Technology — Computer Science Engineering Biju Patnaik University of Technology (BPUT), Odisha, India — 2006
"Building resilient infrastructure, one automation at a time."