About me

DevSecOps-focused Backend & Infrastructure Engineer with 4+ years of experience leading cloud-native systems. Expertise in managing infrastructure, Kubernetes orchestration, Docker security, CI/CD pipelines, and securing high-traffic platforms.

Proven in designing scalable microservices, implementing infrastructure as code, monitoring with Grafana/Prometheus, and ensuring security compliance. Currently leading infrastructure and cloud operations at Cansoft Technologies.

Passionate about shifting security left — integrating vulnerability scanning (Trivy), RBAC, Network Policies, Secrets Management, and WAF/TLS hardening into every layer of the delivery pipeline to build resilient, secure-by-default systems.

What I'm doing

  • Kubernetes Security

    Hardening K3s clusters with RBAC, Network Policies, Pod Security Standards, and vulnerability scanning using Trivy to eliminate attack surface.

  • CI/CD Pipeline Security

    Designing and implementing secure CI/CD pipelines with automated security scanning, container hardening, and zero-downtime deployments via GitHub Actions & Docker.

  • Observability & Alerting

    Building Prometheus + Grafana + Loki stacks for real-time metrics, structured logging, and proactive incident detection across distributed production workloads.

  • Infrastructure Hardening

    Managing PostgreSQL, MongoDB, Redis, and distributed systems with high availability — plus Linux administration, firewall configuration, WAF, and TLS/SSL lifecycle management.

Open Source

NesoHQ — Open Innovation Community2025 — Present
  • Implemented circuit breaker patterns and distributed caching in Dockerized microservices environments, improving service resilience and preventing cascading failures.
  • Contributed to cloud platform resilience and container health management across distributed infrastructure.
  • Actively participated in architectural design and performance optimization of high-performance backend systems.

Tech Stack

  • SecurityTrivy, RBAC, Network Policies, Secrets Mgmt, Firewall & WAF, TLS/SSL
  • ContainersKubernetes (K3s), Docker (hardening & scanning), Linux Administration
  • CI/CDGitHub Actions, Docker Pipelines, CI/CD Security, Automated Scanning
  • CloudAWS, GCP, DigitalOcean, Multi-environment Deployments
  • ObservabilityGrafana, Prometheus, Loki, Infrastructure Monitoring
  • BackendNode.js, Python, FastAPI, Django, Go, REST/GraphQL, Microservices
  • DatabasesPostgreSQL, MongoDB, Redis, Distributed Systems
  • ToolsInfrastructure as Code, Agile, Git, Jira, Team Leadership