Reduced GCP networking costs by $1,655/month on an Education App by diagnosing Tel Aviv anycast misrouting and migrating to Bunny CDN with a validated staging cutover.

Architected staging and production environments on GCP using Cloud Armor (WAF), Google Cloud Load Balancer, and Managed Instance Groups for autoscaling and high availability.

Managed AWS environments (EC2, EKS, S3, RDS, SQS, Lambda) including stateful Kubernetes workloads with persistent volume claims and StatefulSets.

Built multi-stage GitHub Actions CI/CD pipelines (dev → staging → prod) using IAP tunnels for secure deployment to private VPC resources.

Deployed a self-hosted LLM inference stack (Ollama + Docker Compose, NVIDIA L4) with a systemd idle-monitor to auto-shutdown GPU VMs after 15 minutes of inactivity, reducing idle compute to near zero.

Deployed Python scripts as Cloud Run scheduled jobs for cron-like automation tasks.

Built and operated a hybrid observability stack: self-hosted Prometheus + Grafana + Loki on GCP with Slack alerting, alongside Datadog APM for application performance and ServiceNow integration for ITSM workflows.

Authored and maintained modular Terraform configurations for reproducible infrastructure provisioning across AWS and GCP environments.

Ensured compliance with SOC 2 and HIPAA through access control audits, encryption enforcement, secrets management, and policy reviews; implemented resource tagging strategies for cost attribution and FinOps governance.

Maintained high availability and reliability of production Linux-based systems (Apollo, JBoss) across 24/7 operations in collaboration with cross-functional ops teams.

Designed, deployed, and managed Kubernetes (EKS) clusters for stateful and stateless workloads; provisioned infrastructure using Terraform for reproducible, modular IaC deployments.

Built and maintained Prometheus and Grafana observability stack — authored custom alerting rules, runbooks, and dashboards — reducing incident response time by 25% via structured escalation.

Managed PostgreSQL and MySQL databases on RDS/Aurora including backup strategies, performance tuning, high-availability configuration, and disaster recovery planning.

Designed and implemented 3-tier AWS architecture using VPC, public/private subnets, NAT gateways, and security group chaining following CIS benchmark hardening guidelines.

Leveraged Datadog for infrastructure monitoring and APM; integrated ServiceNow for ITSM ticket management and incident lifecycle tracking.

Applied FinOps principles with cloud resource tagging policies to monitor and govern cloud spend across AWS environments.

Developed and maintained CI/CD pipelines in Jenkins and GitLab CI for production-grade SaaS environments, integrating SonarQube, OWASP Dependency Check, and Trivy into a full DevSecOps workflow.

Architected scalable, high-availability cloud infrastructure using Docker, Kubernetes, and AWS, ensuring uptime and platform reliability for stateful services.

Automated infrastructure provisioning with Terraform, reducing deployment errors by 40% and enabling repeatable, modular IaC across environments.

Deployed and managed Prometheus and Grafana monitoring stacks; administered PostgreSQL databases with backup, recovery, and performance tuning procedures.

Enforced resource tagging, cost governance, and Linux OS hardening (via Ansible) across all managed infrastructure.