Nitin Goura
Sr DevOps Architect| AWS & Azure Certified | 11+ Year Experience
Cell: - | Email:-| India
Kubernetes DevOps Architect with 11+ years of hands-on experience in architecting/automating and optimizing critical
CI/CD flow over a large infrastructure. Led teams of 5-15 people across technology and business. Proven ability to solve
complex problems with limited resources, on-time, and within budget.
CERTIFICATIONS
●
●
●
AWS Cloud Practitioner.
Microsoft Certified: Azure Solutions Architect Expert
Red Hat Certified Engineer.
KEY SKILLS AND EXPERIENCE
Cloud Providers
AWS, Azure, GCP, Rackspace and Digital Ocean.
IaC
Terragrunt, Terraform, CloudFormation, Azure ARM.
Orchestration
Kubernetes, Istio, Helm Charts, AWS ECS (Fargate)
Languages
Python, Groovy, Shell scripting, C#, and PowerShell.
Version Control
Subversion, Code Commit, Azure Repo and Git.
Automation/Build
CircleCI, Jenkins, Ansible, ECR, Rundeck, Nexus, Azure Pipeline, AWS Code deploy, Azure
function, Azure Devops and Jfrog.
App/Web Servers
Tomcat, Apache, IIS, Nginx, AWS ELB, API Gateway, CloudFlare, and CloudFront.
Databases
AWS RDS, MySQL, MongoDB, SQL, Couchbase and DynamoDB.
Platforms
Linux and Windows.
Compliance Audits
PCI, HIPAA, and SOC2
Security Tools
SonarQube, AlienVault, OSSEC, Nessus, AWS GuardDuty, AWS Inspector, and Qualys.
Monitoring Tools
Datadog, Splunk, CloudWatch, Site24*7, NewRelic, Pagerduty OpsGenie, and Nagios.
PROFESSIONAL EXPERIENCE
JobNimbus, Remote (Nov 2020 – May 2022)
Senior DevOps Engineer
•
•
•
•
•
•
•
•
•
•
Designed and implemented a continuous build-test-deployment (CI/CD) system with multiple
component pipelines using Jenkins to support weekly releases and out-of-cycle releases based on
business needs.
Design new Infrastructure on AWS using Kubernetes, terragrunt, terraform, Jenkins, helm.
Kubernetes architecture: node, kubelet manages pods, their containers, images, volumes, network etc.
kube-proxy is a simple network proxy and load balancer responsible for reflecting services on the nodes.
Developed blue/green deployment strategy by creating new applications that are identical to the
existing production environment using terraform/K8 templates & AWS code deploy to redirect traffic
from the old environment to the pristine environment.
Automation - Jenkins Multibranch approach + Jenkins Shared Library. Fully customized pipelines.
Designed and implemented CI/CD, scaling in/out of micro services, blue/green deployments using open
source tools such as K8S, Terraform, Jenkins, Ansible, Git workflow, etc
Major focus on Configuration, SCM, Build/Release Management, Infrastructure as a code (IAC)
Worked with Docker and Kubernetes Clusters to deploy microservices applications.
Implemented multi-layer application traffic flow using Istio service mesh across services running in
Kubernetes cluster.
Experience in creating Task definitions, which specifies the tasks, Resource allocation (Fargate), services
and docker image on which application is built for Elastic Container Service and ALB.
BiModal, Remote (July 2019 – Oct 2020)
DevOps Consultant
•
•
•
•
•
•
•
•
•
•
•
•
•
Design new Infrastructure on AWS/GCP/Azure using Kubernetes, terragrunt, terraform, Jenkins, helm.
Educate customers on the value proposition of AWS, and participate in deep architectural discussions
to ensure solutions are designed for successful deployment in the cloud.
Kubernetes architecture: node, kubelet manages pods, their containers, images, volumes, network etc.
kube-proxy is a simple network proxy and load balancer responsible for reflecting services on the nodes.
Enabled AWS Config to monitor cloud changes in company AWS accounts. Developed AWS Lambda to
monitor unencrypted volumes and untagged resources in all accounts.
Architected and created a highly scalable platform using Kubernetes as primary control panel and open
source tools like Istio, autoscaler, nginx etc.
Major focus on Configuration, SCM, Build/Release Management, Infrastructure as a code (IAC) and
as Azure DevOps operations Production and cross platform environments.
Worked with different Azure services (Azure App Service, Insights, Azure SQL, Azure Functions, Alerts &
monitors, Azure Storage Accounts).
Used Ansible playbooks to setup Continuous Delivery pipeline. This primarily consists of a Jenkins,
terraform the infrastructure to run these packages and various supporting software components such
as Maven, etc.
ARM templates writing, setup automation for resources provisioning (Azure PowerShell + Terraform).
Experience in assigning the azure services on locations specific to integrate with web-apps and keyvaults.
Deployed and designed pipelines through Azure data factory/Azure Data brick and debugged the
process for errors.
Delivered complex hybrid solutions using open-source frameworks based on APIs and web services.
Involved in the migration of multiple applications from physical data centre environments to AWS/GCP.
Created a cloud-based solution for CRM solution. Automating, provisioning and deployment, configuring
monitoring and logging systems.
•
•
•
•
•
•
Deployment - Jenkins pipelines written with Shared Library + Helm Charts.
Design and implemented ASP.Net monolithic application deployment/application automation on AWS
Worked with docker container for setting up pre-prod boxes for applications and other software tools.
Optimized AWS & Infra Tools Cost, which led to 60% reduction in billing. Constantly accessed cost to
improve ROI and Efficiency of system
Backups/Restoration, Disaster Recovery Automation.
Designed complete security operations for AWS infra to meet the objectives of security team.
§ Incorporated Security operations as a part of Compliant team.
§ PCI, HIPAA, GLBA, SOC2 Compliant Audit experienced.
§ OS vulnerability reporting and remediation with AWS Inspector and patching with SSM Patch
manager.
§ Web level vulnerability scan with OWASP ZAP
§ Securing AWS using AWS services like Guardduty, AWS inspector, AWS config rules, AWS
cloudtrail, AWS WAF, Enforcing MFA on sign in, IAM policy hardening, AWS Secrets Manager
§ Overall monitoring and alerting and auto-remediation of alerts for any drift in security
compliance
Basware India Pvt Ltd, Chandigarh (August 2017 - July 2019)
Senior DevOps Engineer
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Configured Amazon based Infrastructure and Rackspace based Infrastructure.
Worked with Kubernetes & Docker Container technologies.
Architect and configured secured multi-tenant system in cloud-based Infrastructure.
Worked with network, platform, engineering and development teams in architecture design and review
sessions.
Involved with Docker and Kubernetes on multiple cloud providers, from helping developers build and
containerize their application (CI/CD) to deploying either on public or private cloud.
Expertise in Python Serverless flask application.
Worked with Docker and Kubernetes Clusters to deploy microservices applications.
Implemented and managed Windows and Linux automatic monthly patching system using AWS System
manager and monitoring status on Splunk dashboard.
Implemented and managed the Application log handling process as part of the SOC2 security audit
requirement.
Managed monitoring system using (Splunk and Datadog).
Worked with Terraform and CloudFormation to automated Infra Orchestration.
Collaborated with different teams to develop, integrate various enterprise systems and applications.
Played a key role in migrating Rackspace Infrastructure to AWS based Infrastructure and Azure Cloud.
International Experience (Finland for 1 Week)- Successfully delivered the project related to
microservices and Jenkins automation Pipelines. Demanded to automate the Java-based microservices
using Docker to deliver packages to AWS (EKS) for Ad-hoc Unit Test execution. Technologies utilized in
this project were Jenkins, Terraform, Ansible, Docker, Amazon EKS (and all related services), Linux
platform.
Finxera India Pvt Ltd, Chandigarh (July 2013 - August 2017)
Senior DevOps Engineer
•
Operated and managed Amazon based Infrastructure.
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
•
Operated and managed the infrastructure for PCI, HIPAA, GLBA, and SOC2 Compliant environments.
Implemented and managed ELK stack and AlienVault for centralized logs of server’s level logs and
applications logs.
Leading the team on Infrastructure as code implementations using tools like Github, Terraform etc
Handle live upgrades on AWS Clouds and Infrastructures using Ansible, Terraform, etc.
Strong knowledge of secure development and general development methodologies and practices.
Played a key role in migrating Non-VPC system to a highly security-based system for a security audit.
Coached development teams on secure software and hardware configuration management and secure
test automation strategies associated with cloud-based solutions.
Configured monthly OS patching process using shell scripts.
Managed company Infrastructure consisting around 800 Instances (Linux) over AWS.
Managed applications like Apache, PHP, Nginx, Node.JS, Tomcat, Jetty.
Expertise in handling MySQL over AWS RDS
Continuous Integration (CI) and Continuous Deployment (CD) using Jenkins, Nexus, and Rundeck.
Set up and managed release and deployment tools. Jenkins, Nexus, Rundeck.
Maintained software version tools such as SVN and GIT.
Expertise in OpenLDAP Administration for centralized authentication server to a Linux based system.
Configured DB and application server backup process using Rundeck and shell script as part of a security
audit requirement.
Key Contributions
•
•
•
•
•
Yearly handling of the compliance audit for PCI, HIPAA, GLBA, and SOC2: I handled the complete end to
end security compliance audit process, which includes OS patching, report generation, and calls with
the auditor to show.
Monitoring: Install and configure various monitoring tools
§ Nagios- for servers Health monitoring.
§ New Relic – For Application Monitoring.
§ Site 24*7 – For FTP, SSL and URL Monitoring.
§ Webinject – For API Availability monitoring.
§ CloudWatch -- For Amazon server and database monitoring.
LDAP: Configure Openldap centralized authentication server with ssh key and group-based server login
functionality.
Migrated Infra under Amazon VPC Infrastructure: Complete Migration of Company infra under Amazon
VPC infa from AWS Classic, to achieve PCI compliant.
Creation of full environment in one click using various tools (CloudFormation/Terraform, AWS CLI, Bash
Scripts).
Indivar Software Solutions Pvt Ltd, Mohali (July 2012 - July 2013)
System Administrator
•
•
•
•
•
Configured Apache web server and troubleshooting Apache.
Configured Monitoring Tools: (Nagios, Webmin, Iptraf)
Maintenance of scheduled/unscheduled backups and updating as per plan using Bash Shell Scripts.
Configured CRM Software: (Drupal, SugarCRM, Magento).
Worked on ConfigServer Security & Firewall with Login Failure Daemon for Server Hardening.
•
•
•
•
•
•
Installed and managed Openfire chat server.
User data backup using Git management software.
Virtualization: VMWare, VSphere, VirtualBox.
Technical support/troubleshooting.
Management Collaborative application software for project management.
Customer relationship management and team management.
Key Contributions
• Nagios: Implementation, Configuration, and Maintenance of Nagios Monitoring tools to monitor local
or client’s server services.
• Server Hardening: Implementation and Maintenance of CSF/LFD tool with various hardening tools for
improving the security of the client’s server.
• Chat server: Implementation and maintenance of Openfire chat server for internal chats.
Icronex Technologies Pvt. Ltd, Gurgaon (February 2011 - June 2012)
Linux Administrator
•
•
•
•
•
•
•
•
•
•
Linux server administration.
Ensured uptime and monitoring of Email Servers, Web Servers, DNS and Database Servers.
Configured Apache web server and troubleshooting Apache.
Worked on Qmail server for internal emailing.
Daily checklist of all servers and backup logs and monthly data integrity of Active Directory.
Monitored of Linux Servers and Network Services using Monitoring Tool.
Worked on PowerMTA with multi virtual MTA.
Configured on Postfix with dovecot for bulk emailing.
Managed OU, Groups, and Users in Active Directory.
Responsible for providing help, support, and assistance in the initial installation of the system, setup,
and maintenance of the user account, data recovery, etc.
ACADEMICS
●
●
●
B.Tech (C.S.E), PTU Jalandhar.
PGDITM, Symbiosis pune.
+2 (Non-Medical), CBSE.
