visitor@madhavt.com.np: ~

visitor@madhavt.com.np:~$ curl madhavt.com.np/experience

EXPERIENCE

Senior DevOps Engineer @ Grepsr

Feb 2025 — Present

  • Architected fault-tolerant Amazon EKS clusters supporting thousands of nodes using Karpenter for auto-scaling.
  • Implemented Cilium CNI in ENI mode for enhanced network performance and eBPF-based observability.
  • Designed and implemented automated CI/CD pipelines with GitHub Actions across multiple environments.
  • Migrated from ingress-nginx to Cilium-based Kubernetes Gateway API, leveraging eBPF for performance and security.
  • Built enterprise-grade, modular Terraform with state management and automated deployment pipelines.
  • Deployed ArgoCD for declarative GitOps continuous delivery with rollbacks and full audit trails.
  • Standardized Helm charts for gRPC-based microservices for consistent deployment patterns.
  • Led cost optimization via workload analysis, right-sizing, and strategic EC2 instance selection.
  • Tuned AWS RDS with query optimization and read replicas; migrated EKS from IMDS to IRSA for pod-level IAM.

Lead Infrastructure Engineer @ IME Khalti Ltd.

Dec 2024 — Present · Kathmandu, Nepal

  • Deployed and maintained production-grade RKE2 clusters across dual data centers for fault tolerance.
  • Managed Amazon EKS clusters for cloud-native applications (theatre management system).
  • Engineered reusable GitHub workflow actions to standardize CI/CD across projects.
  • Automated infrastructure with Terraform and configuration management with Ansible.
  • Built an observability stack: ELK for logs, Prometheus + Grafana for metrics, Zabbix, and Sentry.
  • Deployed BIG-IP WAF with custom security policies and traffic analysis.
  • Reduced latency and cost via CloudFront and Cloudflare CDN caching.
  • Created modular Helm charts supporting ephemeral QA environments for isolated testing.
  • Integrated security scanning: SonarQube, TruffleHog (secrets), and Snyk (vulnerabilities).
  • Ran full Kubernetes lifecycle ops and SRE practices; led incident response and RCA.
  • Deployed and optimized high-availability PostgreSQL clusters with replication and automated backups.

Senior DevOps Engineer @ Logpoint

May 2022 — May 2024 · Lalitpur, Nepal

  • Led CI/CD automation, cutting integration time by 70%.
  • Added infrastructure provisioning pipelines with Terraform and image automation with Packer.
  • Ran monolith and serverless workloads on AWS: VPC, EC2, S3, Lambda, ECS.
  • Built an end-to-end deployment framework managing pre/post-release activities for public products.
  • Maintained CI/CD infra with Git, Jenkins, Ansible, SonarQube, NFS, and Artifactory.
  • Automated server configuration with Ansible, reducing manual errors by ~90%.
  • Set up a monorepo, improving the CI/CD and release cycle.
  • Led migration of monolithic services to a containerized environment.

System Engineer @ Logpoint

Aug 2018 — May 2022 · Lalitpur, Nepal

  • Deployed SIEM infrastructure and SaaS offerings across AWS, Azure, and VMware vSphere.
  • Created VMI artifacts for AWS, Azure, HyperV, and OVF to streamline builds.
  • Integrated Zookeeper, HDFS, and Kerberos via a custom wrapper for the application.
  • Managed cloud infrastructure and analyzed billing for cost optimization.
  • Built Jenkins automation jobs and pipelines; used Terraform and Ansible for VM provisioning.

System Administrator @ Primuson Pvt. Ltd.

May 2017 — Aug 2018 · Kathmandu, Nepal

  • Built and maintained web servers, monitoring (Cacti, Nagios, MRTG), Windows DC, and mail servers.
  • Designed robust network architecture with load balancing and failover, reducing RTMP stream latency.
  • Implemented security best practices and regular system audits with timely patching.

Junior System Administrator @ WorldLink Communications Ltd.

Apr 2016 — Apr 2017 · Lalitpur, Nepal

  • Installed and troubleshot DNS, email, and web hosting servers with minimal downtime.
  • Resolved network issues with Cacti and Nagios; optimized caching and ISP link routing.
  • Administered VPN servers and Active Directory for secure remote access.