EXPERIENCE
Senior DevOps Engineer @ Grepsr
Feb 2025 — Present
- ▸Architected fault-tolerant Amazon EKS clusters supporting thousands of nodes using Karpenter for auto-scaling.
- ▸Implemented Cilium CNI in ENI mode for enhanced network performance and eBPF-based observability.
- ▸Designed and implemented automated CI/CD pipelines with GitHub Actions across multiple environments.
- ▸Migrated from ingress-nginx to Cilium-based Kubernetes Gateway API, leveraging eBPF for performance and security.
- ▸Built enterprise-grade, modular Terraform with state management and automated deployment pipelines.
- ▸Deployed ArgoCD for declarative GitOps continuous delivery with rollbacks and full audit trails.
- ▸Standardized Helm charts for gRPC-based microservices for consistent deployment patterns.
- ▸Led cost optimization via workload analysis, right-sizing, and strategic EC2 instance selection.
- ▸Tuned AWS RDS with query optimization and read replicas; migrated EKS from IMDS to IRSA for pod-level IAM.
Lead Infrastructure Engineer @ IME Khalti Ltd.
Dec 2024 — Present · Kathmandu, Nepal
- ▸Deployed and maintained production-grade RKE2 clusters across dual data centers for fault tolerance.
- ▸Managed Amazon EKS clusters for cloud-native applications (theatre management system).
- ▸Engineered reusable GitHub workflow actions to standardize CI/CD across projects.
- ▸Automated infrastructure with Terraform and configuration management with Ansible.
- ▸Built an observability stack: ELK for logs, Prometheus + Grafana for metrics, Zabbix, and Sentry.
- ▸Deployed BIG-IP WAF with custom security policies and traffic analysis.
- ▸Reduced latency and cost via CloudFront and Cloudflare CDN caching.
- ▸Created modular Helm charts supporting ephemeral QA environments for isolated testing.
- ▸Integrated security scanning: SonarQube, TruffleHog (secrets), and Snyk (vulnerabilities).
- ▸Ran full Kubernetes lifecycle ops and SRE practices; led incident response and RCA.
- ▸Deployed and optimized high-availability PostgreSQL clusters with replication and automated backups.
Senior DevOps Engineer @ Logpoint
May 2022 — May 2024 · Lalitpur, Nepal
- ▸Led CI/CD automation, cutting integration time by 70%.
- ▸Added infrastructure provisioning pipelines with Terraform and image automation with Packer.
- ▸Ran monolith and serverless workloads on AWS: VPC, EC2, S3, Lambda, ECS.
- ▸Built an end-to-end deployment framework managing pre/post-release activities for public products.
- ▸Maintained CI/CD infra with Git, Jenkins, Ansible, SonarQube, NFS, and Artifactory.
- ▸Automated server configuration with Ansible, reducing manual errors by ~90%.
- ▸Set up a monorepo, improving the CI/CD and release cycle.
- ▸Led migration of monolithic services to a containerized environment.
System Engineer @ Logpoint
Aug 2018 — May 2022 · Lalitpur, Nepal
- ▸Deployed SIEM infrastructure and SaaS offerings across AWS, Azure, and VMware vSphere.
- ▸Created VMI artifacts for AWS, Azure, HyperV, and OVF to streamline builds.
- ▸Integrated Zookeeper, HDFS, and Kerberos via a custom wrapper for the application.
- ▸Managed cloud infrastructure and analyzed billing for cost optimization.
- ▸Built Jenkins automation jobs and pipelines; used Terraform and Ansible for VM provisioning.
System Administrator @ Primuson Pvt. Ltd.
May 2017 — Aug 2018 · Kathmandu, Nepal
- ▸Built and maintained web servers, monitoring (Cacti, Nagios, MRTG), Windows DC, and mail servers.
- ▸Designed robust network architecture with load balancing and failover, reducing RTMP stream latency.
- ▸Implemented security best practices and regular system audits with timely patching.
Junior System Administrator @ WorldLink Communications Ltd.
Apr 2016 — Apr 2017 · Lalitpur, Nepal
- ▸Installed and troubleshot DNS, email, and web hosting servers with minimal downtime.
- ▸Resolved network issues with Cacti and Nagios; optimized caching and ISP link routing.
- ▸Administered VPN servers and Active Directory for secure remote access.