Home

Krithika Gunasekaran - Senior Devops Engineer

[email protected]

Location: Peoria, Illinois, USA

Relocation: Any

Visa: H1B

Resume file: Sr.DevSecOps Engineer - Krithika_1761073999071.docx Please check the file(s) for viruses. Files are checked manually and then made available for download.

Name: Krithika Gunasekaran Krishnaswamy Contact: 5403006307 Email-ID: [email protected] LinkedIn: https://www.linkedin.com/in/krithikagk13/ PROFESSIONAL SUMMARY: DevOps Engineer with 9+ years of progressive experience across finance, healthcare, telecom, and manufacturing domains, specializing in automation, observability, cloud adoption, and compliance-driven deployments. Proven expertise in multi-cloud platforms with AWS (EKS, EC2, S3, Lambda, Fargate, RDS, DynamoDB, CloudTrail, CloudWatch, ECR, CodePipeline, X-Ray) and Azure (AKS, ACR, Functions, CosmosDB, Storage, AAD, Key Vault, Azure Monitor, Azure Policy, Bicep, Application Insights), enabling hybrid and multi-cloud architectures. Skilled in Infrastructure as Code (IaC) using Terraform (Cloud/Enterprise), AWS CDK, Ansible, CloudFormation, ARM Templates, Puppet, Chef, and Packer to standardize infrastructure provisioning across dev, test, and production environments. Designed and implemented end-to-end CI/CD pipelines with Jenkins, Azure DevOps Pipelines/Boards, GitLab CI, GitHub Actions, Maven, Gradle, Nexus, and Artifactory, accelerating release cycles and enabling continuous integration and delivery. Strong background in containerization and orchestration with Docker, Kubernetes (EKS/AKS), Helm, OpenShift, containerd/CRI-O, and advanced traffic management with Istio, Linkerd, and Consul service mesh. Integrated GitOps workflows with ArgoCD and Flux, enabling declarative, version-controlled deployments and audit-ready infrastructure. Managed container registries (ECR, ACR, Docker Hub) with supply chain security scanning through Anchore, Trivy, and Clair, and enhanced runtime security using Falco for Kubernetes environments. Applied SRE principles by defining SLIs, SLOs, and SLAs, managing error budgets, and implementing chaos engineering, incident response, and autoscaling to improve system reliability and uptime. Comprehensive monitoring and observability expertise with Prometheus, Grafana, ELK Stack, Splunk, Datadog, New Relic, Dynatrace, Nagios, Zabbix, and distributed tracing with OpenTelemetry and Jaeger. Embedded DevSecOps practices into CI/CD pipelines with Vault, Azure Key Vault, AWS KMS, Prisma Cloud, Twistlock, and code quality/security gates using SonarQube, Checkmarx, and SAST/DAST frameworks. Extensive knowledge of regulatory compliance PCI-DSS in finance, HIPAA/SOC2 in healthcare, and GDPR for global governance with hands-on implementation of encryption, access control, and compliance-as-code. Hands-on expertise in cloud networking and security architectures, including VPC design, subnets, API Gateways, load balancers, DNS, CDN, firewall rules, and hybrid connectivity for enterprise systems. Built and supported real-time messaging and streaming systems using Kafka and RabbitMQ, powering event-driven workloads in finance, e-commerce, and telecom domains. Strengthened governance with policy-as-code and infrastructure testing using Checkov, InSpec, and Sentinel, ensuring deployments adhered to compliance and security baselines. Proficient in performance engineering with JMeter and Locust, validating infrastructure and applications under peak loads in highly regulated environments. Implemented secrets and certificate management with Vault, Key Vault, Cert-Manager, and Let s Encrypt, ensuring secure handling of sensitive data and automated TLS. Delivered disaster recovery and backup strategies using Velero for Kubernetes, AWS Backup, and automated failover solutions for business continuity. Practiced cloud cost governance (FinOps) with AWS Trusted Advisor and Azure Cost Management, driving cost optimization and sustainable scaling across environments. Experienced in SDLC and Agile/Scrum collaboration workflows with Jira, Confluence, GitFlow branching strategies, and structured release governance, ensuring seamless cross-team integration. Recognized for mentoring DevOps teams, leading platform maturity assessments, and partnering with stakeholders to deliver secure, scalable, and resilient platforms that reduced downtime and improved deployment velocity. TECHNICAL SKILLS: Cloud Platforms AWS (EKS, EC2, S3, RDS, DynamoDB, Lambda, Fargate, CloudFront, CloudWatch, CloudTrail, CodePipeline, X-Ray), Azure (AKS, ACR, Functions, CosmosDB, Storage, AAD, Key Vault, Azure Monitor, Azure Policy, Bicep, Application Insights) Infrastructure as Code (IaC) Terraform (Cloud/Enterprise, modules, workspaces), AWS CDK, Azure Bicep, CloudFormation, ARM Templates, Ansible, Puppet, Chef, Packer CI/CD & Version Control Jenkins, Azure DevOps Pipelines/Boards, GitLab CI/CD, GitHub Actions, Maven, Gradle, Nexus, Artifactory, GitHub Enterprise, GitLab, Bitbucket, GitFlow branching Containers & Orchestration Docker, Kubernetes (EKS, AKS), Helm, OpenShift, containerd/CRI-O, Service Mesh (Istio, Linkerd, Consul), ArgoCD, Flux Monitoring, Logging & Observability Prometheus, Grafana, ELK Stack, Splunk, Datadog, New Relic, Dynatrace, Nagios, Zabbix, OpenTelemetry, Jaeger, AWS CloudWatch, Azure Application Insights, Graylog Security & Compliance (DevSecOps) HashiCorp Vault, Azure Key Vault, AWS KMS, Prisma Cloud, Twistlock, Anchore, Trivy, Clair, SonarQube, Checkmarx, SAST/DAST frameworks, OPA, Kyverno, Cert-Manager, Let s Encrypt, Falco, Checkov, InSpec, Sentinel; Compliance: PCI-DSS, HIPAA, SOC2, GDPR Networking & Messaging VPC design, Subnets, Load Balancers, DNS, CDN, Firewall rules, Hybrid connectivity, API Gateways; Kafka, RabbitMQ Scripting, Performance & DR Shell, Python; JMeter, Locust for performance testing; Velero (Kubernetes Backup), AWS Backup, DR & failover automation PROFESSIONAL EXPERIENCE: Client: WealthForge, Brockton, MA. Aug 2023 - Present Role: Sr. Site Reliability Engineer (SRE) Responsibilities: Architected and Scaled AWS cloud infrastructure (EKS, EC2, S3, RDS, DynamoDB, Lambda, Fargate, CloudTrail, CloudWatch, CodePipeline) to support secure and scalable financial platforms. Developed Terraform Enterprise modules and AWS CDK templates for standardized infrastructure provisioning, reducing manual errors and ensuring compliance. Automated configuration and golden image creation using Ansible, Puppet, and Packer, delivering consistent environments across dev, UAT, and production. Built and optimized CI/CD pipelines with Jenkins, GitHub Actions, and AWS CodePipeline, embedding quality checks, vulnerability scanning, and automated rollbacks. Managed microservices on Kubernetes (EKS) using Helm, with Istio and Linkerd service mesh to strengthen service routing, traffic control, and resiliency. Implemented GitOps workflows using ArgoCD and Flux, enabling declarative deployments, version control, and fully auditable infrastructure changes. Deployed observability frameworks with Prometheus, Grafana, and ELK for platform monitoring, while integrating Splunk, Datadog, and Dynatrace for advanced analytics. Adopted OpenTelemetry, Jaeger, and AWS X-Ray to enhance distributed tracing and root cause analysis. Established SRE principles including SLIs, SLOs, SLAs, and error budgets, while implementing structured incident management and postmortem processes. Conducted chaos testing and fault injection in AWS to validate disaster recovery, failover automation, and platform resilience under stress conditions. Embedded DevSecOps practices by integrating Vault and AWS KMS for secret management, and Prisma Cloud, Twistlock, Anchore, and Trivy for container image security. Enabled Falco runtime monitoring for Kubernetes workloads. Ensured compliance with PCI-DSS, SOC2, and SOX ITGC controls by embedding OPA, Kyverno, and Sentinel into pipelines for compliance-as-code, and validating IaC with Checkov and InSpec. Designed secure AWS networking architectures including VPCs, subnets, load balancers, Route 53 DNS, CloudFront CDN, and API Gateway integrations to support financial applications. Implemented Kafka and RabbitMQ messaging frameworks to enable asynchronous, event-driven processing of financial transactions. Automated certificate and secret lifecycle management using Vault, Cert-Manager, and Let s Encrypt, introducing TLS automation and secure rotation practices. Deployed Velero and AWS Backup solutions for Kubernetes and cloud workloads, strengthening data protection and disaster recovery readiness. Applied FinOps governance with AWS Trusted Advisor and Cost Explorer, implementing autoscaling and tagging strategies for cost optimization. Integrated infrastructure testing pipelines and policy-as-code frameworks into delivery workflows, ensuring deployments aligned with organizational security and compliance baselines. Collaborated with QA and Dev teams to integrate JMeter and Locust performance validation into CI/CD, ensuring infrastructure could sustain financial transaction loads. Partnered with cross-functional teams using Jira, Confluence, and MS Teams, while enforcing GitFlow branching strategies and release governance to streamline delivery. Mentored engineers in Kubernetes, Terraform, GitOps, and observability practices, creating runbooks, playbooks, and documentation that improved operational maturity. Environment: AWS (EKS, EC2, S3, Lambda, Fargate, RDS, DynamoDB, CloudWatch, CloudTrail, CodePipeline, X-Ray), Terraform (AWS CDK), Kubernetes (EKS), Helm, Istio, ArgoCD, Prometheus, Grafana, OpenTelemetry/Jaeger, Vault, SonarQube, Kafka, Jenkins, Falco, Velero Client: Advocate Health Care, Chicago, IL. Jan 2021 - Jul 2023 Role: Sr. DevOps Engineer Responsibilities: Designed and deployed Azure cloud infrastructure with AKS, ACR, Functions, CosmosDB, Azure Storage, and Key Vault, supporting HIPAA-compliant healthcare applications and PHI workloads. Containerized healthcare services with Docker and orchestrated workloads on AKS, leveraging Helm charts for consistent, repeatable deployments. Built and optimized CI/CD pipelines using Azure DevOps, Jenkins, and GitHub Actions, integrating automated testing, vulnerability scanning, and deployment governance. Automated infrastructure provisioning with Terraform and Azure Bicep, embedding compliance-as-code to enforce healthcare security and regulatory baselines. Standardized server builds and application deployments using Ansible for configuration management, with exposure to Puppet for legacy clinical systems. Integrated service mesh (Istio) into AKS clusters to provide secure inter-service communication, traffic management, and zero-trust networking across clinical applications. Secured pipelines and secrets using Azure Key Vault and HashiCorp Vault, while embedding Prisma Cloud and SonarQube for container and application code security. Collaborated with vendor security tools including Twistlock and Aqua Security for container runtime scanning and vulnerability detection in production workloads. Designed network and access security using Azure VNETs, firewalls, private endpoints, WAF, API Management Gateway, and Azure Front Door, securing healthcare APIs and patient-facing portals. Established observability with Prometheus, Grafana, and ELK for open-source monitoring, integrated with Azure Monitor and Application Insights for native telemetry and alerting. Adopted OpenTelemetry and Jaeger for distributed tracing, enabling full visibility of patient data flows across microservices and APIs. Enforced compliance with HIPAA, SOC2, and GDPR by automating audit controls, secure logging pipelines, and encryption policies across Azure services. Implemented policy-as-code with OPA and Checkov, validating AKS configurations and IaC deployments against compliance standards. Configured Azure Backup and Velero for Kubernetes clusters, ensuring disaster recovery readiness and protection of sensitive healthcare data. Partnered with QA and Dev teams to validate application scalability under peak loads by integrating JMeter and Locust into CI/CD workflows. Collaborated with cross-functional teams using Jira, Confluence, and MS Teams, managing compliance-driven releases and healthcare audit change requests. Authored security playbooks, incident response guides, and compliance runbooks, ensuring operational readiness for audits, inspections, and regulatory events. Environment: Azure (AKS, ACR, Functions, CosmosDB, Key Vault, Application Insights, Front Door, Azure Backup), Terraform, Azure Bicep, Kubernetes (AKS), Helm, Ansible, Jenkins, Azure DevOps, Vault, Prometheus, Grafana, ELK Stack, OPA, SonarQube, Prisma Cloud Client: AST SpaceMobile, Midland, TX. Feb 2018 Dec 2020 Role: Sr. DevOps Engineer Responsibilities: Designed and managed GCP infrastructure leveraging GKE, Cloud Functions, Pub/Sub, BigQuery, Cloud Storage, and Cloud SQL to support real-time satellite communication workloads. Automated infrastructure provisioning with Terraform and Ansible, with exposure to Chef for configuration management of legacy telecom workloads. Built CI/CD pipelines using GitLab CI/CD, Jenkins, and Cloud Build, integrating automated testing, container builds, and artifact versioning with Nexus. Containerized applications with Docker and orchestrated deployments using GKE, managing Helm charts for multi-environment consistency. Implemented service mesh (Istio) within GKE clusters to secure inter-service communication, handle traffic routing, and enforce zero-trust policies. Configured VPC networks, Cloud Load Balancing, Cloud DNS, Cloud NAT, and firewall rules to enable secure multi-region connectivity for telecom systems. Centralized observability using Prometheus, Grafana, ELK Stack, and native Stackdriver (Cloud Monitoring & Logging) for proactive incident detection. Adopted OpenTelemetry and Jaeger for distributed tracing of latency-sensitive satellite telemetry pipelines. Secured workloads with HashiCorp Vault, GCP Secret Manager, and GCP KMS, combined with vulnerability scanning via Trivy and Clair. Embedded DevSecOps controls into CI/CD with SonarQube, Prisma Cloud, and Snyk for static and dynamic security scanning. Developed real-time event processing pipelines using Apache Kafka and GCP Pub/Sub, enabling telecom telemetry ingestion and stream analytics. Enforced policy-as-code with OPA and Checkov, preventing non-compliant infrastructure configurations in GCP environments. Implemented Velero and native GCP Backup for Kubernetes cluster recovery and data resilience. Partnered with QA teams to integrate JMeter and Locust into pipelines, ensuring performance reliability under high-traffic satellite data loads. Participated in SRE reviews by tracking SLIs, SLOs, and error budgets to assess service availability and resiliency. Applied FinOps practices using GCP Billing reports and cost dashboards to monitor usage and optimize resource consumption. Facilitated Agile collaboration with Jira and Confluence, ensuring effective delivery between cloud, network, and satellite operations teams. Environment: GCP (GKE, Cloud Functions, Pub/Sub, BigQuery, Cloud SQL, Cloud Storage, Cloud Build, KMS), Terraform, Ansible, Jenkins, GitLab CI/CD, Docker, Kubernetes (GKE), Helm, Istio, Prometheus, Grafana, ELK Stack, Vault, Kafka, OpenTelemetry Client: Zetwerk, New Delhi, India. June 2016 Jan 2018 Role: Build Automation Engineer Responsibilities: Contributed to the modernization of Zetwerk s manufacturing IT systems by implementing automated build and release processes across on-premise and hybrid environments. Introduced CI/CD pipelines using Jenkins and GitHub Actions, enabling faster rollouts of ERP modules, supplier portals, and internal apps. Deployed workloads on AWS (EC2, S3, RDS, CloudFormation) while managing legacy VMware infrastructure, ensuring seamless migration of supply chain apps. Developed automation scripts in Python and Bash for data ingestion, batch scheduling, and server configuration. Containerized lightweight internal services with Docker and supported pilot Kubernetes adoption for test environments. Applied configuration management with Ansible to standardize provisioning for build servers and supplier-facing portals. Integrated SonarQube and basic SAST scanning into pipelines to improve code quality and enforce secure coding standards. Implemented Nagios and ELK Stack for early-stage monitoring, providing visibility into order processing and supplier management platforms. Designed backup and recovery procedures for ERP databases and AWS-hosted workloads to minimize downtime. Coordinated with QA and development teams using Jira and Confluence, ensuring release notes, deployment guides, and rollback steps were documented. Environment: AWS (EC2, S3, RDS, CloudFormation), Jenkins, GitHub Actions, Docker, Kubernetes, Ansible, Python, Bash, Nagios, ELK Stack Keywords: continuous integration continuous deployment quality analyst sthree information technology microsoft mississippi Idaho Illinois Massachusetts Texas