Mahesh M

Company Overview: Vitality Health Limited is a United Kingdom-based company offering private health insurance and life insurance to the UK market. It is the UK's third-largest health insurer.

• Integrated HashiCorp Vault with Amazon Redshift to securely manage and rotate database credentiaAutomated secret retrieval via IAM roles or AppRol, reducing operational risk and improving auditability.
• Ensured compliance with internal security policies and external regulatory requirements (e.g., SOC 2, GDPR).
• Implemented secure credential management for Amazon Redshift using Vault, enabling seamless integration with dynamic secrets and improving compliance posture.
• Designed and implemented scalable workflows using Amazon Pinpoint or Amazon SES/SNS for transactional and user notifications
• Ensured high delivery rates, monitoring of bounce/spam complaints, and implemented retry logic for message delivery.
• Configured CloudWatch dashboards and alarms to monitor system behavior and delivery KPIs.
• Improved end-user experience and platform reliability by making messaging fault-tolerant and observable.
• Designed and implemented GitHub Actions workflows to build, test, and push versioned artifacts (e.g., Docker images, JARs, NPM packages) to JFrog Artifactory.
• Integrated secret management using GitHub Secrets and ensured secure authentication with Artifactory.
• Enabled semantic versioning, branch-based deployments, and tagging strategies to streamline release management.
• Reduced manual intervention and deployment errors by automating build/publish pipelines.
• Enhanced team productivity by creating reusable and modular CI/CD workflows.
• Automated artifact lifecycle using GitHub Actions and JFrog Artifactory, improving build reliability and reducing deployment time by 40%.
• Developed modular CI/CD workflows with secure secrets integration and branch-aware publishing logic.
• Collaborated with cross-functional teams to design and document architecture diagrams covering microservices, cloud infrastructure (e.g., AWS/GCP), databases, and networking components.
• Created deployment architecture diagrams that outline scaling strategies, load balancing, failover mechanisms, and disaster recovery paths.
• Used tools like Lucidchart, Draw.io, PlantUML, or CloudFormation Designer to visually communicate design decisions to technical and non-technical stakeholders.
• Ensured diagrams were updated alongside infrastructure changes and used as part of runbooks and onboarding documentation.
• Integrated Checkov into the CI/CD pipeline to automatically scan Terraform, CloudFormation, Kubernetes YAML, and Helm templates for misconfigurations and policy violations.
• Enforced security baselines such as: Encryption at rest and in transit, Least privilege IAM roles and policies, Open ports and public exposure checks.
• Configured the pipeline to fail builds on critical security issues and notify developers early in the SDLC.
• Maintained custom policies and allowlists, aligning Chekov scans with organizational security and compliance requirements (e.g., SOC 2, HIPAA, CIS benchmarks).
• Led the migration of GitOps workflows from ArgoCD to Flux (VGFlux) to improve scalability, modularity, and alignment with modern GitOps practices.
• Refactored Kubernetes manifests and Helm charts to be compatible with Flux’s Kustomize-controller, Helm-controller, and Source-controller.
• Built out GitRepository, Kustomization, and HelmRelease custom resources (CRDs) to support declarative, pull-based deployment strategies.
• Improved deployment traceability and observability, integrating with tools like Prometheus, Alertmanager, and Grafana.
• Enabled multi-environment support (dev, stage, prod) through better separation of concerns and branch-based strategies.
• Documented and trained internal teams on Flux operations, rollback procedures, and troubleshooting workflows.
• Provisioned Amazon EKS clusters, Azure AKS clusters using Terraform modules, automating VPC, node groups, IAM roles, and cluster configuration to ensure reproducibility and auditability.
• Integrated Rancher as a centralized Kubernetes management platform, enabling multi-cluster governance, access control, and workload management.
• Enabled RBAC, network policies, and OIDC-based authentication for secure, multi-tenant usage.
• Applied Terraform state management via remote backends (e.g., S3 with DynamoDB locking) for safe collaboration.
• Automated cluster registration to Rancher and standardized cluster bootstrapping (e.g., deploying monitoring, logging, ingress controllers).
• Facilitated disaster recovery and cluster upgrades using Terraform modules.
• Vitality Health Limited is a United Kingdom-based company offering private health insurance and life insurance to the UK market. It is the UK's third-largest health insurer.
• Environment: Terraform
• AWS (EKS, Redshift, SES/SNS)
• GitHub Actions
• JFrog Artifactory
• Rancher
• FluxCD
• ArgoCD
• HashiCorp Vault
• Kubernetes
• Checkov
• Helm
• Prometheus
• Grafana
• CI/CD
• GitOps
• IaC
• DevSecOp
• Used metrics to monitor application and infrastructure performance.

• Company Overview: UNITED STATES COLD STORAGE INC, is a United States Cold Storage, Inc. provides logistics services. The Company offers transportation management, air shipment handling, cold storage, and order assembly services. United States Cold Storage serves customers in the United States.
• Design, implement, and maintain the CI/CD pipelines.
• Automate and streamline the software delivery process.
• Having experience in integrating code quality tools such as SonarQube in CI/CD Pipelines repository like Nexus and integrated them with CI/CD using Jenkins.
• Automate deployment and scaling of Kubernetes clusters and applications.
• Experience in writing terraform scripts to create, manage and delete resources in AWS such as AWS VM's, AWS web apps and creation of EKS, Network Security Groups.
• Maintained the user accounts IAM Roles, configured Route 53 to access the privately exposed application on AWS ECS Clusters, Integrated DynamoDB, SQS, and automated push notifications using AWS SNS service.
• Integrated AWS advanced shield with AWS Web Application Firewall (WAF) to protect the web application and the underlying infra from malicious DDOS Attacks.
• Worked with Docker pulling images from the docker hub, running containers based on an image, creating Docker files to manage customized containers and docker commit to capture the file changes/settings into a new image.
• Installed and Configured Jenkins pipelines to support Groovy script for various Java build and installed and configured various Jenkins plug-ins to automate Continuous build & deployments.
• Consistently used AWS CloudWatch to monitor the cloud infrastructure and use generated metrics for analyzing the performance of the applications and configured SNS for alerting the users on crossing the metric thresholds.
• Used Nagios to monitor the day-to-day performance and maintenance operations throughout the client’s network.
• Reviews and manages Unix Operations Team workloads & support tickets to ensure correct prioritization & progress.
• Worked on Git version control to manage the source code and integrated Git with Jenkins to support build automation and integrated with Jira to monitor the commits.
• Expertise in maintaining Infrastructure as a Code, AWS Cloud formation templates by developing JSON/YAML scripts, and python scripts to automate repetitive tasks.
• UNITED STATES COLD STORAGE INC, is a United States Cold Storage, Inc. provides logistics services. The Company offers transportation management, air shipment handling, cold storage, and order assembly services. United States Cold Storage serves customers in the United States.
• Environment: AWS, Kubernetes, Docker, Jenkins, Groovy, Chef, CloudWatch, JFrog, Maven, Redhat, UNIX, YAML, Python, JIRA, VMware, DynamoDB, Nagios, GIT

• Company Overview: Telefonica is one of the largest telephone operators and mobile network providers in the world.
• Maintained the user accounts IAM Roles, configured Route 53 to access the privately exposed application on AWS ECS Clusters, Integrated DynamoDB, SQS, and automated push notifications using AWS SNS service.
• Integrated AWS advanced shield with AWS Web Application Firewall (WAF) to protect the web application and the underlying infra from malicious DDOS Attacks.
• Worked with Docker pulling images from the Docker hub, running containers based on an image, creating Docker files to manage customized containers and docker commit to capture the file changes/settings into a new image.
• Experience in configuring the Cloud Firewall rules to allow the inbound traffic.
• Installed and Configured Jenkins pipelines to support Groovy script for various Java build and installed and configured various Jenkins plug-ins to automate Continuous build & deployments.
• Consistently used AWS CloudWatch to monitor the cloud infrastructure and use generated metrics for analyzing the performance of the applications and configured SNS for alerting the users on crossing the metric thresholds.
• Deployed AWS resources using AWS Cloud Formation.
• Write CloudFormation Templates (CFT) in JSON and YAML formats to build the AWS services with the paradigm of Infrastructure-as-Code.
• Used Nagios to monitor the day-to-day performance and maintenance operations throughout the client’s network.
• Reviews and manages Unix Operations Team workloads & support tickets to ensure correct prioritization & progress.
• Worked on Git version control to manage the source code and integrated Git with Jenkins to support build automation and integrated with JIRA to monitor the commits.
• Expertise in maintaining Infrastructure as a Code, AWS Cloud formation templates by developing JSON/YAML scripts, and Python scripts to automate repetitive tasks.
• Leveraged Amazon Web Services like EC2, RDS, EBS, ELB, Auto scaling, AMI, IAM through AWS console and API Integration.
• Implemented and maintained the monitoring and alerting of production and corporate Servers/storage using AWS Cloud watch.
• Integrated Kubernetes with network, storage, and security to provide comprehensive infrastructure and orchestrated container across multiple hosts.
• Set up and maintained Logging and Monitoring subsystems using tools like; Elasticsearch, Fluentd, Kibana, Prometheus, Grafana and Alertmanager.
• Converted existing Terraform modules that had version conflicts to utilize Cloud formation templates during deployments.
• Worked with Terraform to create stacks in AWS, and Enhanced the Terraform scripts based on the requirement on regular basis.
• Developed a fully automated continuous integration system using Git, Jenkins, MySQL and custom tools developed in Python and Bash.
• Designed, developed, and deployed engaging web applications using Python.
• Telefonica is one of the largest telephone operators and mobile network providers in the world.
• Environments: Jenkins, Jira, Groovy, GIT, Ansible, Kubernetes, Python, Bash, YAML, AWS, Terraform, SQL, NOSQL, Docker, Nagios, Chef, Kibana, Prometheus, Grfana.

• Company Overview: AkzoNobel, a Dutch multinational company which creates paints and performance coatings for both industry and consumers worldwide.
• Setup and maintained a 99% uptime of a network of Linux servers.
• Deployed and managed Docker containers within ECS, ensuring the proper configuration and execution of containers. Handle container lifecycle, updates, and versioning.
• Defined task definitions and configure services to ensure the proper launch and management of containers. Specified resource requirements, dependencies, and container placement constraints.
• Applied security best practices, including IAM roles and policies, to grant the necessary permissions to ECS tasks and services. Secure communication between containers and other AWS service.
• Design, implement, and maintain the CI/CD pipelines using GitLab CI.
• Automate and streamline the software delivery process.
• Having experience in integrating code quality tools such as SonarQube in CI/CD Pipelines repository like Nexus and integrated them with CI/CD using Jenkins.
• Automate deployment and scaling of Kubernetes clusters and applications.
• Experience in writing terraform scripts to create, manage and delete resources in AWS such as AWS VM's, AWS web apps and creation of EKS, Network Security Groups.
• Maintained the user accounts IAM Roles, configured Route 53 to access the privately exposed application on AWS ECS Clusters, Integrated DynamoDB, SQS, and automated push notifications using AWS SNS service.
• Integrated AWS advanced shield with AWS Web Application Firewall (WAF) to protect the web application and the underlying infra from malicious DDOS Attacks.
• Worked with Docker pulling images from the docker hub, running containers based on an image, creating Docker files to manage customized containers and docker commit to capture the file changes/settings into a new image.
• Installed and Configured Jenkins pipelines to support Groovy script for various Java build and installed and configured various Jenkins plug-ins to automate Continuous build & deployments.
• Consistently used AWS CloudWatch to monitor the cloud infrastructure and use generated metrics for analyzing the performance of the applications and configured SNS for alerting the users on crossing the metric thresholds.
• Used Nagios to monitor the day-to-day performance and maintenance operations throughout the client’s network.
• Reviews and manages Unix Operations Team workloads & support tickets to ensure correct prioritization & progress.
• Worked on Git version control to manage the source code and integrated Git with Jenkins to support build automation and integrated with Jira to monitor the commits.
• Expertise in maintaining Infrastructure as a Code, AWS Cloud formation templates by developing JSON/YAML scripts, and python scripts to automate repetitive tasks.
• AkzoNobel, a Dutch multinational company which creates paints and performance coatings for both industry and consumers worldwide.
• Environment: AWS, Kubernetes, Docker, Jenkins, Groovy, Chef, CloudWatch, JFrog, Maven, Redhat, UNIX, YAML, Python, JIRA, VMware, DynamoDB, Nagios, GIT.

• Company Overview: Shinsei Bank, Ltd. engages in the business of banking services.
• Experience in system software installation and configuration of NFS shares, Auto-Mounter, DHCP, and LDAP.
• Administration and maintenance of Red Hat Linux.
• Worked as User Administration setup, maintaining an account, monitoring system performance, and performing performance tuning and troubleshooting.
• Responsible for configuring networking concepts like NIS, NFS, SAMBA, LDAP, SSH, FTP, SFTP, SNMP, DNS, DHCP, troubleshooting network problems such as TCP/IP, and supporting users in solving their problems.
• Activities include user administration, startup and shutdown scripts, backup scripting, and automation using Perl, cron, bash, and Shell scripting for the Red Hat Linux system.
• Configured User Authentication Stores and Policy Authorization Stores on LDAP.
• Configuring, administering, and troubleshooting NFS, AutoFS (Direct and Indirect Maps), NIS (master, slave, and client), and DNS in the multi-platform network.
• Setup and configured Apache to integrate with IBM WebSphere in a load balancing environment. Monitoring of Linux, and Solaris servers using tools like vmstat, iostat, and SAR.
• Implemented Security by disabling unused services and using IP tables and TCP wrappers.
• Perform daily reviewing of system and application logs, while verifying the successful completion of scheduling jobs using cron.
• Worked as a system administrator for the build and deployments process on the enterprise server.
• Worked with development, testing, deployment, systems/infrastructure, and project teams to ensure continuous operation of build and test systems.
• Planned, scheduled, and Implemented OS patches on the Linux server as a part of proactive maintenance.
• Experience in using Routed Protocols like FTP, SFTP, SSH, HTTP, and HTTPS.
• Creating documented policies, procedures, and technology stacks which can then be transitioned to other groups for long-term support.
• Shinsei Bank, Ltd. engages in the business of banking services.
• Environment: Red Hat Enterprise Linux (5.x, 6.x & 7.x), YUM, User and Group management, Firewall, Apache, Volume Groups, LVM, NFS, FTP, DHCP, DNS, SAMBA, Kickstart, Cron.