DevOps Engineer

Kubernetes · On-Prem & Cloud · HA/DR · Platform Engineering · Regulated Environments

LinkedIn · GitHub · Nepal (GMT+5:45)

About

DevOps engineer working across telco, banking, unified communications, and SaaS workloads in ISO 27001:2022-aligned environments. End-to-end delivery — architecture, documentation, implementation, HA/DR design, resource optimization, observability, cross-vendor incident coordination, and production support on enterprise hardware and cloud. Currently extending platforms toward self-service internal developer platforms. Building primarily with open-source tooling.

Work

DevOps Engineer

Smart Solutions Technology · Oct 2024 – Present

Telco Platform (Oracle PCA X10) — RKE2 Kubernetes (OSS stack), ArgoCD GitOps, CI/CD (Jenkins, GitLab, SonarQube, Trivy, Nexus), observability (Prometheus, ELK Fleet Management, Alertmanager-to-SNMP). PostgreSQL HA (Patroni), HAProxy failover (Keepalived), warm standby multi-DC failover design. Platform-wide resource right-sizing from metrics analysis. Redis deployment with persistence tuning and Grafana dashboards. Evaluated OpenShift, Rancher, KubeSphere as platform alternatives. Scaling for multi-project hosting.
Digital Wallet Evaluation — Assessed Kubernetes/OKE feasibility on PCA X10 for a foreign banking software provider's payment platform; mapped multi-environment needs, clarified resource requirements, and advised leadership on engagement scope.
Internal Developer Platform (IDP) — Architecting self-service portal for namespace provisioning, automated GitLab scaffolding, CI pipeline generation, ArgoCD deployment, multi-tenant RBAC, Vault zero-trust secrets, and centralized service catalog (~1,000+ services). Includes ~100 microservice migration via ApplicationSets and standardized Helm templates. Architecture document under client review.
Unified Communications (AWS) — Matrix (Synapse) backend, LiveKit SFU/SIP, Twilio SIP trunking bridging WebRTC with PSTN. Interfacing with Ncell for production SIP trunk integration. Element enterprise licensing engagement and dev team architecture guidance.
Banking Client — Nexus Repository, DR scripting, CIS hardening, master-replica replication.
European Fitness SaaS (AWS) — CloudFront, S3, ECS, ALB, WAF, auto-scaling. Cost-optimized for SaaS workloads. Azure CI/CD pipeline design for separate e-commerce workload.
Hosting Build-Out (PCA X10) — Preparing production WiseCP, Plesk, AlmaLinux-to-CloudLinux conversion, external PostgreSQL, and monitoring integration. Previously evaluated GPUaaS, NGFWaaS (OPNsense + Zenarmor), OTT hosting.
Company Infra — Proxmox VE on HPE ProLiant, GitLab, DMZ HAProxy, WireGuard/IPsec, MikroTik.
Incident Management — Cross-vendor coordination with Cisco, F5, Google, Oracle/WDN. Structured evidence gathering and escalation.
Ongoing — Supporting legacy telco platform (80+ microservices). Cloud hosting research, edge WAF evaluation. Homelab: Envoy Gateway API, Victoria Metrics, LGTM stack. Researching Vault clustering, AWS/Azure patterns, MLOps/vLLM.

DevOps Intern

F1Soft International · May – Aug 2024

Kubernetes (ArgoCD, Helm), HAProxy/Nginx, ELK/Loki, CIS hardening, HashiCorp Vault.

Skills

Kubernetes (RKE2) Docker/Podman Helm ArgoCD Jenkins GitLab CI SonarQube Trivy Nexus Prometheus Grafana ELK Stack Alertmanager PostgreSQL (Patroni) Redis HAProxy Keepalived Nginx Proxmox VE Oracle PCA X10 AWS Azure GCP WireGuard IPsec MikroTik Bash Python Ansible Vault WebRTC SIP Trunking LiveKit WiseCP Plesk CloudLinux CIS Benchmarks ISO 27001 HLD/LLD DR Planning IDP Architecture

Education

BE Computer Engineering

Tribhuvan University (IOE) · 2024

Message me on LinkedIn →