DevOps / Platform Engineer with 4 years of experience building and operating cloud-native infrastructure at Greenhouse Software and IBM. I focus on CI/CD pipelines, Kubernetes operations, Terraform-driven infrastructure, and production observability on AWS and Azure.

Based in New York City. Open to DevOps, SRE, Platform Engineering, Infrastructure Engineering, and Cloud Engineering roles (onsite, hybrid, or fully remote in the US).

Greenhouse Software    DevOps Engineer    Aug 2024 to Present

• Cut end-to-end deployment time 65% (6h to 2h) across 20+ production services by building Jenkins Shared Libraries and GitHub Actions pipelines, integrated with SonarQube and Nexus.
• Led containerization of 20+ microservices to Amazon EKS with Helm and HPA. Zero-downtime rolling updates, 30% fewer post-deploy incidents.
• Dropped MTTD 50% with Prometheus, Grafana, and New Relic. Shrunk RTO from 2 hours to 30 minutes via automated DR workflows and resilience testing.
• Reduced AWS data-transfer costs and attack surface through PrivateLink, VPC endpoints, IAM RBAC, and WAF/Shield. Reusable Terraform modules cut environment setup from days to hours.

IBM    DevOps Engineer & SRE    May 2021 to Jul 2023

• Eliminated 100% of manual configuration drift across 15+ production apps using Terraform, CloudFormation, and Ansible Tower.
• Cut root-cause analysis time 50% by standing up a centralized ELK stack for real-time observability.
• Reduced production hotfixes 40% and API response times from 900ms to 350ms by standardizing GitFlow, adding peer-review gates, and running load tests with JMeter and Postman.
• Cut MTTD from 15 minutes to under 5 with Python and Bash monitoring scripts integrated with AWS CloudWatch. Maintained 99% uptime during peak traffic.
• Drove a 70% decrease in incident recurrence within 3 months by resolving 6 recurring root-cause bottlenecks and authoring blameless postmortems and runbooks.

Cloud & Infrastructure

Containers & Orchestration

CI/CD & GitOps

Monitoring & Logging

Languages & Scripting

These are the three projects I would start with if you want to see how I work.

Repo: sashank1064/gitops-drift-controller  |  Stack: Python · Kubernetes API · kind · pytest

A Python-based controller that compares desired Kubernetes manifests in Git against live cluster state, detects configuration drift, and generates structured field-level diff reports. Dry-run is the default. Remediation requires an explicit flag.

What it covers:

• Controller-style reconciliation loop that fetches live resources and diffs them against Git manifests
• Field-level diff reports with container paths resolved by name rather than position, so sidecar injection does not cause false positives
• Annotation-based controls to skip resources, ignore specific fields (e.g. HPA-managed spec.replicas), or block auto-remediation on stateful resources
• CLI flags including --dry-run, --remediate, --fail-on-drift, and --output json for use as a CI gate
• End-to-end tested locally with kind via scripts/e2e-kind.sh
• Design notes cover why full replace is risky compared to server-side apply, why custom diff was chosen over deepdiff, and what changes at scale

This is intentionally narrower in scope than ArgoCD or Flux. The goal was to understand how drift detection works internally and build something predictable rather than feature-complete.

Repo: sashank1064/roboshop-infra-dev  |  Stack: Terraform · Ansible · AWS · EC2 · CloudWatch

An 11-service e-commerce platform (Node.js, Java, Python, Go, MongoDB, Redis, MySQL, RabbitMQ, Nginx) built up in layers, from a single-box Bash deployment to a phased Terraform + Ansible platform on AWS.

What it covers:

• 13 phased Terraform stacks (00-vpc through 91-cdn) with isolated S3 state per phase and DynamoDB locking
• Reusable Terraform modules for VPC, security groups, and EC2 with ansible-pull bootstrap in user_data
• Ansible roles applied on first boot via ansible-pull, no control node required
• Three-tier architecture in isolated subnets, 7 EC2 application services, 4 managed data stores, engineer access via VPN and SSM bastion
• Tag-driven inventory (Component, Environment, Project) so Ansible host discovery matches cost reporting
• Progression repos showing the full build: Bash provisioning, flat Ansible playbooks, reusable roles, Terraform patterns, and multi-env tfvars

Repo: sashank1064/cloud-native-ci-cd  |  Stack: EKS · ECR · Helm · GitHub Actions · Terraform · Docker

A focused EKS project covering the full deployment path for a containerized Flask service. Terraform provisions the AWS infrastructure, Docker packages the app, ECR stores the image, Helm deploys the service, and GitHub Actions runs the pipeline. IAM, OIDC provider, EKS access entry, and AWS Load Balancer Controller IRSA are all wired into Terraform so the cluster is fully usable without any manual console steps.

This is intentionally smaller than RoboShop. It is easier to walk through end-to-end and clearly shows where Terraform stops and Kubernetes starts.

• M.S., Computer Science, Pace University, New York (2025)
• B.E., Computer Science & Engineering, BMS Institute of Technology and Management (2022)
• InfraExpert, AlgoExpert.io
• AI Fluent Tech Professional
• Initiating and Planning Projects

DevOps  ·  SRE  ·  Platform Engineering  ·  Infrastructure Engineering  ·  Cloud Engineering

Onsite, hybrid, or fully remote in the US. Based in NYC.

sashankallugunti@gmail.com  ·  LinkedIn