Umair Khan

(+92) 312-2377428 ยท umairedu@gmail.com

I specialize in creating scalable, secure, and reliable infrastructure, focusing on automating processes to maintain uptime and stability for high-performance applications. With hands on experience I have developed, architected, automated, and optimized production environments on Kubernetes, Bare metal servers, and VMware using DevOps practices. I am currently working remotely as a Lead DevOps Engineer for a Dubai-based company that specializes in school communication. I am proficient in various DevOps tools such as Kubernetes, Docker, Helm, Gitlab, ArgoCD, Prometheus, Grafana, Terraform, and Ansible.

Experience

Lead DevOps Engineer

SchoolVoice
  • Designed and maintained Kubernetes infrastructure, optimizing costs using Spot and On-Demand nodes.
  • Set up a local development environment using Docker and Vagrant.
  • Implement multiple read databases based on load.
  • Create a generic Helm chart for all services.
  • Built Python scripts for automation, including Slack bots for deployment and rollback notifications.
  • Implemented observability on entire infrastructure and applications using Datadog.
  • Enhanced security by implementing RBAC, network policies, Falco and container hardening.
Dec 2021 - Present

Lead DevOps Engineer

VentureDive
  • AWS Technology -- EC2, EBS, RDS, VPC, Route 53, DynamoDB, SQS, CloudFront, AWS Config, Security Hub.
  • Designed deployed and managed Kubernetes cluster on AWS/Digitalocean.
  • Deploy Istio on Kubernetes for service mesh and microservice security
  • Deploy Pixie on Kubernetes to identify application performance bottlenecks
  • Configure Falco for Kubernetes threat detection
  • Monitoring the Infra and applications using Datadog, Prometheus, Grafana, ELK.
  • Writing helm charts for Kubernetes deployment.
  • Write and Maintain CI/CD Pipelines for Jenkins, Gitlab, Bitbucket, Travis CI to build and deploy services.
  • Implementing Flux and ArgoCd in multiple projects to follow the GitOps pattern to automate the deployment on Kubernetes.
  • Automating environment setup using Docker/Kubernetes and Ansible.
    Writing Terraform modules of AWS and Digitalccean and using them in multiple projects.
  • Provisioned multiple environments for Dev, QA, Prod AWS/Digitalocean using Terraform.
  • Automation of AWS/Digitalocean infrastructure provisioning using Terragrunt and Terraform.
July 2019 - Nov 2021

Sr.DevOps Engineerr

Careem
  • Experience with AWS including (Elasticbeanstalk, EC2, Elasticache, DynamoDb, Lambda, SQS, RDS, Route53)
  • Design and maintain CICD pipelines on Jenkins for deployments of the services.
  • Design and Implement monitoring framework by using, Prometheus, Grafana, Node exporter, custom exporter.
  • Automating various tasks using Python such as monitoring AWS infrastructure costs and remove orphan resources.
  • POC of the Canary deployment.
  • Implement proactive alerts mechanism by using Prometheus with help of standard deviation function.
  • Automating application setup by using configuration management tools Ansible.
  • Integrate Slack with monitoring platform with help of python to escalate the alerts according to the relevant teams.
Jan 2017 - Jul 2019

Sr. System Administrator

Right Solution
  • Managing AWS Services EC2, S3, AMIs creation, RDS, VPC, and auto-scaling.
  • Deployed & Maintain Proxmox VE, 3-node ha cluster, and replicated VMS by using ceph storage.
  • Designed, implemented, and maintained high traffic Linux web servers using Nginx, Apache, Varnish, and Nginx Plus for load balancing.
  • Implemented wiki and bug tracking system using Gitlab.
  • Redesigned, Migrate and built a new email infrastructure utilizing ESVA, Zimbra.
  • Install and configure git server and automate deployment on git commits.
  • Deployed & Maintain VMWare ESX servers.
  • Setup Elastic Load Balancer (ELB) with sticky sessions.
  • Incident Handling, 24x7 Environment.
  • Automated DB Backup Scripts.
  • EBS (Elastic Block Storage) Setup with weekly automated EBS backups.
  • Amazon RDS setup with automated backups.
  • Amazon VPC setup for server clustering and server internal connection.
  • Synchronize S3 files from different s3 buckets.
  • Setup Central Nagios Monitoring for all important services of servers by using NRPE checks for HTTP, Postfix, MySQL, CPU, Memory, Master-Slave sync, EBS health.
  • Write Iptables rules to secure server for ICMP flooding, port scanning, syn attacks.
  • Apache /MySQL /S3FS WatchDog Scripts.
  • Create extensive bash scripts to automate tasks and monitor system connection activities and alerts.
Dec 2013 - Jan 2017

Sr. System Administrator

ARPATECH
  • Install and Maintain VMWare ESX environments on Local/Remote DataCenters.
  • ESX /VMServer Virtual Machines Backup, Maintenance using GhetoVCB.
  • Setup Nagios to Monitor Production and Local Server
  • Install Nagios to monitor different services like java server, MySQL health, VMware backup, iis service, apache server
  • Write Vmware PowerCli script for VM reporting and management.
  • Write Nagios script to monitor server errors and application health.
  • Write Mikrotik script to enable, disable firewall rules and backup the configurations.
  • Write bash deployment script for remote application deployment.
  • Setup SugarCRM, JBoss Cluster, Tomcat, Joomla, Apache and MySQL based servers.
  • Responsible for maintaining a 24x7 web-infrastructure with multiple web-sites and redundant servers.
  • Configured Asterisk PBX with custom dial-plan and PHPAgi for call recording, daily call quota, cdr in MySQL and Call Queue.
  • Write OpenVPN script to create server configuration, Iptables rules and client configuration.
  • Setup ESVA Email Scanning Virtual Appliance.
  • NFS Server and sync Setup for remote backups on multiple locations.
  • VPN Server with LDAP and PAM authentication.
  • Setup MySQL Master/Slave with SSL integration.
  • Setup Varnish with Nginx for Web Site load balancing and auto-failover.
  • Write Iptables rules to secure server for ICMP flooding, port scanning, syn attacks.
  • Setup IRed Mail Server for multiple domains.
  • Squid Proxy as Reverse Proxy for multi-domain management single SSL certificate.
  • Centralized LDAP Access policy implementation.
  • Disaster Recovery and Backup policy implementation.
  • Responsible for deployment of new application release and patches related to application bug fixes
Nov 2011 - Dec 2013

Senior Network Engineer

SevenIT
  • Deployed and administrating Asterisk VoIP server.
  • Installation and configuration squid transparent proxy, active directory, samba server, internal Mail server, Shorewall, Nagios. Apache, Mysql server.
  • Write script for daily local and production backup.
  • Connect office PBX to Sydney office PBX via Quintum Gateway.
  • Configure Asterisk Call recording, conferencing and Voicemail service.
  • Configure Asterisk with quantum PSTN gateway.
  • MySql setup, MySql Cluster and Replication Master to Master-Slave for CRM databases.
  • Install Active Directory for Authentication and backup’s critical date to remote drives via batch script.
  • Configured pfSense firewall for WAN load balancing.
Feb 2010 - Oct 2011

Network Engineer

PixSensePixSense
2007 - 2010

Education

Preston University

B.S. Computer Science
Sep 2002 - Aug 2006

Skills

Kubernetes tools

  • Helm
  • Falco
  • Istio
  • Sealed Secrets
  • Prometheus/Grafana/EFK

DevOps Tools

  • Terraform
  • Terragrunt
  • Ansible
  • Jenkins, Gitlab, Bitbucket, Github CI/CD Pipelines

GitOps tools

  • ArgoCd
  • Flux
  • Kapitan

Clouds

  • AWS
  • DigitalOcean
  • GCP

Programming

  • Python
  • PHP
  • Bash

Interests

Apart from being a DevOps Engineer, I enjoy spending time with family and friends and love to travel outside of my hometown. I have visited Turkey, Dubai, and Saudi Arabia, exploring historical heritage sites as I love history..

I also dedicate a large amount of time to upgrading my skills with the latest technology advancements and learning new technologies.

Certifications