Resume / CV: Oleksii Koshelenko, Senior Platform Engineer
Text Only
With Photo
$ whoami
Oleksii Koshelenko
Senior Platform Engineer
Multi-Cloud (Azure · GCP · AWS) | FinOps | CI/CD | Observability
Remote (EU timezone) | Ukraineaskoshelenko@gmail.comlinkedin.com/in/askoshelenkogithub.com/ASKoshelenkodevopsdive.com
Key Achievements
500+
hybrid VMs under observability, 389 alerts analyzed, 31 rules deployed, autonomous incident detection
62
Azure subscriptions under automated cost governance, proactive anomaly detection across all environments
350+
commits across production CI/CD, 11 stages, 694 automated tests, coverage gates, zero-downtime slot deploys
70%
alert-noise reduction so on-call actually sleeps, via server-side filtering and OS-split thresholds
201K+
rows migrated across production databases via custom Python tooling with FK integrity handling
55+
secrets migrated to zero-trust Key Vault with RSA-OAEP, 30 stale credentials purged
8
GCP projects scoped for cross-tenant migration with IAM hardening & org-level policies
5+
enterprise teams coordinated across product, security, and cloud engineering in multiple time zones
Professional Summary
Platform / DevOps engineer with 10 years keeping production systems alive in high-consequence, regulated environments: FinTech (PCI DSS), banking, healthcare, and industrial. Bare-metal and sysadmin roots, now focused on multi-cloud platform engineering across Azure, GCP, and AWS, specializing in FinOps and observability, designing cost governance, self-service CI/CD, and reliability that let product teams ship safely. I care about the cloud bill as much as the uptime.
Technical Skills
Cloud PlatformsAzure (Monitor, Policy, Arc, Logic Apps, Key Vault, App Service, AKS, Automation, OpenAI), GCP (GKE, Cloud Run, IAM, Org Policy), AWS (Lambda, EC2, S3, IAM)
AI-Assisted EngineeringAI in the engineering loop, multi-agent fan-out/verify code audits, agent-assisted IaC review, repo-local agent skills, Claude Code, Cursor, Vertex AI / Gemini, LLM inference (Cloud Run, SSE streaming, provider failover)
Infrastructure as CodeTerraform, Terragrunt, Bicep, Ansible, Policy-as-Code
CI/CD & AutomationGitLab CI, GitHub Actions, Azure DevOps, Jenkins, ArgoCD (GitOps), Automation Runbooks, Self-service Platforms (IDP)
Containers & OrchestrationDocker, Kubernetes (AKS, GKE), Helm
ObservabilityAzure Monitor, Log Analytics, DataDog, Grafana, Prometheus, Zabbix, KQL
Security & GovernanceZero-Trust (UAMI, OIDC, Workload Identity), Key Vault, Azure RBAC, Azure Policy, PCI DSS
FinOps & ReliabilitySRE, Cost Anomaly Detection, Budget Governance, Rightsizing, SLI/SLO & Error Budgets, Incident Response / On-call, AMBA Framework
Languages & SystemsRust (Tauri, async, AEAD/crypto, 63K LOC), Python, PowerShell, Bash, JavaScript, KQL, YAML
Professional Experience
Senior Platform Engineer
DevOpsDive Consulting, Enterprise Cloud Engagements
- Designed and deployed 31 Azure Monitor alert rules for a banking hybrid infrastructure (500+ VMs, 62 subscriptions), analyzed 389 legacy SolarWinds alerts, built 5 DCR types and 8 team-specific Action Groups via Bicep IaC, achieving autonomous incident detection with no missed critical alerts over 4+ months in production.
- Built a reusable CI/CD platform template (11 stages) with coverage gates (694 automated tests), zero-downtime slot deployments, and UAMI zero-trust auth, adopted self-service by 2 product teams (350+ commits), reducing new service onboarding from weeks to hours.
- Redesigned monolithic log collection into role-specific DCR architecture, filtering Level 4 noise from 200+ servers and restricting AD/DNS/DFS to 6 Domain Controllers, eliminating redundant ingestion across the entire Windows fleet.
- Implemented Azure Policy health check automation for 26 App Services with 5-round phased rollout through change advisory board approval in banking maintenance windows, with no customer-facing downtime.
- Migrated 55+ CI/CD secrets to Azure Key Vault with UAMI authentication and RSA-OAEP encryption, audited all pipeline variables, purged 30 stale credentials, and established a reusable pattern adopted by every subsequent service migration.
- Engineered a production-grade Rust systems codebase (offline-first sync engine, versioned AEAD crypto envelope on audited primitives) with a signed, notarized multi-target release pipeline and 769 tests; run a repo-local multi-agent audit harness over it and over production IaC, catching real defects (unscoped Key Vault, racing VNet peerings) before deploy.
- Built autonomous capacity monitoring via Logic App and KQL, reduced alert noise by 70% through server-side NFS filtering, split Critical/Proactive thresholds by OS, and routed actionable alerts to Windows and Linux teams daily with zero manual intervention.
- Scoped GCP multi-tenant migration for 8 projects and 100+ service accounts, defining IAM hardening requirements, org-level policy framework, and CI/CD onboarding patterns for secure tenant migration of a Fortune Global 500 advertising holding.
- Coordinated delivery across 5+ enterprise teams (product, TechOps, security, cloud engineering) spanning multiple time zones, built a developer onboarding platform with runbooks, architecture guides, and decision logs, reducing ramp-up from weeks to days.
Systems / DevOps Engineer, promoted to Cloud Platform Developer (Tech Lead)
EPAM Systems · Global eCommerce (Bosch), AWS security & cloud education | Azure & AWS
- Owned end-to-end DevOps for a global commerce platform (Bosch, Azure + AWS), cutting AI deployment time 60% via Azure OpenAI integration and shipping KQL observability dashboards that reduced incident triage 30%.
- Provisioned multi-cloud infrastructure via Terraform and GitHub Actions CI/CD across 12+ AKS microservices, achieving 25% cloud cost reduction through FinOps rightsizing.
- Led a 4-engineer DevOps team building foundational Terraform modules (VNets, NSGs, Private DNS) and mentored 8+ engineers on IaC and CI/CD, presenting platform architecture to 500+ at EPAM tech conference.
- Delivered CI/CD pipelines (Jenkins, GitLab CI, GitHub Actions) with Commercetools backup automation via Azure Logic Apps (RPO under 1 hour), and upgraded 50+ AWS Lambda functions to Python 3.11, running security workshops for 200+ at AWS Weeks 2024.
System Administrator
Involve Software (FinTech) · Contract, part-time
- Administered FinTech infrastructure (PCI DSS scope), managing VPN servers, MikroTik/UBNT networking, Ansible automation, and Grafana-based security monitoring while leading budget planning and IT procurement.
System Administrator, Team Lead
Profit Center FX (FinTech)
- Directed a 4-person IT team for a FinTech trading platform, deploying Zabbix monitoring that cut incident response by 60%, managing Proxmox/Docker/Jenkins CI/CD infrastructure with 99.9% uptime, and overseeing IT budget and procurement.
Computer Systems Engineer
CDC Pharmbiotest (Healthcare)
- Built CRM system from scratch that decreased processing time by 40%, deployed KVM virtualization and Zabbix monitoring, and automated 85% of routine IT tasks supporting 100+ users in clinical research.
Software Engineer / Design Engineer
PJSC LINIK (Oil Refining)
- Supported enterprise IT for 1,500+ users across industrial facilities, managing Active Directory, MS SQL Server, McAfee Endpoint Security, and automating system provisioning across refinery operations.
Certifications
Professional Cloud DevOps EngineerGoogle Cloud
Azure Administrator Associate (AZ-104)Microsoft
Ethical HackerCisco
AWS Certified Cloud PractitionerAWS
Top 1000 Worldwide, Google Cloud Skills Boost 2024Google Cloud
Education
Specialist, Laser & Optoelectronics Engineering
Kharkiv National University of Radio Electronics (KNURE)