Микола

Mykola Popov – DevOps / SRE Engineer
Mykolaiv, Ukraine
[відкрити контакти](див. вище в блоці «контактна інформація») | [відкрити контакти](див. вище в блоці «контактна інформація»)

Summary

DevOps/SRE engineer with 10+ years of experience designing and operating production
infrastructure on AWS and GCP (single and multi-cloud operations).
Comfortable owning the full lifecycle – from infrastructure design through Kubernetes (EKS,
GKE, On-prem), CI/CD and GitOps delivery, observability, and security hardening. Strong bias
toward declarative infrastructure (Terraform/Terragrunt), security-by-default (IRSA, Workload
Identity Federation, least-privilege RBAC), and automating the parts humans get wrong.

Core Skills

Cloud: AWS (EKS, IAM, S3, VPC, Route 53, RDS, Secrets Manager), GCP (GKE, IAM,
Workload Identity, Cloud Storage, Cloud DNS, Artifact Registry)
Containers & Orchestration: Kubernetes (multi-cluster, RBAC, NetworkPolicies), Helm,
Kustomize, Docker
IaC: Terraform, Terragrunt, Atlantis
GitOps & CI/CD: ArgoCD (single/multi-cluster, hub/spoke), GitHub Actions
Observability: Prometheus, Grafana, Loki, Alertmanager, OpenTelemetry
Security: IRSA, GCP Workload Identity Federation, External Secrets Operator, OAuth/OIDC,
least-privilege RBAC
Networking: VPC peering, Transit Gateway, ingress controllers (NGINX, ALB), Gateway API
Serverless: AWS Lambda, Google Cloud Run
Programming Languages: Python, Go, Bash

Experience

Mar 2022 – Present Senior DevOps Engineer at Readdle
- Design and own a shared platform across multiple product teams, partnering with
engineering across several departments to build consistent infrastructure that meets
product needs while staying aligned with security best practices and regulatory
requirements.
- Led major migrations from legacy infrastructure to Kubernetes and cloud-native
platforms, adjusting development lifecycle, CI/CD, and on-call practices alongside the
technical move. Worked with affected teams to rebuild deployment workflows, establish
service ownership, and bring observability up to a uniform standard.
- Established a company-wide IaC standard on Terraform/Terragrunt with full CI/CD
lifecycle (Atlantis, semver-tagged module/live split, Renovate coverage).
- Design and operate the multi-tenant observability platform with Grafana Loki /
Prometheus stacks (distributed hub-spoke topology, per-team isolation via internally
developed OAuth-aware proxy that injects tenant headers).
 - Lead incident response and postmortems for the platform tier, defining SLOs,
driving root-cause investigations, and turning recurring incidents into permanent fixes
(runbooks, alerting changes, infrastructure hardening).
- Contributed to ISO 27001 certification efforts including procedures and policies
development and adapting infrastructure to compliance requirements.

Jan 2022 – Mar 2026 DevOps Engineer (part-time) at Herdwatch
- Led the infrastructure modernization from a handful of manually maintained
servers to a fully IaC-managed multi-region platform on AWS — 6 EKS clusters
across 3 AWS regions, microservice architecture, centralized logging (ELK),
Prometheus-based monitoring, and autoscaling for critical workloads.
- Established the operational baseline for the platform: standardized deployment
patterns, on-call practices, and a systematic approach to infrastructure changes that the
team continued to use after my involvement.
- Set up the GitOps and CI/CD pipelines for application teams, enabling self-service
deployments to dev/staging/prod across regions.

2020 – 2022 DevOps/SRE at Takeoff
- SRE for a distributed GCP platform powering robotic grocery fulfillment across tens
of micro-fulfillment sites globally, with each site running edge workloads coordinated by
a central control plane on GKE (in conjunction with Artifact Registry, Cloud SQL,
Pub/Sub, BigQuery and Oracle-driven data warehouses).
- Owned fleet-wide reliability: monitoring and alerting across all sites, on-call rotation,
SLO definition, and incident response — including site-level connectivity issues that
didn't exist in a single-cloud-region model.
- Built deployment automation and capacity planning processes that scaled with the
fleet as new sites came online.

2017 – 2020 DevOps / Backend Developer at MageMojo
- Operated managed hosting infrastructure for 10,000+ Magento e-commerce sites,
balancing reliability and cost across a large multi-tenant fleet.
- Built a custom CSI driver and snapshotting layer that exposed ZFS datasets as
Kubernetes persistent volumes, enabling the platform's migration from Xen-based
hardnodes to Kubernetes along with the backup infrastructure and log analysis engine
that supported it.
- Developed backend components in the internal management system that orchestrated
tenant provisioning and storage/backup workflows.

Education Master of Science in Physics, Kherson State University, 2004
Languages Ukrainian (native), English (fluent – professional working proficiency)