Nilesh Navneet
Bangalore
Summary
DevSecOps professional with expertise in automating application security and deployment processes across the software development lifecycle. Skilled in using a wide array of tools for continuous integration, security testing, vulnerability management, cloud infrastructure, and container orchestration. Proven track record of optimizing CI/CD pipelines, reducing manual interventions, and ensuring secure code deployments.
Overview
10
10
years of professional experience
Work History
DevSecOps Engineer
Rapifuzz
Gurugram
09.2023 - Current
- Automated deployment workflows using shell scripts for environment configuration, MySQL setup, and system dependency installation, reducing setup time and human error.
- Integrated Gitleaks for secret scanning, SonarQube for static code analysis, and JIRA for issue tracking into Jenkins pipelines to ensure secure and high-quality code.
- Conducted automated container vulnerability scanning with Trivy and Grype, and integrated Semgrep for code security analysis during the development cycle.
- Managed multi-container applications using Docker Compose, automating the setup and execution of services like PostgreSQL, Neo4j, Redis, as well as Python (DRF), Java (Spring Boot), Node.js, and GraphQL applications.
- Set up an in-house Nexus repository to store artifacts for 4 different projects, ensuring centralized and secure artifact management for all development teams.
- Used Kebeadm for deploying Kubernetes clusters on on-prem servers, enabling scalable and efficient container orchestration for internal applications.
- Leveraged AWS EKS (Elastic Kubernetes Service) for client-facing applications, automating the deployment, scaling, and management of containerized applications in the cloud.
- Developed and maintained CI/CD pipelines in Jenkins, improving the deployment process, reducing manual intervention, and ensuring consistent, repeatable deployments.
- Automated deployment processes for tech stacks like Python (DRF), Java (Spring Boot), Node.js, and GraphQL applications, streamlining the integration and delivery of services.
- Integrated SonarQube, Trivy, and Gitleaks into Jenkins for continuous security scanning and vulnerability management.
- Deployed and maintained cloud-based applications, ensuring security and cost optimization using Terraform and AWS.
AWS Cloud & DevOps Engineer
Datavert Communication
Bengaluru
03.2019 - 09.2023
- Designed and implemented CI/CD pipelines using GitLab CI and Jenkins for automated application delivery, integrated with SonarQube for static code analysis and JIRA for project management.
- Implemented automated infrastructure provisioning using Terraform and Ansible, ensuring scalability and cost-efficiency of cloud resources on AWS.
- Conducted vulnerability management using Trivy, Semgrep, and OWASP ZAP to ensure the security of the application and container environments.
- Built and maintained Docker containers and automated the deployment of microservices and databases using Docker Compose for local development and testing environments.
- Optimized cloud infrastructure for scalability and cost reduction using AWS services (EC2, RDS, S3, VPC, etc.).
Cloud Trainer
01.2017 - 01.2019
- Delivered cloud computing training to small and medium-sized groups, focusing on AWS cloud services.
- Created and customized course materials, ensuring effective knowledge transfer and student engagement.
IT Recruiter - Freelance
01.2015 - 01.2017
- Managed recruitment for Desktop Engineer, Network Engineer, and Cloud Engineer positions under payroll employee roles via TeamLease and IMSI.
- Coordinated with clients to understand job requirements and sourced suitable candidates for various technical positions.
- Conducted initial screenings, interviews, and candidate selection, ensuring the right fit for the organization's needs.
Education
B.Tech - CSE
SRM University
Chennai11.2025
12th -
D.A.V Kapildev
Ranchi01.2010
10th -
St. Xavier's
Sahibganj01.2008
Skills
CI/CD Tools: Jenkins, GitLab-CI
Version Control: Git (GitHub, GitLab)
SAST Tools: Gitleaks, SonarQube, Trivy, Semgrep, Checkmarx, OWASP Dependency Check
DAST Tools: Nuclei, OWASP ZAP
IAST Tools: Contrast Security
Compliance Testing Tools: Fossa
Containerization & Orchestration: Docker, Docker Compose, Kubernetes, Helm
Infrastructure as Code: Terraform
Configuration Management Tool: Ansible
Monitoring & Logging: Prometheus, Grafana
Cloud Platforms: AWS
Artifact Management: Nexus Repository, AWS ECR, GHCRio, Docker Hub
Scripting: Shell Scripting (Bash)
Databases: MySQL, PostgreSQL, Redis, Neo4j
Timeline
DevSecOps Engineer
Rapifuzz
09.2023 - Current
AWS Cloud & DevOps Engineer
Datavert Communication
03.2019 - 09.2023
Cloud Trainer
01.2017 - 01.2019
IT Recruiter - Freelance
01.2015 - 01.2017
B.Tech - CSE
SRM University
12th -
D.A.V Kapildev
10th -
St. Xavier's
Similar Profiles
Naveen KumarNaveen Kumar
Senior Administrator at Microgreen Technologies Pvt. Ltd (Capgemini)Senior Administrator at Microgreen Technologies Pvt. Ltd (Capgemini)
NIGILDAS KNIGILDAS K
Regional Service Manager at Petra Infoserv Pvt LtdRegional Service Manager at Petra Infoserv Pvt Ltd
Shirsa GhoshShirsa Ghosh
IT Support Engineer I (GSD 2) at Amazon Development CentreIT Support Engineer I (GSD 2) at Amazon Development Centre
AAYUSHI AASTHAAAYUSHI AASTHA
Analyst at J P Morgan ChaseAnalyst at J P Morgan Chase
E Naveen KumarE Naveen Kumar
DevSecOps Engineer at SID Global SolutionsDevSecOps Engineer at SID Global Solutions