Sandip Maji

TCG Digital — DevSecOps Engineer (R&D) Aug 2023 – Present | Kolkata, India

Product developer in the R&D team, working across CI/CD engineering, container security, and cloud-native infrastructure on a SaaS product.

Key contributions:

• Built and maintained Jenkins CI/CD pipelines with automated GRYPE-based CVE scanning as a mandatory quality gate, preventing critical/high severity container images from reaching production.
• Containerized applications using Docker and deployed them on Kubernetes with custom resource limits, health probes, and ingress configurations for production-grade reliability.
• Implemented GitOps workflows using ArgoCD for declarative, Git-driven deployments with full rollback capability across multiple environments.
• Automated Kubernetes cluster provisioning and distributed storage setup using Ansible playbooks, replacing manual processes with repeatable, version-controlled IaC.
• Upgraded container base images to Amazon Linux 2023 across multiple services, systematically reducing the CVE footprint and aligning with security best practices.
• Evaluated and integrated Istio Ambient Mesh on Kubernetes for mTLS, traffic management, and observability without sidecar proxy overhead.
• Administered Jenkins at an organizational level — managing plugins, roles, access controls, and executing a major version upgrade with zero pipeline disruption.
• Configured and managed Maven, SBT, and Gradle build tools within CI/CD pipelines for Java and Scala-based application builds.
• Developed Python and Shell scripts to automate repetitive infrastructure and operational tasks, reducing manual effort across the team.
• Managed and hardened Elasticsearch clusters — configuring TLS, role-based access control, and security settings to meet production security standards.
• Collaborated with cross-functional teams to build a real-time vulnerability reporting dashboard, enabling organization-wide CVE visibility and data-driven remediation decisions.