Ashwin Radhakrishnan

• • DevSecOps enablement (platform as a product): Turned scattered tooling into paved roads/golden paths - templates, guardrails and self-service pipelines that bake in SAST/SCA/IaC checks, SBOM generation and automated evidence capture for audits. (SonarQube, Trivy, Nexus IQ, OPA/Conftest).
  • GitOps transformation: Standardised Argo CD + Kustomize across dev / staging / prod, with environment overlays and artifact promotion for traceable, repeatable releases. Reduced manual change steps and made rollbacks routine.
  • Kubernetes engineering (sovereign + air-gapped): Built and operate multi-cluster K8s across Azure (dev) and on-prem, disconnected networks (production-like). Hardened to CIS benchmarks, private registries/mirrors, and offline workflows suitable for defence programs.
  • Service mesh & zero-trust: Implemented Istio mTLS, traffic policy and fine-grained auth; enabled safe rollouts (blue/green, canary) and simplified troubleshooting with Kiali/Jaeger.
  • Observability that matters: Deployed Prometheus, Grafana, Loki (+ EFK) with actionable SLOs and runbooks - improving detection and MTTR while keeping operators audit-ready.
  • Supply-chain security & compliance by design: Embedded policy-as-code and vulnerability gates in CI/CD; aligned controls to ASD Essential Eight, ISM, and mapped practices to NIST SSDF / SLSA. High-severity issues are blocked before they reach higher environments.
  • Scale & adoption: Onboarded ~40 microservices to GitOps; coached teams, wrote playbooks, and drove consistent release hardening without slowing delivery.
  
  Tech: DevSecOps; GitOps (Argo CD/ArgoCD, Kustomize); Kubernetes; Istio (service mesh, mTLS); SBOM; SLSA; NIST SSDF / SLSA; OPA (Open Policy Agent)/Conftest; Trivy; Nexus IQ; Prometheus; Grafana; Loki; Jaeger; EFK (Elasticsearch, Fluentd, Kibana); CIS Benchmarks; Zero-trust; Air-gapped; Sovereign hosting; ASD Essential Eight; ISM.

Worked for Centene which provides managed health care services in US. Was heavily involved in migration of EMBARK Application(s) from Centene's local datacentre to AWS, GCP and Azure. As part of this following tasks were completed:

• Directed a team of 5 members based out of Tampa, Florida to design, build & Implement DevSecOps CI/CD pipeline for various AWS(EKS), Azure(AKS) & GKE Workloads
• Designed the AWS, GCP & Azure based CI/CD/CT Architecture for multiple Applications
• Convinced Upper management and Implemented GitOps model using GitLab, Argo CD & Istio Service Mesh in the firm which automated existing deployment activities
• Worked with internal Security, Audit and Compliance team to incorporate various steps in DevSecOps pipelines. This saved 40% more time for entire App deployment lifecycle
• Advised on various in-house App's Refactoring and Migrations to AWS, Azure & GCP which saved a huge time for internal App Teams moving to Cloud
• Developed multiple App specific Terraform Modules for AWS, GCP, Azure and non-Cloud(SaaS) components like Confluent Kafka.
• Mentored/Taught various team members on how to develop standardized Terraform Modules
• Developed & Implemented various Infra as Code - IAC GitLab pipelines to provision AWS, GCP, Azure and non-Cloud(SaaS) components
• Implemented GitLab based Terraform backend mechanism
• Developed & Demonstrated End to End Infra as a Code ecosystem to entire team using Terraform Cloud & Azure DevOps
• Conducted weekly meeting with App Managers & Group Heads, where I advised and helped their teams with the onboarding of their Apps to the DevSecOps solution that I implemented across the firm
• Conducted multiple PoCs and recommended solutions to various architects
• Worked with multiple internal teams to work on various integrations and its testing activities.

Held various internal roles during this long tenure:

• Lead around 30 team members, 5 teams across world during whole tenure with Citi. These were global teams around US(New Jersey & Texas), London, Singapore, Poland(Warsaw) and India(Pune), I lead these teams in different time-zones
• Designed & Implemented Global Deployment Solution across the firm, which automated 75% of manual work that hugely reduced time, resources/manpower etc Involved in App Deployments & eventually has saved millions of $ over the years
• Developed & Implemented a simplified Infra as a Code pipeline for provisioning native cloud services on Public Cloud, this solution is combination of Terraform Templates/Modules + Jenkins Pipeline + Artifactory. Here the Jenkins, Artifactory, Bitbucket etc. were residing in On Premise Citi Data Centre(s) and the target computer workloads were in AWS, GCP and Azure.
• Migrated around 10 Applications from On Premise Citi Data Centre(s) to AWS, GCP & Azure environments. Implemented CI/CD pipelines covering Tools/Services residing in On Premise Citi Data Centre(s) as well as Public Cloud Services in AWS, GCP and Azure.
• Designed & Implemented Kubernetes Operator model in Caching domain for ICG sector Apps. Currently this is being converted to a global model that could be adopted by other sector App Teams, using a combination of Helm App packages + Jenkins pipeline
• Implemented Application Cloud Infrastructure distribution standards using Terraform Workspaces
• Held position of Engineering Product Owner for App Deployment products like Harness, Spinnaker, BMC RLM & BAA, Caching products like Couchbase, Redis etc. Under this position I was responsible for end to end engineering, audit, compliance of all these products used by around 226 internal application inside Citi. Every product release had to go through vigorous Audit and Compliance related to Banking standards which I had to fully manage and deliver.
• Transformed the Middleware strategy for Public Cloud by convincing the senior management to have Phased approach Focus on Public Cloud Native services as Phase 1 & then have Phase 2 with SaaS based similar services to avoid CSP lock-ins & saving future cost in maintenance by having it done by vendors.

• For first two years, worked as contractor(through Comtel) for Citi with role as Technical Architect working for Citi's Architecture and Engineering Group
• Developed solution(single handed) for migrating Applications & its related Configurations across Application Servers
• This tool has been successful in migrating over 200 Apps & its configurations.

• Developed solution to migrate in-house product REVERA from JBoss to WebSphere, successful completion of this led to product adoption by many clients like Japan Airlines and Vietnam Airlines. Was awarded Feather In Cap certificate for this excellent work
• Streamlined in-house product REVERA App structure & developed CLI based solution to setup product from scratch in WebSphere and administer it in higher environments.

• Streamlined & Implemented a new Source Management solution for in-house product iCargo using IBM Clear Case
• Collaborated with ANZ, Auckland Technical team to setup product iCargo in Clustered WebSphere environment
• Was sent offsite to Auckland, NZ for this assignment & got appreciation mails from higher ups of ANZ for Onsite Coordination and Implementation of Project
• Supervised & Mentored small team internally.

• Conceptualized, designed and developed all modules for in-house product iLMS [Integrated Learning Management System]
• Designed and Developed Modules like Digital Library, Personal Scheduler, Real Time Quiz, Message Forum and Employee Appraisal System for in-house product Trans-E
• Implemented integration between in-house product Learning Planet & SAP HR During this phase I went to Kuwait and dealt with client EQUATE directly where I integrated it with SAP HR using SAP JCo & BAPIs
• Lead a team of 3 involving activities like Requirement Analysis, Change implementation/Testing & Client Support.