Summary
Overview
Work History
Education
Skills
Projects
Other Experiences
Timeline
Generic

Karthik Shekar

Melbourne

Summary

Cloud Engineering and DevOps leader with 15+ years of experience architecting scalable, secure, and cost-efficient cloud solutions across AWS, Azure, and GCP. Proven expertise in full-scale cloud migrations, platform engineering, CI/CD automation, and security best practices. Adept at driving operational excellence through infrastructure as code, observability, and proactive incident management to ensure high availability and
optimized performance.

Overview

2
2
years of professional experience

Work History

Senior Cloud DevOps Engineer

Commonwealth Bank of Australia, CBA
07.2024 - Current
  • Delivered hardened SOE images through automated CI/CD pipelines. Applied CIS security benchmarks via Ansible and standardized AMIs using GitHub, CloudFormation, and EC2 Image Builder.
  • Designed and implemented an automated notification system for new AMI releases.
  • Used AWS Lambda, EventBridge, SNS, and CloudFormation to ensure timely alerts and seamless workflow integration.
  • Migrated CI/CD pipeline for image build and release from Jenkins and Packer to GitHub Actions.
  • Created GitHub Actions workflow files to automate AMI build, security hardening, and distribution.
  • Used reusable workflows, environment variables, and conditional job execution for efficient pipeline management.
  • Built OCI-compliant Docker images, incorporating security hardening as per banking group standards to ensure compliance and mitigate
    vulnerabilities.
  • Collaborated with AWS Technical Account Managers (TAMs) to identify services nearing end-of-life support, including Lambda runtime
    deprecation and IMDv1 to IMDv2 migrations, ensuring seamless transitions and security compliance.
  • Enhanced logging and observability of component builds within SOE image creation using EC2 Image Builder, improving debugging,
    traceability, and operational insights.
  • Built OCI-compliant Docker images and assisted application teams in integrating them within EKS clusters, ensuring security, standardization,
    and operational efficiency.
  • Worked on creating Resource Control Policies (RCP) to manage access for commonly used AWS services such as S3 and KMS, enforcing security
    best practices and compliance.
  • Created and maintained documentation for processes and knowledge bases using Confluence to ensure seamless knowledge sharing and
    operational efficiency.
  • Deployed Prometheus and Node Exporter agents as part of SOE images to ensure system metrics collection.
  • Assisted application teams in integrating Prometheus monitoring and verifying that instances report data correctly to Grafana dashboards.
  • Automated deployment process using Azure DevOps by creating CI/CD pipeline files for seamless application deployment.
  • Deployed applications on Azure Kubernetes Service (AKS) ensuring scalability, reliability, and efficient resource utilization.

Systems Engineer (Cloud and DevOps)

Endeavor Group
12.2022 - 07.2024
  • Streamlined AWS accounts acquired from a retail business by reviewing the AWS environment and implementing best practices.
  • Designed and deployed AWS Organizations setup, segregating workloads into production, non-production, and development environments.
  • Established a secure and scalable AWS Landing Zone using AWS Control Tower to enforce governance and security policies.
  • Developed an AWS Service Catalog to standardize and automate the provisioning of commonly used services across application teams.
  • Implemented AWS Instance Scheduler to automate start/stop schedules for EC2 instances, reducing operational costs and optimizing resource
    utilization.
  • Migrated business and retail applications from an on-premises environment to AWS, ensuring scalability and high availability.
  • Used AWS Account Factory to provision new AWS accounts for application teams, streamlining governance and management.
  • Created infrastructure stacks using CloudFormation and Terraform to standardize deployments across environments.
  • Set up CI/CD pipelines using AWS CodePipeline to automate infrastructure provisioning and deployments.
  • Developed application deployment pipelines to automate release management for business and retail applications.
  • Designed and created EKS clusters for commonly used services across the organization, including GitHub runners and Jenkins, ensuring
    scalability and efficient resource utilization.
  • Set up a monitoring and observability stack after application migration to AWS using AWS Control Tower log aggregator accounts.
  • Configured contextual-based alerts using Prometheus, Grafana, CloudWatch Logs, CloudTrail logs, and SNS to enhance security monitoring and
    operational visibility.
  • Identified underutilized or idle resources and implemented right-sizing recommendations for EC2, RDS, and EKS workloads.
    • Leveraged Cloudability anomaly detection to proactively monitor unexpected cost spikes and prevent budget overruns.
    • Integrated Cloudability with AWS Budgets and Cost Explorer to enforce spending limits and optimize reserved instance purchases.Worked with
    application teams to implement auto-scaling strategies and spot instance adoption for cost-efficient workloads.

Education

Bachelor of Commerce - IT And Commerce

Bangalore University
Bangalore, India
12-2009

Skills

  • AWS and Azure
  • Linux (Redhat/Ubuntu/SUSE/OEL)
  • Ansible
  • CloudFormation/Terraform
  • Kubernetes, Redhat OpenShift, EKS, AKS, GKE
  • Docker, Helm, Kustomize
  • Prometheus Grafana, Dynatrace, ELK
  • Cloud Migration, Cloud Governance and Security
  • DevOps, CICD, GitHub Actions, Jenkins, AWS CodePipeline

Projects

Organization-Wide RCP Policy Implementation for S3 Security

Commonwealth Bank of Australia (2025)

Implemented Resource Control Policies (RCP) across the organization to enforce secure access controls for Amazon S3. Ensured compliance with
security best practices by restricting unauthorized access and enforcing encryption standards.
• Configured RCP policies to whitelist approved S3 buckets and prevent unauthorized access from external principals.
• Enforced TLS 3.0 for secure S3 access, ensuring encrypted data transmission and compliance with enterprise security guidelines.
• Automated policy deployment and validation using Infrastructure as Code (IaC) tools to maintain consistent enforcement across accounts.


EKS Cluster Upgrade and Lifecycle Management
Commonwealth Bank Of Australia (2025)

Led the upgrade of Amazon EKS clusters from version 1.24 to ensure continued support and security compliance. Minimized downtime and
ensured a seamless transition while following AWS best practices for cluster upgrades.
• Assessed workload compatibility and planned a phased upgrade strategy to prevent service disruptions.
• Automated upgrade processes using Github Actions, Terraform and implemented post-upgrade validation to ensure cluster stability.
• Utilized Helm and Kustomize for managing and deploying Kubernetes manifests, ensuring consistent and efficient application rollouts.
• Validated cluster networking, IAM roles, and application compatibility post-upgrade to ensure seamless functionality.


Automated AMI Release Notification System
Commonwealth Bank of Australia (2024)

Developed an event-driven notification system for new AMI releases using AWS Lambda, EventBridge, SNS, and CloudFormation. Ensured real-time
alerts and seamless integration with existing workflows, improving operational efficiency and reducing deployment delays.
• Reduced manual intervention by 80%, accelerating the AMI deployment process.
• Enhanced visibility into AMI lifecycle events, enabling proactive application team responses.


Organization-Wide SCP Policy Management as Code
Endeavour Group (2022 - 2023)

Designed and implemented a structured approach to managing AWS Service Control Policies (SCPs) across the organization. Integrated policies
into GitHub and automated enforcement using GitHub Actions, ensuring version control, auditability, and compliance.
• Established Infrastructure as Code (IaC) best practices for policy management, improving governance and security.
• Enabled automated policy validation and deployment, reducing misconfigurations and enforcement gaps.


Production Monitoring and Observability Stack Deployment

Endeavour Group (2022 - 2023)

Designed and implemented a comprehensive monitoring and observability stack for production environments using Prometheus, Grafana, and
Dynatrace. Ensured real-time insights into infrastructure and application performance, improving system reliability and incident response.
• Established proactive monitoring with Prometheus and Grafana, enhancing visibility into key system metrics.
• Integrated Dynatrace for advanced application performance monitoring and automated anomaly detection.

Other Experiences

Specialist Systems Engineer

Commonwealth Bank of Australia (Jan 2022 - December 2022) - Contract


Cloud DevOps Engineer

AMP (October 2020 - October 2021) - Contract


Site Reliability Engineer 

MasterCard (April 2020 - October 2020) - Contract


Cloud Engineer

Amazon Web Services ( December 2016 - April 2020) 

Timeline

Senior Cloud DevOps Engineer

Commonwealth Bank of Australia, CBA
07.2024 - Current

Systems Engineer (Cloud and DevOps)

Endeavor Group
12.2022 - 07.2024

Bachelor of Commerce - IT And Commerce

Bangalore University
Karthik Shekar