Cloud Engineering and DevOps leader with 15+ years of experience architecting scalable, secure, and cost-efficient cloud solutions across AWS, Azure, and GCP. Proven expertise in full-scale cloud migrations, platform engineering, CI/CD automation, and security best practices. Adept at driving operational excellence through infrastructure as code, observability, and proactive incident management to ensure high availability and
optimized performance.
Organization-Wide RCP Policy Implementation for S3 Security
Commonwealth Bank of Australia (2025)
Implemented Resource Control Policies (RCP) across the organization to enforce secure access controls for Amazon S3. Ensured compliance with
security best practices by restricting unauthorized access and enforcing encryption standards.
• Configured RCP policies to whitelist approved S3 buckets and prevent unauthorized access from external principals.
• Enforced TLS 3.0 for secure S3 access, ensuring encrypted data transmission and compliance with enterprise security guidelines.
• Automated policy deployment and validation using Infrastructure as Code (IaC) tools to maintain consistent enforcement across accounts.
EKS Cluster Upgrade and Lifecycle Management
Commonwealth Bank Of Australia (2025)
Led the upgrade of Amazon EKS clusters from version 1.24 to ensure continued support and security compliance. Minimized downtime and
ensured a seamless transition while following AWS best practices for cluster upgrades.
• Assessed workload compatibility and planned a phased upgrade strategy to prevent service disruptions.
• Automated upgrade processes using Github Actions, Terraform and implemented post-upgrade validation to ensure cluster stability.
• Utilized Helm and Kustomize for managing and deploying Kubernetes manifests, ensuring consistent and efficient application rollouts.
• Validated cluster networking, IAM roles, and application compatibility post-upgrade to ensure seamless functionality.
Automated AMI Release Notification System
Commonwealth Bank of Australia (2024)
Developed an event-driven notification system for new AMI releases using AWS Lambda, EventBridge, SNS, and CloudFormation. Ensured real-time
alerts and seamless integration with existing workflows, improving operational efficiency and reducing deployment delays.
• Reduced manual intervention by 80%, accelerating the AMI deployment process.
• Enhanced visibility into AMI lifecycle events, enabling proactive application team responses.
Organization-Wide SCP Policy Management as Code
Endeavour Group (2022 - 2023)
Designed and implemented a structured approach to managing AWS Service Control Policies (SCPs) across the organization. Integrated policies
into GitHub and automated enforcement using GitHub Actions, ensuring version control, auditability, and compliance.
• Established Infrastructure as Code (IaC) best practices for policy management, improving governance and security.
• Enabled automated policy validation and deployment, reducing misconfigurations and enforcement gaps.
Production Monitoring and Observability Stack Deployment
Endeavour Group (2022 - 2023)
Designed and implemented a comprehensive monitoring and observability stack for production environments using Prometheus, Grafana, and
Dynatrace. Ensured real-time insights into infrastructure and application performance, improving system reliability and incident response.
• Established proactive monitoring with Prometheus and Grafana, enhancing visibility into key system metrics.
• Integrated Dynatrace for advanced application performance monitoring and automated anomaly detection.
Specialist Systems Engineer
Commonwealth Bank of Australia (Jan 2022 - December 2022) - Contract
Cloud DevOps Engineer
AMP (October 2020 - October 2021) - Contract
Site Reliability Engineer
MasterCard (April 2020 - October 2020) - Contract
Cloud Engineer
Amazon Web Services ( December 2016 - April 2020)