Vimal Paliwal
Verified Expert in Engineering
DevSecOps Engineer and Software Developer
Vim is a DevSecOps practitioner with over seven years of professional experience. Over the years, he has architected and implemented full-fledged solutions for clients using AWS, Kubernetes, Terraform, Python, Shell, Prometheus, and more, keeping security as an utmost priority. Additionally, as an AWS Authorized Instructor, Vim has trained people from startups to Fortune companies for over two years.
Portfolio
Experience
Availability
Preferred Environment
Terraform, Amazon Web Services (AWS), Kubernetes, CI/CD Pipelines, Helm
The most amazing...
...thing I've done is independently build a payment portal surrounded by a suite of services and see client payments going through.
Work Experience
Principal Engineer
McKinsey & Company
- Established the cloud infrastructure on AWS single-handedly from the ground up for a single-tenant application, demonstrating strong technical expertise in cloud architecture, security implementation, and performance optimization in the initial stage.
- Developed and implemented Infrastructure as Code (IaC) practices in Terraform, streamlining the provisioning and management of cloud resources in multiple regions.
- Provided technical leadership and mentorship to junior team members upon their onboarding and regular training sessions, enabling them to contribute effectively to projects.
- Implemented DevSecOps practices by integrating tools such as Checkov, Semgrep, and Trivy.
- Led the implementation of foreign data wrapper and migration to Graviton, reducing database cost around 70%.
DevOps Engineer
Modus Create
- Migrated EKS clusters singlehandedly to the latest available version for stage and production environment with zero downtime.
- Wrote shell and Python scripts for GitLab CI/CD to maintain a dynamic development environment.
- Carried out a cost analysis and reduced the monthly AWS bill by nearly 40% by introducing Spot instances for the dev environment and downsizing underutilized ElastiCache and Aurora clusters.
- Implemented an RDS Proxy with IAM authentication to securely and efficiently manage database connections.
- Replaced instance-level IAM roles with pod level using K8s ServiceAccount to achieve least privilege access.
- Hardened all EKS nodes by introducing CIS Level 1 AMI.
- Automated security patch on EKS nodes every weekend via AWS Systems Manager.
- Implemented Prometheus and Grafana for K8s monitoring using Helm charts.
- Set up site-to-site VPN connectivity for seamless on-prem connectivity.
DevOps Engineer
Pricemoov SaaS
- Improved the existing CI/CD pipeline to include the deployment of Lambda@Edge function using SLS framework and updated CloudFront with the latest deployed version.
- Implemented RabbitMQ broker for Celery workers via Helm Chart.
- Separated the Celery worker and Redis container from the back-end app container on K8s.
Cloud Lead
Coditas
- Automated the infrastructure deployment of a centralized logging framework, which includes Kinesis Firehose, S3, SQS, SNS, ELK, API Gateway, and Lambda using Terraform.
- Wrote custom RBAC roles for limiting user access to the Kubernetes cluster.
- Used Jira to keep track of issues/tasks along with time logging.
- Implemented a host monitoring solution using Sensu Core and Grafana.
- Automated the code deployment to EC2 instances using Jenkins Pipeline script in combination with AWS CodeDeploy.
- Handled the infrastructure and code deployment automation of a serverless application involving S3, CloudFront, Lambda, API Gateway, DynamoDB, and more using Terraform and GitLab CI/CD.
Founder
Ezstrax
- Built a payment gateway surrounded with a suite of services such as invoicing, form creation, or multi-cart options.
- Used Terraform to automate the infrastructure and AWS CodeBuild and CodeDeploy for the CI/CD pipeline.
- Guided infrastructure to pass its ASV scan in the very first run.
Experience
AWS IAM Key Rotator
http://github.com/skildops/aws-iam-key-rotatorTerrablocks
http://github.com/terrablocksSecureaws
http://github.com/paliwalvimal/secureawsServices covered include:
• CloudTrail
• Config
• Root MFA
• VPC flow logs
• Strong password policy
• Macie
• Guard duty
• S3 SSE encryption
• EBS encryption
Payment Gateway
Skills
Tools
Terraform, Amazon EKS, Jenkins, Shell, Amazon Elastic Container Service (Amazon ECS), Helm, AWS IAM, Amazon Simple Email Service (SES), Amazon CloudWatch, GitLab CI/CD, Git, AWS Key Management Service (KMS), Amazon CloudFront CDN, CircleCI
Paradigms
DevOps
Platforms
Amazon Web Services (AWS), AWS Lambda, Kubernetes, Docker, Linux
Other
CI/CD Pipelines, Infrastructure as Code (IaC), Cloud Infrastructure, AWS DevOps, Amazon API Gateway, Amazon RDS, AWS Certified Solution Architect, Shell Scripting, Scripting, Amazon CloudHSM, Web Application Firewall (WAF), SFTP
Languages
Bash, Python
Storage
Amazon DynamoDB
Education
Master's Degree in Computer & Network Security
Middlesex University - London, UK
Bachelor's Degree in Computer Applications
MITSOM College - Pune, India
Certifications
Certified Kubernetes Administrator
CNCF
AWS Authorized Instructor - Champion
Amazon Web Services
AWS Certified Solution Architect – Professional
Amazon Web Services
AWS Certified Security – Specialty
Amazon Web Services
AWS Certified Developer – Associate
Amazon Web Services
AWS Certified SysOps Administrator – Associate
Amazon Web Services
AWS Certified Solution Architect – Associate
Amazon Web Services
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring