Anton Kozheltsev

Anton Kozheltsev, Senior DevOps & Systems Engineer | Cloud (GCP, AWS), Kubernetes, GitOps, CI/CD, Terraform

mrak.san@gmail.com | +380638969600 | Dnipro, UA

LinkedIn: https://www.linkedin.com/in/anton-kozheltsev-8a786b3a/

SUMMARY

Results-driven Systems and DevOps Engineer with 13+ years of experience in IT infrastructure, including 6+ years specializing in cloud-native DevOps, Kubernetes orchestration, and CI/CD automation. Expert in building secure, scalable infrastructures on GCP and AWS, driving Infrastructure as Code with Terraform/Terragrunt and managing advanced observability platforms. Strong advocate of GitOps (Flux, Argo CD), Vault-based secrets management, and Zero Trust architectures. Proven track record supporting high-load, multi-language development teams and ensuring reliable, reproducible environments. Holds a Specialist (Master's equivalent) degree in Computer Systems and Networks.

EDUCATION

Dnipropetrovs'kij Nacional'nij Universitet 2007-09 — 2011-06

Bachelor - Computer Systems and Networks

Dnipropetrovs'kij Nacional'nij Universitet 2011-09 — 2012-06

Specialist (Master's equivalent) - Computer Systems and Networks

SKILLS

Cloud Platforms (Expert): GCP (GKE, GCS, Filestore, Cloud SQL, Artifact Registry, Functions, Run, Monitoring, IAM), AWS (EC2, S3, EBS, RDS, IAM, CloudWatch), Azure (ARM, Terraform, Site Recovery)

Kubernetes & Containers (Expert): GKE, EKS, Kubernetes on VMs, Helm, Kustomize, StatefulSets, affinity/taints/PDBs, Gateway API, cert-manager, CSI (GCS Fuse, Filestore), Istio

GitOps & IaC (Expert): Flux, Argo CD, Terraform, Terragrunt, Ansible, AWS CDK (Python, TypeScript), CloudFormation (base), tfsec, Checkov

CI/CD (Expert): Jenkins (JCasC, scripted, shared libraries), GitLab CI, secure Docker pipelines, SBOM, cosign signing, SAST/DAST integration

Secrets & Security (Expert): Vault, sealed-secrets, SOPS, OAuth2, JWT, Microsoft Graph, Entra ID, Zero Trust, workload identity federation

Monitoring & Logging (Advanced): Prometheus, Alertmanager, Grafana, Loki, Fluentbit, ELK/EFK, Zabbix, GCP Monitoring, AWS CloudWatch, Datadog, Panda

Networking & VoIP (Advanced): VPC, VPNs (IPsec, OpenVPN), security groups, load balancers, Nginx, HAProxy, DNS, DHCP, iptables, Asterisk, Freeswitch, Elastix, Oktell

Databases & Streaming (Advanced): PostgreSQL (JSONB, anonymization), MySQL, Oracle, Cloud SQL, Kafka (SASL_SSL, GSSAPI, Connect), Redis

Programming & Scripting (Intermediate): Python, Bash, TypeScript (AWS CDK), Groovy (Jenkins), YAML/JSON templating

Virtualization (Advanced): VMware vSphere ESXi, Hyper-V, KVM, Xen, LXC

EXPERIENCE

EPAM Systems | Key Engineer / DevOps Engineer / Infrastructure Engineer 2023-07 — Present

Managed multiple Kubernetes clusters on GKE with Flux GitOps, advanced Helm/Kustomize, infrastructure with Terraform & Ansible, designed multi-env CI/CD with Jenkins & GitLab CI, implemented Vault for PKI & dynamic secrets with workload identities. Developed observability stack (Prometheus, Grafana, Loki, Fluentbit, ELK, Zabbix, GCP Monitoring). Supported developer teams in Java, Gradle, Python, Node.js, Next.js, Angular, Go.

Stack & Tools: GKE, Terraform, Terragrunt, Helm, Kustomize, Vault, Jenkins, GitLab CI, Prometheus, Grafana, Loki, Fluentbit, ELK, Zabbix, GCP Monitoring, Cloud SQL, Artifact Registry, PostgreSQL, Kafka, OAuth2.0, Python, Bash, TypeScript, tfsec, Checkov.

EPAM Systems (NDA – Digital Transformation Platform) | Infrastructure Engineer 2023-04 — 2023-07

Managed Kubernetes clusters on DigitalOcean, implemented GitOps with Argo CD & Helm, automated infrastructure with Terraform & Ansible. Managed DNS & security with Cloudflare, used Vault, sealed-secrets & SOPS for compliance. Supported multi-platform builds (Node.js, Python, Java, C#, Android, iOS).

Stack & Tools: DigitalOcean, Kubernetes, Helm, Argo CD, Terraform, Ansible, Vault, SOPS, sealed-secrets, GitLab CI, Cloudflare, PostgreSQL, MySQL, MongoDB, Docker, Python, Bash.

EPAM Systems (NDA – Healthcare / Genomics Platform) | Infrastructure Engineer 2022-05 — 2023-01

Managed AWS Kubernetes (EKS, Kops), developed Terraform modules for EC2, S3, EBS, RDS, IAM, ECR, Route53. Automated CI/CD with Jenkins, integrated Vault for dynamic secrets/PKI, deployed Istio mTLS service mesh, observability with Prometheus, Grafana, Loki, Fluentbit & AWS CloudWatch.

Stack & Tools: AWS (EC2, S3, EBS, RDS, ECR, IAM, CloudWatch), EKS, Kops, Terraform, Jenkins, Vault, Helm, Istio, Prometheus, Grafana, Loki, Fluentbit, Kafka, PostgreSQL, Bash, Python.

OTP Bank (via EPAM) | Cloud Engineer 2022-03 — 2022-04

Discovery & planning to migrate VMware workloads to Azure, designed DR strategy with Azure Site Recovery and documented migration runbooks.

Stack & Tools: Azure Site Recovery, VMware vSphere ESXi, Oracle, Postman, Bash, Windows & Linux VMs.

Honda North America (via EPAM) | Build & Infrastructure Engineer 2021-11 — 2022-01

Managed multi-cloud migration from Azure to AWS, designed DNS-based failover, deployed Kubernetes on AWS with Rancher/RKE via Terraform. Configured OpenVPN + LDAP, integrated Gitea with Jenkins CI/CD.

Stack & Tools: AWS, Azure, Rancher, RKE, Terraform, Jenkins (Shared Libraries), Gitea, OpenVPN, LDAP, Bash, Groovy.

Ahold Delhaize (via EPAM) | SRE Engineer 2021-07 — 2021-09

Provisioned Azure infra with ARM & Ansible, built CI/CD workflows in Azure DevOps, provided architecture guidance, integrated observability.

Stack & Tools: Azure, Azure DevOps, ARM Templates, Ansible, AKS, Bash, Python.

EPAM Internal Platforms (SolutionsHub, OSM) | Systems Engineer 2020-04 — 2021-05

Automated AWS infra with CDK, Lambda, CloudFront, integrated JWT-secured APIs, optimized ElasticSearch costs, deployed Prometheus, Grafana, ELK, Jenkins, GitLab CI.

Stack & Tools: AWS CDK, Lambda, CloudFront, Jenkins, GitLab CI, ELK, Prometheus, Grafana, JWT, Ansible, Bash, Python.

BaDM & Apteka Info | Linux & VoIP System Administrator 2010-01 — 2019-12

Managed large-scale Linux (RHEL, Debian) & FreeBSD, VMware vSphere, IPsec/OpenVPN, VoIP (Asterisk, Oktell, Freeswitch), CI/CD via GitLab CI, monitoring with Zabbix & Graylog. Supported apteka24.ua e-commerce, optimized MySQL/MS SQL, integrated CRM & VoIP with automation via APIs, Python, Bash.

Stack & Tools: Linux (RHEL, Debian), FreeBSD, VMware, Veam, GitLab CI, Zabbix, Graylog, Asterisk, Oktell, FreePBX, Freeswitch, BitrixVM, Nginx, MySQL, Oracle, MS SQL, Bash, Python, JSON, XML, SVN, iptables, IPsec, OpenVPN, Extreme Networks VX9000.

LANGUAGES

English (B1+) , Russian (Native) , Ukrainian (Native)

INTERESTS

Cloud & DevOps Automation , Open Source Projects , Metall Music , Hiking , Bicycle , Board Games