Maxim Onishenko
devops@maxim.run | +17789840698
maxim.run | linkedin.com/in/maxim-onyshchenko | medium.com/@maximonyshchenko
Summary
I am a dynamic engineer with 6 years of experience, with a knack for identifying and solving problems that others often overlook, and a deep passion for exploring cutting-edge technologies, time-saving tools, and software best practices, all emphasizing simplicity. I leverage AI to expand my tech stack beyond DevOps tooling, transitioning into an end-to-end engineer by developing personal full-stack projects. My drive for efficiency is evident in my dedication to automating processes wherever possible. Beyond my professional pursuits, I am an avid traveler and former professional action/event photographer. I've hitchhiked across continents and circumnavigated the globe, sharing my adventures on my YouTube travel channel with 5,000 subscribers. Additionally, I maintain a tech-focused medium blog to share my insights into the digital world. I know and do programming.
Education
Bachelor's degree - Human Resources Management, Personnel Administration
2011 - 2016
Certifications
- AWS Certified Solutions Architect – Professional - Issued Dec 2022
- AWS Certified DevOps Engineer – Professional - Issued Nov 2022
- CKA: Certified Kubernetes Administrator - The Linux Foundation - Issued Nov 2020 (renewed)
- CKS: Certified Kubernetes Security Specialist - The Linux Foundation - Issued Feb 2022
- Terraform Associate - Hashicorp - Issued Dec 2021 (renewed)
- CCNA - Cisco - Issued Sep 2020
- AWS Certified SysOps Administrator – Associate - Issued Feb 2022
- AWS Certified Solutions Architect – Associate - Issued Oct 2021 - Expires Oct 2024
- Microsoft Certified: Azure Fundamentals - Microsoft - Issued Oct 2023
- JavaScript Advanced - IT Education Academy (ITEA) - Issued Aug 2019
- Python Django dev - IT Education Academy (ITEA) - Issued Mar 2019
- Certified Calico Operator: Level 1 - Tigera - Issued Nov 2022
Experience
Mimecast
Security SaaS with various products for Enterprises
Feb 2024 - Present (4 months)
- Led the planning, curation, and hands-on execution of a complex migration of CI tools for the acquired startup Elevate Security to Mimecast's infrastructure, transitioning 20 projects from CircleCI to Jenkins, GitHub to GitLab and Codespaces to devcontainers while adhering to stringent network security policies and ensuring uninterrupted development.
- Led the adoption of ArgoCD as a deployment tool within a large enterprise, enhancing deployment efficiency and scalability.
- Provided expertise on structuring Terraform for long-term sustainability and adaptability.
- Collaborating with cross-functional teams - especially Network, Security, Build teams, providing them valuable consultations all-together.
- Mentor and guide developers team members to enable self-devops and efficiency.
- Ownership over AWS infrastructure (as a code), CI/CD, Kubernetes (Helm)
Elevate Security (acquired by Mimecast)
Employee-risk management startup
Nov 2022 - Dec 2023 (1 year 2 months)
- Championed the adoption of GitHub Codespaces, overcoming initial resistance from developers, who ultimately embraced the platform for its efficiency and convenience in local environment management.
- Built an internal UI tool from scratch for synchronizing infrastructure, using Flask and React. This frontend for Terragrunt commands significantly reduced weeks of work previously spent on - managing infrastructure stacks.
- Implemented Semantic Versioning and artifact promotion practices, resulting in faster deployments.
- Created a replica of the production environment in the EU region using Terragrunt within just 2 months, a task that had previously challenged other DevOps engineers.
- Advocated for and implemented enhanced logs and alerts quality, a clean Datadog setup with meaningful dashboards expanding beyond developers thought was possible with Datadog. Also I took an initiative to configure APM for a multiprocess python app.
- Led the entire CI/CD process, providing deployment support using CircleCI and ArgoCD, Helm.
- Upgraded Kubernetes from version 1.21 to 2.27 across four clusters within one month, along with numerous Custom Resource Definitions (CRDs), ensuring seamless and timely updates.
- Ensured organizational SOC compliance through the use of Snyk and Vanta for security and compliance monitoring.
- Managed onboarding and offboarding processes, ensuring smooth transitions for team members.
- Extensively worked with Helm, Docker, Terraform, Terragrunt, and Packer for infrastructure automation and management.
- Utilized a variety of languages and packages, including Bash, Python, JavaScript, Boto3, SQLAlchemy, Flask, Alembic, Redux, and React, for diverse development tasks.
- Managed Kubernetes operators such as Traefik, Keda, Cert-manager, Secret-manager, and External- dns, optimizing cluster operations and services.
- Worked with a range of AWS services, including RDS, DynamoDB, S3, SSM, EC2, EKS, IAM, SQS, SNS, Lambda, Route53, VPC, KMS, and Cognito, to build and maintain cloud-native solutions.
- Mentor and guide developers team members to enable self-devops and efficiency.
CodeLaw
Bootstrap Infrastructure for Startups
Jun 2022 - Present
- It is AWS-based platform which can fit any IT company with few adjustments
- I chose widely adopted technologies and integrated them into a bundle which would guarantee a tech dominance to every startup: AWS services (Organization, EKS (ArgoCD, Helmp), IPAM, RDS etc), GitHub (Org, GHA), DataDog(APM, RUM, CI monitoring etc). And declared all configurations into state of the art Terraform Everything-as-a-Code .
- Staying updated with the latest industry trends and advancements.
- Visit a website for more codelaw.pro
- Product management
- Tasks management (2-3 people)
- Tried every Task manager to find the best one; in the end chose Miro and developed my own framework.
- Writing a pitch-deck (before ChatGPT)
SHALB
DevOps-as-a-Service company
Dec 2021 - Jul 2022 (8 months) At SHALB, embraced a dynamic role with a new challenge and skillset every 3 months, delivering tailored DevOps services to partners with diverse toolsets.
- Managed infrastructures across multiple clients, including AWS cloud and on-premise RHEL environments.
- Extensive utilization of Terraform and the in-house tool Cluster.dev for configuring a wide array of AWS-managed services, such as EC2, VPC, EKS, Route-53, CloudFront, API Gateway, Lambda, S3, KMS, SSM, SNS, SQS, IAM, RDS, DynamoDB, ElastiCache, ECS, and ECR.
- Troubleshooting network connections in Kubernetes pods and VPC environments.
- Contributed to the architecture and implementation of a SaaS online payment platform of our client.
- Administered Kubernetes and various Operators within it, including ArgoCD, Prometheus, Grafana, ceph-rook, Loki, Velero, and more, ensuring optimal performance and monitoring.
- Acquired hands-on experience with a broad set of DevOps tools beyond the ones mentioned above, such as standard-version, Terraspace, Checkov, OpsGenie, Packer, CircleCI, Jenkins, TravisCI, and GitLabCI, Loki, Prometheus, Grafana, MiniIO.
Illumin (AcuityAds Inc.)
AdTech
Nov 2020 - Mar 2022 (1 year 5 months)
- Managed Ops tasks across 3 datacenters across North America and Europe, consisting of VMware vSphere virtual machines and physical machines equipped with BMCs from various vendors.
- Provisioned VMs in VMware vSphere manually and with Terraform, ensuring resource optimization.
- Conducted OS installations on hardware via PXE boot using Cobbler CLI and later MaaS, prepared hard drives for HDFS, configured LVM, IP addresses, network interface teaming, firewall, NTP, and DNS on VMs manually and with automation tools such as Ansible and Bash scripts.
- Played a pivotal role in the DevOps transformation and automation efforts, streamlining processes and enhancing efficiency.
- Migrated fronted and backend workloads from Docker-compose to Kubernetes, and wrote Helm charts.
- Fully automated the environment setup process, integrating and chaining these tools into pipeline: Packer, Terraform, Windows DNS, Octopus Deploy, Ansible, Kubernetes, and Haproxy, reducing the provisioning time for a new QA environment from 10 months to just 2 hours.
- Pioneered the partial automation of the initial setup and inventory process of physical hosts using ipmitool and Bash scripting.
- Participated in implementing a complex Hadoop-in-Kubernetes setup.
- Assisted in the regional migration of hardware, involving extensive work with the aforementioned technologies.
- Participated in migration from CentOS to Ubuntu.
- Administered Windows AD, DHCP, DNS servers, NFS, Nexus, Haproxy, AzureAD, and Okta.
- Implemented HashiCorp Boundary for human-to-machine authentication, along with Vault and Consul for secrets management and service discovery.
- Introduced Kubernetes SSO authentication, Rook CEPH storage for Kubernetes volumes
- Introduced ArgoCD, and Octopus Deploy for continuous deployment and release management deprecating the previous Bamboo tool.
- Provided deployment support and participated in on-call activities (Pager Duty), ensuring smooth operation and rapid issue resolution.
- Participate in incident response, post-incident root cause analysis.
Ministry of Finance of Ukraine
A fraud detection platform
Mar 2020 - Nov 2020 (9 months)
- Administered over 100 CentOS virtual hosts in a highly secure private network, overcoming network limitations by learning to build SSH tunnels and HTTP proxies for effective remote access.
- Supported a large-scale, in-house-built data analytics platform with a complex technical debt and limited documentation, utilizing technologies such as Apache Mesos, Marathon, Docker, Zookeeper, Kafka, Nifi, Nginx, SAP DBs, Mongo, relational databases, Harbor, Nexus, Prometheus, Grafana, Zabbix and GitLab Enterprise.
- As the sole DevOps engineer on a challenging project, I successfully optimized infrastructure using technologies that were entirely new to me, without any external support.
- Implemented comprehensive Zabbix monitoring, including alerts, dynamic host discovery, and a custom Nginx monitoring script in Python, while also upgrading to the latest Zabbix version.
- Established robust logging practices with the ELK stack (ElasticSearch), including updating the stack to the latest version with high availability, standardizing log formats, creating custom dashboards, and configuring index rotation.
- Restored functionality to broken Grafana dashboards, enhancing data visualization and monitoring. Significantly reduced downtimes and recovery times through proactive infrastructure management.
- Developed and maintained over 20 CI/CD pipelines, streamlining deployment processes and ensuring continuous integration and delivery.
- Automated numerous system administration tasks using Ansible, improving efficiency and consistency across operations.
- Recognized for outstanding performance and dedication with a promotion after just one month of employment.
AM-BITS LLC
IT Solutions company - Big Data, AI, ML і IoT on premises
Oct 2019 - Feb 2020 (5 months)
- Provided L1-L3 technical support on an on-call basis, ensuring timely resolution of complex technical issues.
- Gained initial exposure to Apache Hadoop components, Cloudera, AWS, VMware vSphere, and Ansible, expanding my skill set in data management and cloud computing.
- Authored technical documentation for IT commercial proposals, articulating complex solutions in a clear and concise manner.
- Expanded my knowledge in IT beyond the LAMP stack and JavaScript, exploring new computational technologies.
Darwin Global Partners
A local market leader in Search Engine Optimization.
Jul 2018 - Oct 2019 (1 year 4 months)
- Deployed local copies of e-commerce websites on LAMP stack environments for development and testing purposes.
- Modified PHP code to meet SEO requirements, enhancing website visibility in Google search results.
- Integrated the in-house built SEO plugin, SEO Shield, to optimize website performance.
- Implemented frontend modifications according to client specifications, including pagination, breadcrumbs, metadata, headers, and tags using HTML, CSS, and JavaScript.
- Gained hands-on experience with various CMS platforms, including WordPress, Magento, Bitrix, Joomla and Drupal.
- Utilized tools and technologies such as Git, SFTP, SSH, Screaming Frog, jQuery, and vanilla JavaScript.
- Operated within a classic Scrum framework, ensuring agile project management and timely delivery of tasks.