About

Learn more about me

DevOps Engineer

  • Website: www.mohamadsoufi.ir
  • Phone: +989125332802
  • City: Tehran, Iran

Senior DevOps Engineer with 8 years in large, high availability environments. Expert in Kubernetes platform design (kubeadm/kubespray), GitOps/CI/CD, observability, and secure cluster operations. Built air gapped and GPU enabled platforms (NVIDIA GPU Operator, H100) and delivered reliable pipelines for Java/Golang/Python/Node.js/Angular and LLM / AI workloads. Strong focus on DevSecOps and automation with Terraform, Ansible, GitLab CI and GitHub Actions, Docker.

Happy Clients

Projects

Hours Of Support

Awards

Skills

Containerization 90%
Prometheus & Grafana80%
ArgoCD 80%
Terraform 80%
Helm 80%
AWS 70%
Kubernetes 90%
Docker80%
LINUX (LPIC 1 - LPIC 2) 80%
Gitlab 80%
ZABBIX 60%
Ansible 70%
CI/CD 90%

Interests

Ansible

Kubernetes

Bash Scripting

Open Source

Docker

Red Hat bases

Debian Bases

Centos

Ubuntu

Routing & Switching

Data Centers

Virtualization

Resume

Check My Resume

Professional Experience

DevOps Engineer

Duration: Jan 2026 – Present

Next Top Tech

Senior DevOps Engineer

Duration: Jun 2025 – Nov 2025

Yarai

  • Engineered Kubernetes HA clusters (Kubespray, HAProxy, Keepalived) with ~99.95% uptime.
  • Operated and optimized GPU workloads (NVIDIA H100 with GPU Operator), cutting model runtime by ~40%.
  • Delivered end-to-end GitOps pipelines (GitLab CI, Helm, Argo CD, RBAC), reducing lead time by ~60%.
  • Productionized LLM serving with KServe + vLLM and delivered secure model endpoints via Istio (mTLS, traffic routing) powering GenAI apps (OpenWebUI, Flux, ComfyUI, Whisper, Ollama, pyTTS, pySTT).
  • Integrated Harbor/Nexus, Longhorn, and kube-prometheus-stack to improve artifact, storage, and monitoring coverage.
  • Streamlined TLS management with cert-manager + DNS webhooks (Cloudflare, Arvan); enforced least privilege via PodSecurityContext and Trivy scanning.

    DevOps Engineer

    Duration: Jun 2023 – Jul 2024

    Dotin - Core Banking

  • Operated Kubernetes clusters for core-banking (kubeadm/Kubespray) and standardized CI/CD using GitLab, Jenkins, and Nexus (~95% pipeline success).
  • Provisioned Ceph RBD/CephFS (20+ TB) for dynamic storage to support stateful services with 99.9%+ availability.
  • Rolled out NGINX + Keepalived VIPs for edge load balancing and fast failover (<1 minute).
  • Established observability (Prometheus/Alertmanager/Grafana, Zabbix, ELK), cutting detection latency by ~50% and reducing MTTR by ~35%.
  • Enabled HPA & Autoscaling ActiveMQ Consumer on Kubernetes with KEDA,Orchestrated automation for 5,000+ Linux/Windows servers using Ansible + shell; dockerized internal applications and standardized Dockerfiles, shortening release cycles by ~30%.

    Professional Experience

    Senior DevOps Engineer

    Duration: Jul 2024 – Jan 2026

    RasadCo

    • Operated air-gapped Kubernetes clusters (kubeadm/Kubespray), managing multi-stage upgrades and scaling node capacity.
    • Established GitOps delivery (GitLab CI + Argo CD), migrating 50+ services from legacy workflows and improving reliability by ~70%.
    • Designed HA/DR practices for etcd and control plane, sustaining ~99.9% production uptime.
    • Provisioned AWS EKS platform automation (VPC, IAM, ALB, EC2, S3, ExternalDNS, cert-manager; Istio/Gateway API/Flagger) via Terraform and Ansible, reducing provisioning time by ~60%.
    • Dockerized applications and standardized Docker images (Go, Node.js) with probes and HPA-ready configs, reducing overprovisioning by ~25%.
    • Integrated observability and registries (Prometheus/Grafana, Nexus, Harbor) and added CI/CD security gates (Trivy; optional SonarQube), reducing deployment failures by ~30%.
    • Rolled out Istio with namespace-level mTLS and HTTP routing for internal services, improving security and traffic control.

    DevOps Consultant

    Duration: Sep 2018 – Present

    Ipec

    • Architected Kubernetes HA clusters (kubeadm, HAProxy, Keepalived), ensuring ~99.9% uptime for oil-industry workloads.
    • Introduced GitOps (GitLab + Helm), cutting deployment downtime by ~50%.
    • Migrated Kubernetes networking from Calico to Cilium (eBPF), improving network visibility and policy management.
    • Streamlined infrastructure provisioning and server initialization with Ansible, boosting efficiency by ~70%.
    • Expanded ESXi/vCenter virtualization and implemented Veeam backups.
    • Managed IIS, Tomcat, and NGINX reverse proxies; delivered Kubernetes ingress via NGINX Ingress Controller (replacing Istio where appropriate); automated MySQL/PostgreSQL backups with Ansible.
    • Migrated file services to Active Directory + DFS, reducing access delays by ~30%; managed MikroTik routing, tunneling, and traffic shaping.

    Certificate

    My Certs

    • All

    Contact

    Contact Me

    My Address

    Social Profiles

    Email Me

    [email protected]

    Call Me

    +98-9125332802

    Loading
    Your message has been sent. Thank you!
    © mohamadsoufi.ir.