Platform Automation & Self-Service Engineering
- Architected a comprehensive JSON-based PR-driven self-service platform eliminating manual onboarding — teams submit structured JSON files for GitHub repo creation, Azure VNET/subnet provisioning, and RBAC assignments via automated GitHub Actions workflows.
- Built AI-powered auto-responder using Azure Logic Apps integrated with Atlassian Confluence to handle first-level technical support for 20+ development and QA teams across Azure platform, networking, CICD, and IaC topics.
- Designed automated notification system via MS Teams webhooks for SSL certificate expiry, Azure AD App Registration/Service Principal key expiry, and cost optimization recommendations.
- Developed configuration drift detection workflows monitoring UAT, staging, and production environments — automatically alerting teams with details of out-of-band changes.
- Implemented centralized Bicep template module library enabling self-service IaC development while reducing platform team dependency.
Cost Optimization — 40%+ Azure Subscription Cost Reduction (18 months)
- Phase 1: Identified and decommissioned stale/orphaned Azure resources across all subscriptions as immediate quick wins.
- Phase 2: Conducted working sessions with 20+ project module teams to map workload flows, deliver right-sizing recommendations, and implement auto-scale strategies.
- Phase 3: Implemented scheduled monitoring workflows with automated over/under-utilization reports and estimated monthly savings.
- Phase 4: Deployed weekend scale-down automation for non-production environments — scaling down SQL Elastic Pools and other resources on weekends with auto scale-up every Monday.
- Remediated security permission sprawl across all teams, implementing least-privilege RBAC to reduce cost exposure.
Security Governance & Azure Policy Implementation
- Designed and enforced Azure Subscription-level Policy framework blocking non-compliant deployments, including prohibition of public IPs on Container Apps, SQL Servers, and all PaaS resources.
- Led phased security hardening rollout from development through to production without disrupting delivery timelines.
- Replaced NAT Gateway-based outbound connectivity with Azure Firewall-based solution, implementing JSON-structured allow-lists for network endpoints per VNET CIDR.
- Implemented RBAC access governance via JSON PR-based workflow enforcing minimum-privilege access for AD Groups, users, Service Principals, and Managed Identities.
Platform Modernization & DevOps Transformation
- Led end-to-end migration from Azure DevOps to GitHub repositories and GitHub Actions, redesigning pipeline architecture with new branching strategies and reusable composite actions.
- Created comprehensive Atlassian Confluence documentation covering all application modules, infrastructure components, architectural guidelines, runbooks, and platform policies.
- Migrated infrastructure from centralized YAML template modules to custom Bicep + PowerShell + Bash solutions tailored to client-specific requirements.
- Leveraged AI tools (GitHub Copilot, Factory Droid AI) in daily workflows to accelerate automation development and improve solution quality.
Monitoring, Observability & Incident Management
- Implemented Azure Monitor-based alerting for resource utilization thresholds across all infrastructure modules, triggering MS Teams notifications to relevant owners.
- Established daily infrastructure pipeline health monitoring with automated failure notifications and direct links to failed pipeline tasks.
- Designed and maintained scheduled automation workflows (daily/hourly) covering drift detection, certificate expiry, cost anomalies, and pipeline health.
- Designed and deployed Azure IaaS and PaaS infrastructure solutions for multiple client projects using ARM templates, Azure Portal, and PowerShell scripts.
- Built and maintained Azure DevOps classic pipelines for automated infrastructure deployment and release management.
- Administered Azure platform resolving infrastructure and security issues; implemented high availability and scalability patterns.
- Led a small DevOps team for 2 years — mentoring junior engineers, managing task allocation, and driving delivery outcomes.
Reduced Azure subscription and overall project costs by 40%+ within 18 months through a structured, phased optimization program spanning resource rightsizing, auto-scaling, scheduled scale-downs, and stale resource decommissioning.
Built a fully self-service platform automation ecosystem enabling 20+ development teams to independently manage GitHub repositories, Azure RBAC access, and VNET infrastructure via JSON-based PR workflows — eliminating manual platform team intervention for routine operations.
Deployed AI-powered first-level technical support via Logic Apps + Confluence integration, significantly reducing engineer interruption time from routine queries across networking, platform, CICD, and IaC topics.
Established enterprise-grade Azure Policy governance with policy-as-code approach, enforcing zero-public-network and security standards across all Azure subscriptions with self-service remediation guidance baked into violation messages.
Led complete DevOps toolchain modernization — migrating from Azure DevOps to GitHub-native ecosystem including repositories, GitHub Actions pipelines, and reusable Bicep module libraries adopted across all project teams.
| Cloud Platform | Microsoft Azure (IaaS, PaaS) — Container Apps, APIM, App Gateway, Azure Firewall, SQL Elastic Pools, Virtual Networks, Azure Monitor, Logic Apps, Azure AD / Entra ID, Service Principals, Managed Identities |
| IaC & Scripting | Bicep, ARM Templates, PowerShell, Bash, JSON-based workflow configurations |
| CI/CD & DevOps | GitHub Actions, GitHub Repositories, Azure DevOps (Classic & YAML Pipelines), Azure DevOps Repos |
| Security & Governance | Azure Policy (Policy-as-Code), Azure RBAC, Azure Firewall, NSG, Zero-Trust Architecture, Least Privilege Access, SSL/TLS Management |
| Automation & Monitoring | Azure Logic Apps, Azure Monitor, MS Teams Webhooks, Scheduled Workflows, GitHub Actions (event-driven & scheduled), PowerShell Runbooks |
| AI & Productivity | GitHub Copilot, Factory Droid AI, Claude AI, Gemini — applied to automation scripting, IaC development, documentation, and technical support workflows |
Master of Computer Applications
VIT University, Vellore, Tamil Nadu, India · 2016
Career Mentor & Counselor — Guiding junior engineers within the organization on career growth, skill development planning, and technical readiness.
Azure & DevOps Interview Panelist — Actively participating in technical hiring processes to assess and onboard cloud engineering talent.
Culture & Engagement — Led organizational culture initiatives including Fun Friday activities and multiple technical and non-technical internal programs.
Documentation Champion — Established Confluence-first documentation culture with structured runbooks, architectural guidelines, and platform policies for all teams.