V E D A N T G A I D H A N ECloud Infrastructure & DevOps Engineer+91 7264926849 | vedantkgaidhane@gmail.comLinkedIn | vedantgaidhane.comP R O F E S S I O N A L S U M M A R YCloud Infrastructure & DevOps Engineer with 1.5+ years of experience architecting and operating production-grade AWS environmentsfor clients in financial services, investment management, and capital markets. Sole cloud engineer at Harrier Information Systems,entrusted with end-to-end ownership of provisioning, CI/CD, cloud security, observability, and FinOps across multiple concurrent clientaccounts—including regulated fintech and portfolio management platforms. Delivered 50–85% cloud cost reductions while engineeringsecure, compliant, and highly available infrastructure. Currently spearheading Cloud-as-a-Service product development, AWSMarketplace listings, and hybrid cloud architecture.K E Y A C H I E V E M E N T S• Engineered 50–85% AWS cost reductions across multiple client accounts—including financial services firms—through systematicright-sizing, RI/Savings Plan procurement, EC2 scheduling automation, and orphaned resource remediation.• Architected Jenkins-based DevSecOps pipelines (Gitleaks + SonarQube + Trivy) achieving 80% faster deployment cycles with zero-downtime releases for mission-critical trading and portfolio platforms.• Deployed and operationalized self-hosted GitLab CE, migrated enterprise repositories from Bitbucket with full commit history, andautomated S3 backup retention—eliminating third-party VCS licensing overhead.• Provisioned multi-node Proxmox virtualization cluster with hardware firewall for isolated dev/test environments; engineering AWSSite-to-Site VPN for hybrid cloud connectivity.• Spearheading Cloud-as-a-Service productization and AWS Marketplace AMI/service listings, positioning the organization as a cloudsolutions provider.T E C H N I C A L S K I L L SCloud Platforms: AWS (EC2, RDS, S3, Lambda, IAM, VPC, CloudWatch, ALB, WAF, GuardDuty, Inspector, Shield, Security Hub, Config, CloudTrail,SES, Route 53, CloudFront, ECR, ACM, Organizations, Billing, EventBridge, Secrets Manager, Backup, KMS), Azure (Fundamentals)DevSecOps & CI/CD: Jenkins, GitLab CI/CD, Azure Pipelines, Docker, Kubernetes, SonarQube, Trivy, Gitleaks, AWS Secrets ManagerInfrastructure as Code: Terraform (Reusable Modules), AWS CloudFormation, Ansible, Bash, PythonObservability: Prometheus, Grafana, AWS CloudWatch, CloudTrail, Uptime KumaCloud Security & Compliance: GuardDuty, Inspector, WAF, Shield, Security Hub, Config, CloudTrail, KMS, IAM Policies, Plerion CNAPPWeb Servers & OS: Nginx, Apache, Tomcat, IIS | Linux (Ubuntu, Amazon Linux), Windows ServerDatabases: PostgreSQL, MySQL, TimescaleDB, AWS RDSOther: Proxmox VE, AWS Marketplace (AMI Listings), Site-to-Site VPN, Hybrid Cloud | Git, GitHub, GitLab, BitbucketP R O F E S S I O N A L E X P E R I E N C EExecutive – Cloud Infrastructure December 2024 – PresentHarrier Information Systems Pvt. Ltd., NagpurSole Cloud & DevOps engineer entrusted with architecting, securing, and operating production AWS infrastructure across 8+ concurrent clientengagements spanning financial services, investment management, capital markets, and enterprise SaaS.• FinOps & Cost Engineering: Conducted granular cost analysis via AWS Cost Explorer and billing dashboards; orchestrated right-sizing,EC2 scheduling, RI/Savings Plan procurement, data transfer optimization, and orphaned resource remediation, delivering 50–85%cost reductions across client portfolios including financial services accounts.• Cloud Security & Regulatory Posture: Engineered multi-account security architecture using GuardDuty (threat intelligence),Inspector (vulnerability assessment), WAF (OWASP rule sets), Shield (DDoS mitigation), Security Hub (centralized findingsaggregation), Config (compliance auditing), CloudTrail (forensic-grade audit logging), and KMS (envelope encryption). IntegratedPlerion for continuous posture management. Enforced IAM least-privilege, SCP guardrails, and Security Group hardening—critical forclients handling sensitive financial data and trading systems.• DevSecOps Pipeline Architecture: Engineered Jenkins-based CI/CD pipelines with shift-left security gates: Gitleaks (pre-commitsecret detection), SonarQube (static analysis and quality gates), Trivy (container image CVE scanning), and AWS Secrets Manager forruntime credential injection. Achieved zero-downtime blue-green deployments via Docker, reducing release cycles by 80% for clienttrading and portfolio platforms.• Infrastructure as Code & Automation: Authored reusable, parameterized Terraform modules for reproducible AWS provisioningacross environments. Developed idempotent Bash/Python automation for EBS snapshot lifecycle management, cross-region S3replication, resource provisioning, and stale resource remediation.