Senior Platform/Cloud Engineer (DevOps/SRE) and Senior Software Engineer with 12+ years of experience designing and operating secure, scalable cloud-native platforms and distributed systems. I bridge software engineering (Python, Go, JavaScript/TypeScript, React, Next.js) with platform engineering and infrastructure automation (Kubernetes, Terraform, CI/CD). My focus is security-first architecture (IAM), performance, reliability and observability (SLI/SLO), and developer productivity. I have designed and operated multi-region and multi-cloud environments (GCP, AWS, Azure), built reusable delivery foundations (IaC modules and standardized deployment patterns), and implemented disaster recovery and observability stacks (Prometheus, Grafana, ELK) to improve operational stability and troubleshooting efficiency. I document architecture decisions (ADRs, design docs) and create runbooks to reduce key-person risk and support sustainable engineering velocity. I value clean architecture, strong engineering culture, and pragmatic enablement practices. Google Cloud (5× Professional Certified): Professional Cloud Architect, Professional Cloud Network Engineer, Professional Security Operations Engineer, Professional Cloud DevOps Engineer, Professional Data Engineer. Complementing my cloud background, I hold Cloud Security Alliance certifications (CCSK, CCZT), reinforcing my expertise in secure cloud architecture and modern security practices. As a published Technical Author, I regularly share hands-on engineering insights on Medium and in professional publications, focusing on real-world DevOps, cloud security, software engineering, and architecture.
T-Digital by Deutsche Telekom · Full-time
Sep 2024 - Present · 1 yr 10 mos
Thessaloniki, Central Macedonia, Greece · Hybrid
- Built and operated a multi-region / multi-cluster GKE platform with internal/external HTTPS load balancing (L7) and cross-region routing.
- Implemented GitOps at scale (multi-cluster), standardized delivery workflows and environment promotion; maintained runbooks and internal operating guides.
- Designed secure access patterns: OIDC/SSO integrations, developer groups, controlled jump-host access and validation; documented IAM/access procedures.
- Delivered security controls: WAF protection and tuning, policy-as-code / admission controls, workload hardening and secure-by-default baselines.
- Implemented secrets management & encryption: cloud KMS and secrets manager, external secrets integration, TLS certificate lifecycle automation.
- Established security visibility: centralized logging/monitoring, metrics and tracing; integrated security event forwarding to SIEM and produced incident/debug guides.
- Introduced vulnerability management: container/dependency scanning, CVE triage workflow, remediation coordination and tracking.
- Improved resilience: backup/restore practices for clusters and stateful services, plus recovery verification steps (RPO/RTO awareness).
T-Digital by Deutsche Telekom · Full-time
Jun 2022 - Sep 2024 · 2 yrs 4 mos
Thessaloniki, Central Macedonia, Greece · Hybrid
- Designed and operated a Kubernetes-based platform across OpenStack and AWS, with focus on secure connectivity, segmentation, and reliable service exposure patterns.
- Built and standardized CI/CD foundations (GitLab CI) for 50+ services, enforcing repeatable delivery patterns and reducing deployment risk (~40% faster releases).
- Implemented IaC with Terraform (modules, reusable patterns), ensuring peer-reviewed changes, traceability, and drift reduction via configuration-as-code and guardrails.
- Strengthened network & identity controls: least-privilege IAM patterns, controlled privileged access, and access-review friendly processes to support audit readiness.
- Implemented L4/L7 traffic management (ingress / load balancing, TLS termination), improving secure service publishing and operational consistency across environments.
- Improved observability and incident response (Prometheus/Grafana, centralized logging/ELK, actionable alerting), reducing MTTR and improving operational readiness.
- Automated VNF lifecycle / scaling workflows, delivering ~20% infrastructure savings while maintaining controlled change and stability.
Integrated Google Cloud Armor with external load balancer to protect Kubernetes applications from malicious traffic. Requests are analyzed against custom security rules (WAF, IP allow/deny lists, geo-based policies). Suspicious requests are blocked with 403 responses before reaching the cluster, while legitimate clients maintain seamless access. Hardened the ingress layer for App 1 and App 2 in Kubernetes.
Multi-regional Kubernetes deployment across West 3 and West 4 regions with GitLab Config Sync and Google Fleet. Ensures high availability by spreading workloads (App A, App B, App C) across zones (a, b, c). Unified GitOps delivery pipelines, consistent security policies, and cross-cluster management with Fleet.
Credential ID: 8a9ddfba001e4a55bf42667a6b62da9b
Skills: Cloud Solution Architecture, Security and Compliance, Cloud Networking, +6 more
Show credentialCredential ID: eb748cbd0c904f8389d3f755f3a32584
Skills: Cloud Networking, Hybrid Connectivity, Network Security, +6 more
Show credential
K&P Computer / BLUE Consult
2026
Completion certificate for the NIS-2 Deep Dive web training (28 May 2026) covering real attack scenarios (identity theft, compromised backups, user account breaches), NIS-2 requirements including risk management, reporting obligations, and supply chain security, governance structures, security roles, policies, incident response processes, vulnerability management and cyber resilience with IBM solutions, network and firewall security, SOC/SIEM/endpoint protection, and identity/access/communication protection.
Cloud Assess Academy
2025
Digital badge and certificate issued by Cloud Assess Academy for completing the Advanced GDPR course, providing advanced understanding of GDPR compliance, data protection principles, and organizational obligations.
Alison Online Learning
2025
Certificate of Completion for successfully completing the ISO/IEC 27701 Data Protection and Privacy Information Management course, covering the extension of ISO/IEC 27001 for privacy management, GDPR-related practices, and implementation of a Privacy Information Management System (PIMS).
Bachelor's Degree, Law
Engineer's Degree, Automation Management Systems
Engineer's Degree, Translation
Step-by-step guide to reading Linux top: load averages, memory usage, CPU breakdown, and process states. Includes real-world scenarios for diagnosing compute, I/O, and VM bottlenecks — with clear habits to turn raw numbers into actionable insights.
Show publicationIntroduces a micro-kernel architecture in Go where the core handles only lifecycle, routing and synchronization, while all business logic runs as pluggable modules. Demonstrates hot-swappable plugins for metrics, caching, and email — enabling granular scaling, non-blocking pub/sub, and clean code evolution.
Show publication
Google Cloud Gen AI Technical Expert Badge Challenge - Early Adopter EditionIssued by Google Cloud - Aug 2025
Certification / Award
Recognized as one of the first 1,100 professionals worldwide to complete the Gen AI Technical Expert Badge Challenge (Early Adopter Edition). This advanced challenge required earning multiple high-level Google Cloud Technical Expert credentials, including 'Build with Vertex', 'Intelligent Search', and 'Customer Engagement Suite with Google AI'. The achievement demonstrates proficiency in applying Generative AI for enterprise use cases, from building with Vertex AI, through creating intelligent retrieval and search solutions, to designing conversational AI for customer engagement. Award included a digital badge, exclusive Google swag, and global community recognition. Valid until Aug 2026.
Google Cloud Arcade - Champions MilestoneIssued by Google Cloud - Jun 2024
Award
Recognized as one of the select professionals worldwide to achieve the Champions Milestone in Google Cloud Arcade, earning a total of 78 points. This rare accomplishment reflects over six months of consistent learning and hands-on practice, during which more than 300–400 individual labs were completed across diverse Google Cloud technologies. It highlights outstanding dedication to continuous upskilling in cloud technologies, persistence in real-world lab work, and a strong commitment to professional growth. Award eligibility included exclusive prizes and global community recognition.
3rd RIL AI HackathonIssued by Research Innovation Lab - Jun 2024
Hackathon
Won 1st place at the 3rd RIL AI Hackathon, hosted by the Research Innovation Lab and associated with T-Digital (Deutsche Telekom). Our team built a production-ready data uploader tailored for RAG-based chatbots. It supports PDF document ingestion, offers multiple adaptive chunking strategies, works autonomously with uploaded corpora, and automatically selects the best strategy using LLM-driven evaluation. We also instrumented RAGAS for response-quality measurement. The solution improves efficiency, reduces redundancies, and raises the overall quality of chatbot answers.
2nd RIL AI HackathonIssued by Research Innovation Lab - Dec 2023
Hackathon
Won 1st place at the 2nd RIL AI Hackathon, hosted by Research Innovation Lab and associated with T-Digital (Deutsche Telekom). Developed an AI solution that analyzes user stories and test cases, providing insights to improve quality and efficiency in software development.
