Hello, I'm

Muhamad Iqbal

DevSecOps & Site Reliability Engineer

Building robust, scalable, and secure cloud infrastructure. Specializing in Kubernetes, Cloud Technologies, and Infrastructure Automation.

Download Resume

About Me

I’m a DevSecOps and Site Reliability Engineer with extensive experience in cloud infrastructure, containerization, and security implementation. My expertise lies in building and maintaining secure, reliable, and scalable systems that enable businesses to innovate confidently.

Throughout my career, I’ve successfully led complex infrastructure migrations, implemented robust CI/CD pipelines, and architected comprehensive observability solutions across AWS, GCP, and Azure environments.

With a deep understanding of Kubernetes, Terraform, and cloud-native technologies, I focus on creating automated, reproducible, and secure infrastructure that accelerates development workflows while maintaining operational excellence.

Core Competencies
  • Cloud Infrastructure Architecture
  • Kubernetes Orchestration & Management
  • Infrastructure as Code (Terraform)
  • CI/CD Pipeline Automation
  • Security Implementation & Compliance
  • Observability & Monitoring Solutions
  • Multi-Cloud Strategy
  • Containerization & Microservices
  • Incident Response & Management
  • Performance Optimization

Professional Journey

Cloud DevSecOps Engineer - Indico
Apr 2024 - Present
  • Performed AWS Well-Architected Reviews, optimising cost efficiency, security, and capacity management across multiple environments.
  • Expanded Infrastructure-as-Code (IaC) capabilities to support multi-cloud deployments, converting AWS-based Terraform configurations for Azure, Huawei Cloud, and GCP while ensuring cross-cloud compatibility.
  • Standardised Terraform modules, improving scalability and vendor-agnostic deployments.
  • Designed and implemented Terraform-based infrastructure provisioning for both internal and business applications across all environments, ensuring consistency, security, and automation.
  • Led an AWS EKS Upgrade Initiative, modernising Kubernetes clusters from older versions to 1.29 and 1.30 with minimal downtime and no service disruptions.
  • Implemented Security Measures including Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) into GitLab CI/CD pipelines, detecting vulnerabilities early in the SDLC.
  • Deployed Web Application Firewall (WAF) on Indico services.
Site Reliability Engineer - Moladin
Jun 2022 - Apr 2024
  • Orchestrated migration of microservices from on-premise Kubernetes to AWS EKS, implementing auto-scaling and optimized resource allocation that improved system resilience and reduced infrastructure costs by 30%.
  • Implemented Flagger for automated canary and blue-green deployment strategies with metrics-based validation that eliminated production downtime during releases.
  • Executed cross-cloud migration from AWS to GCP using Terraform modules while ensuring zero service disruption and enhancing disaster recovery capabilities.
  • Established GCP infrastructure through Terraform-based IaC with reusable modules and version control that enabled consistent deployments across all environments.
  • Engineered GitOps workflows with Jenkins CI/CD pipelines that incorporated automated testing and security scanning to streamline deployment processes.
  • Architected observability stack with Prometheus, Loki, Thanos, OpenTelemetry, and Grafana that provided real-time visibility and reduced incident resolution time.
  • Transformed monolithic applications into containerized microservices for Kubernetes deployment that improved fault isolation and reduced deployment times by 65%.
  • Standardized infrastructure components using Helm Charts to manage critical services including Nginx, Prometheus, Redis, and other applications, ensuring consistent configuration and seamless updates across all environments.
  • Administered GKE clusters across multiple environments by implementing auto-scaling, pod disruption budgets, and resource quotas that optimized performance while reducing costs by 25%.
Software Engineer - Jakarta Health Agency
Jan 2021 - Jun 2022
  • Orchestrated Kubernetes infrastructure for critical healthcare applications, implementing high-availability configurations that ensured 99.9% uptime for essential patient services.
  • Engineered API integration framework connecting Jaksehat platform with multiple hospitals and health centers across DKI Jakarta, enabling secure patient data exchange while maintaining strict compliance with healthcare regulations.
  • Developed robust backend architecture for Jaksehat using Laravel, implementing optimized database design and RESTful services that supported 10,000+ daily users while ensuring responsive performance.
Site Reliability Engineer - Oy Indonesia
Oct 2020 - Dec 2020
  • Automated AWS infrastructure using Terraform to provision and manage EKS clusters, security groups, and networking components, reducing deployment time by 70% while ensuring consistent security configurations.
  • Implemented Ansible playbooks for configuration management and deployment automation, standardizing server setups and eliminating manual errors across cloud environments.
  • Deployed ClamAV security solution for real-time virus scanning across AWS instances, establishing automated quarantine protocols that strengthened infrastructure security posture.
  • Engineered comprehensive monitoring for AWS infrastructure using Grafana dashboards connected to multiple data sources, providing real-time visibility into system performance and enabling proactive issue resolution.
Site Reliability Engineer - Aqalin
Mar 2020 - Jun 2021
  • Architected high-performance Kubernetes Bare Metal clusters for production environments, implementing custom networking and storage solutions that delivered enterprise-grade reliability without cloud provider overhead.
  • Developed optimized Kubernetes manifests for backend and frontend applications, incorporating resource limits, health checks, and auto-scaling policies that improved application stability and performance.
  • Designed comprehensive monitoring infrastructure using Prometheus and Grafana, creating custom dashboards and alerting rules that provided real-time visibility into system health metrics and application performance.
Junior DevOps Engineer - Meeber
Apr 2019 - Oct 2019
  • Architected Docker-based development environments on AWS infrastructure, creating reproducible containerized workspaces that accelerated developer onboarding and ensured consistent testing conditions.
  • Implemented infrastructure automation using Ansible playbooks integrated with GitLab CI/CD pipelines, enabling consistent, version-controlled configuration management across all systems.
  • Established comprehensive monitoring with Nagios across development, staging, and production environments, configuring custom service checks and alert thresholds that improved incident response time by 40%.

Education

Aug 2021 - Dec 2023
Bachelor's Degree in Computer Science
Binus University
Thesis: Application Deployment Strategy Comparison
Aug 2016 - Nov 2019
Associate's Degree in Computer Science
IPB Vocational School
Thesis: Automation of Gitlab CI/CD and Ansible

Featured Projects

AWS EKS RDS Teleport RBAC Security
AWS RBAC with Teleport
- Architected and implemented role-based access control (RBAC) for AWS EKS clusters and RDS databases using Teleport - Established fine-grained access policies based on user roles and responsibilities - Created comprehensive audit logging and session recording for compliance requirements - Implemented just-in-time access provisioning to reduce standing privileges - Integrated with existing identity providers for seamless authentication - Developed custom training materials and documentation for secure access procedures
AWS CodePipeline CodeCommit CodeBuild ECS Infrastructure as Code
AWS Pipeline for ECS Deployment
- Architected end-to-end CI/CD pipeline using AWS native services (CodePipeline, CodeCommit, CodeBuild) - Implemented infrastructure as code using CloudFormation for fully automated environment provisioning - Created container build and optimization process with AWS CodeBuild - Configured automated testing, security scanning, and validation stages - Established blue/green deployment strategy to ECS with rollback capabilities - Implemented monitoring and alerting for pipeline status and deployment health
Kubernetes Flagger Canary Deployments AWS EKS
Progressive Delivery with Flagger
- Configured Flagger for automated canary and blue-green deployment strategies - Implemented metric-based validation to ensure service health during deployments - Integrated with Prometheus and Grafana for deployment monitoring - Established automated rollback procedures based on custom health metrics - Reduced deployment risks and eliminated production downtime during releases
Terraform AWS GCP Infrastructure as Code
AWS to GCP Migration Framework
- Created modular Terraform components for cross-cloud resource provisioning - Implemented CI/CD pipelines for automated infrastructure testing and deployment - Designed traffic routing strategies to ensure zero downtime during migration - Established comprehensive monitoring across both cloud environments - Enhanced disaster recovery capabilities through multi-cloud architecture
Python AWS EKS CLI Automation
EKS Management CLI Tool
- Developed Python-based CLI for managing EKS clusters - Automated cluster version upgrades, node group updates, and addon management - Implemented comprehensive health checks and status reporting - Created safety checks to prevent disruption during operations - Reduced management complexity and standardized operational procedures
Kubernetes Bare Metal Helm Microservices
Kubernetes Bare Metal Platform
- Deployed high-availability Kubernetes cluster on bare metal servers - Converted Docker-based applications to Kubernetes using Helm charts - Implemented networking and storage solutions for the cluster - Established monitoring and logging infrastructure - Reduced costs while maintaining enterprise-grade reliability
ClamAV Security AWS Automation
Automated Security Scanning Platform
- Deployed ClamAV scanning agents to all AWS instances - Implemented automated quarantine procedures for compromised systems - Created centralized reporting and alerting system - Established compliance reporting for security audits - Improved infrastructure security posture through continuous scanning
GKE Terraform Cloud Armor Kafka AlloyDB Keycloak
GCP Enterprise Infrastructure Platform
- Architected and implemented comprehensive Google Cloud Platform infrastructure using Terraform IaC - Deployed and configured GKE clusters with advanced security settings and node auto-provisioning - Implemented Cloud Armor Web Application Firewall for enhanced security protection - Set up Memorystore (Redis) and AlloyDB/Cloud SQL databases with high-availability configurations - Configured comprehensive logging and monitoring solutions across the platform - Deployed OpenShift on GCP with custom configurations to meet enterprise requirements - Implemented Kafka event-driven architecture using Helm charts for messaging infrastructure - Integrated Keycloak identity management system for centralized authentication and authorization - Created reusable Terraform modules for consistent infrastructure deployment across environments - Established CI/CD pipelines for both infrastructure and application deployments
Terraform AWS GCP Azure Huawei Cloud
Multi-Cloud Terraform Conversion Framework
- Created a framework to systematically convert AWS Terraform configurations to equivalent GCP, Azure, and Huawei Cloud formats - Developed mapping libraries for resource translations between cloud providers (compute, storage, networking, IAM, databases) - Implemented automated validation testing to ensure functional equivalence across platforms - Built custom modules that abstract provider-specific implementations behind a common interface - Established best practices for maintaining infrastructure parity in multi-cloud environments - Created comprehensive documentation and conversion guides for different resource types - Designed migration strategies to minimize downtime during cross-cloud transitions - Implemented cost estimation and comparison tools to evaluate hosting options - Integrated the framework into CI/CD pipelines for automated infrastructure provisioning across clouds - Supported multiple organizations in successful cloud migrations using this framework

Certifications

Certified Kubernetes Application Developer (CKAD)
Cloud Native Computing Foundation
Certified Kubernetes Administrator (CKA)
Cloud Native Computing Foundation