https://ariansvi.com/Recent content in Home on Arian Svirsky | DevOps EngineerHugoenSat, 01 Jun 2024 00:00:00 +0000https://ariansvi.com/experience/descope/Mon, 01 Jan 0001 00:00:00 +0000https://ariansvi.com/experience/descope/<p><strong>Sep 2024 – Present</strong> | DevOps Engineer | Israel (Hybrid)</p> <p>Multi-cloud Kubernetes infrastructure for an identity and authentication platform.</p> <h3 id="responsibilities">Responsibilities</h3> <ul> <li>Manage <strong>25+ microservices</strong> across AWS EKS, GCP GKE, and Azure AKS using <strong>Pulumi (TypeScript)</strong></li> <li>Production deployments across <strong>4 global regions</strong> (US, EU, APAC, Canada)</li> <li><strong>CI/CD pipelines</strong> with GitHub Actions — automated version cuts, staging promotion, production rollouts</li> <li><strong>Observability</strong> with Datadog — APM, logs, custom dashboards, alerting</li> <li>Manage Temporal workflows, RabbitMQ, Elasticsearch, Redis clusters</li> <li><strong>Cloudflare</strong> CDN, tunneling, DDoS protection, WAF rules</li> </ul> <h3 id="key-achievements">Key Achievements</h3> <ul> <li>Built automated promotion flow: Sandbox → RC (twice weekly) → Production (weekly)</li> <li>Designed multi-region failover strategy</li> <li>Reduced deployment time by 60% through pipeline optimization</li> </ul>https://ariansvi.com/experience/paloalto/Mon, 01 Jan 0001 00:00:00 +0000https://ariansvi.com/experience/paloalto/<p><strong>Aug 2018 – Sep 2024</strong> | 6 years | Tel Aviv, Israel</p> <p>Progressed from DevOps Engineer to Principal DevOps Engineer over 6 years, working on the Demisto/Cortex XSOAR platform — a security orchestration, automation, and response (SOAR) product.</p> <h3 id="devops-engineer-aug-2018--apr-2019">DevOps Engineer (Aug 2018 – Apr 2019)</h3> <ul> <li>Joined Demisto (acquired by Palo Alto Networks during this period)</li> <li>Built and maintained CI/CD pipelines for the SOAR platform</li> <li>Managed AWS infrastructure for development and staging environments</li> </ul> <h3 id="sr-devops-engineer-apr-2019--nov-2023">Sr DevOps Engineer (Apr 2019 – Nov 2023)</h3> <ul> <li><strong>Led the transformation from AWS EC2 VMs to Kubernetes</strong>, migrating the entire platform to containerized workloads</li> <li>Solved complex <strong>Docker-in-Docker (DIND) security challenges</strong> — critical for a security product that runs customer automation playbooks in isolated containers</li> <li>Integrated Demisto into the broader <strong>Palo Alto Networks ecosystem</strong> (Cortex XSOAR)</li> <li>Built and maintained Jenkins pipelines, GitLab CI/CD, and deployment automation</li> <li>Managed large-scale AWS infrastructure with Terraform</li> </ul> <h3 id="principal-devops-engineer-nov-2023--sep-2024">Principal DevOps Engineer (Nov 2023 – Sep 2024)</h3> <ul> <li>Technical leadership across DevOps practices for the Cortex XSOAR team</li> <li>Architecture decisions for infrastructure scalability and security</li> <li>Mentored junior DevOps engineers</li> <li>Drove adoption of GitOps and infrastructure-as-code best practices</li> </ul>https://ariansvi.com/experience/previous/Mon, 01 Jan 0001 00:00:00 +0000https://ariansvi.com/experience/previous/<h3 id="inmanage--linux-system-administrator">inManage — Linux System Administrator</h3> <p><strong>Nov 2016 – Aug 2018</strong> | 1 year 10 months | Tel Aviv, Israel</p> <ul> <li>Linux system administration for eCommerce platform infrastructure</li> <li>Server provisioning, monitoring, and troubleshooting</li> <li>Managed production environments supporting online retail operations</li> <li>Automation with Bash scripting, configuration management</li> </ul> <h3 id="interhost-networks-ltd--linux-administrator">Interhost Networks Ltd — Linux Administrator</h3> <p><strong>Feb 2015 – Sep 2016</strong> | 1 year 8 months</p> <ul> <li>Web hosting infrastructure administration</li> <li>Managed Linux servers (CentOS, Ubuntu) for hosting customers</li> <li>DNS management, SSL certificates, Apache/Nginx configuration</li> <li>Network troubleshooting, firewall rules, server hardening</li> </ul> <h3 id="calanit--technical-support">Calanit — Technical Support</h3> <p><strong>Jan 2014 – Feb 2015</strong> | 1 year 2 months</p>https://ariansvi.com/projects/this-site/Sat, 01 Jun 2024 00:00:00 +0000https://ariansvi.com/projects/this-site/<p>This resume website is a living DevOps project that demonstrates production-grade infrastructure practices.</p> <h2 id="architecture">Architecture</h2> <pre tabindex="0"><code> ┌──────────────┐ │ GoDaddy │ │ ariansvi.com│ └──────┬───────┘ │ NS delegation ┌──────▼───────┐ │ Cloud DNS │ └──────┬───────┘ │ ┌──────▼───────┐ │ Ingress-NGINX│ │ + cert-mgr │ │ (Let&#39;s Encrypt) └──┬────────┬──┘ │ │ ┌────────▼──┐ ┌──▼────────┐ │ Frontend │ │ Backend │ │ (Hugo + │ │ (FastAPI + │ │ Nginx) │ │ SQLite) │ └────────────┘ └────────────┘ </code></pre><h2 id="tech-stack">Tech Stack</h2> <table> <thead> <tr> <th>Layer</th> <th>Technology</th> </tr> </thead> <tbody> <tr> <td>IaC</td> <td>Terraform (GKE, VPC, DNS, IAM)</td> </tr> <tr> <td>Container</td> <td>Docker multi-stage builds</td> </tr> <tr> <td>Orchestration</td> <td>GKE Autopilot</td> </tr> <tr> <td>Deployment</td> <td>ArgoCD (GitOps, app-of-apps)</td> </tr> <tr> <td>CI/CD</td> <td>GitHub Actions (lint, test, build, deploy)</td> </tr> <tr> <td>Frontend</td> <td>Hugo static site + Nginx</td> </tr> <tr> <td>Backend</td> <td>Python FastAPI + SQLite</td> </tr> <tr> <td>Ingress</td> <td>Ingress-NGINX + cert-manager</td> </tr> <tr> <td>Monitoring</td> <td>Prometheus + Grafana</td> </tr> <tr> <td>Manifests</td> <td>Kustomize (base + overlays)</td> </tr> </tbody> </table> <h2 id="source-code">Source Code</h2> <p>Everything is open source: <a href="https://github.com/ariansvi/ariansvi-resume-v2">github.com/ariansvi/ariansvi-resume-v2</a></p>https://ariansvi.com/about/Mon, 01 Jan 0001 00:00:00 +0000https://ariansvi.com/about/<p><img alt="Arian Svirsky" src="https://ariansvi.com/images/arian.jpg"></p> <h1 id="arian-svirsky">Arian Svirsky</h1> <p><strong>Senior DevOps Engineer</strong> — Building production infrastructure since 2014.</p> <hr> <h2 id="background">Background</h2> <p>I&rsquo;m a DevOps engineer with deep expertise across the entire infrastructure stack — from Linux kernel tuning to Kubernetes cluster architecture, from CI/CD pipeline design to cloud cost optimization.</p> <p>Over the past decade, I&rsquo;ve worked across startups and scale-ups, building systems that handle millions of requests and maintain high availability. My approach combines automation-first thinking with practical engineering — every system I build is designed to be reproducible, observable, and self-healing.</p>https://ariansvi.com/contact/Mon, 01 Jan 0001 00:00:00 +0000https://ariansvi.com/contact/<h2 id="get-in-touch">Get In Touch</h2> <p>Interested in working together or have a question? Reach out through any of these channels.</p> <ul> <li><strong>Email:</strong> <a href="mailto:ariansvirsky@gmail.com">ariansvirsky@gmail.com</a></li> <li><strong>GitHub:</strong> <a href="https://github.com/ariansvi">ariansvi</a></li> <li><strong>LinkedIn:</strong> <a href="https://www.linkedin.com/in/arian-svirsky-a0832057/">Arian Svirsky</a></li> </ul> <hr> <p><em>This site also has a <a href="https://ariansvi.com/api/docs">backend API</a> built with FastAPI — because even the contact page should demonstrate engineering.</em></p>https://ariansvi.com/skills/overview/Mon, 01 Jan 0001 00:00:00 +0000https://ariansvi.com/skills/overview/<h2 id="container-orchestration">Container Orchestration</h2> <ul> <li><strong>Kubernetes</strong> — EKS, GKE, AKS, k3s | Helm, Kustomize, Operators</li> <li><strong>Docker</strong> — Multi-stage builds, Compose, image optimization, security scanning</li> <li><strong>Service Mesh</strong> — Istio, Linkerd</li> </ul> <h2 id="infrastructure-as-code">Infrastructure as Code</h2> <ul> <li><strong>Terraform</strong> — Modules, workspaces, remote state, Atlantis</li> <li><strong>Pulumi</strong> — TypeScript, stack management, custom providers</li> <li><strong>CloudFormation</strong> — Nested stacks, drift detection</li> </ul> <h2 id="cicd--gitops">CI/CD &amp; GitOps</h2> <ul> <li><strong>GitHub Actions</strong> — Custom actions, matrix builds, OIDC, reusable workflows</li> <li><strong>GitLab CI/CD</strong> — Runners, DAG pipelines, environments, review apps</li> <li><strong>Jenkins</strong> — Pipeline-as-code, shared libraries, Blue Ocean</li> <li><strong>ArgoCD</strong> — App-of-apps, sync waves, progressive delivery</li> <li><strong>Argo Rollouts</strong> — Canary, blue-green, analysis templates</li> </ul> <h2 id="cloud-platforms">Cloud Platforms</h2> <ul> <li><strong>AWS</strong> — EKS, EC2, RDS, S3, Lambda, CloudFront, Route53, IAM, VPC</li> <li><strong>GCP</strong> — GKE, Cloud DNS, Artifact Registry, Cloud SQL, GCS</li> </ul> <h2 id="monitoring--observability">Monitoring &amp; Observability</h2> <ul> <li><strong>Datadog</strong> — APM, logs, dashboards, monitors, SLOs</li> <li><strong>Prometheus</strong> — PromQL, recording rules, alerting rules</li> <li><strong>Grafana</strong> — Custom dashboards, alerting, data sources</li> <li><strong>ELK Stack</strong> — Elasticsearch, Logstash/Fluentd, Kibana</li> </ul> <h2 id="databases">Databases</h2> <ul> <li><strong>MySQL</strong> — Replication, backup/restore, performance tuning</li> <li><strong>Elasticsearch</strong> — Cluster management, index lifecycle, mappings</li> <li><strong>Redis</strong> — Clustering, sentinel, caching patterns</li> <li><strong>PostgreSQL</strong> — Administration, extensions</li> </ul> <h2 id="scripting--programming">Scripting &amp; Programming</h2> <ul> <li><strong>Bash</strong> — Production automation, system tooling</li> <li><strong>Python</strong> — FastAPI, automation scripts, boto3, SDK integrations</li> <li><strong>TypeScript</strong> — Pulumi IaC, tooling</li> <li><strong>Go</strong> — CLI tools, basic services</li> </ul> <h2 id="linux--networking">Linux &amp; Networking</h2> <ul> <li><strong>Linux</strong> — RHEL, Ubuntu, Alpine | systemd, kernel tuning, troubleshooting</li> <li><strong>Networking</strong> — TCP/IP, DNS, load balancing, VPN, firewall, SSL/TLS</li> <li><strong>Security</strong> — RBAC, network policies, sealed secrets, OPA, pod security</li> </ul>