Ordaos Bio | New York, USA | 2021 – Present
<aside>
☁️
Built and continue evolving scalable multicloud landing zones and backbone infrastructure powering secure multi-team operations.
</aside>
Key Responsibilities/Achievements:
- Architect and deploy scalable multicloud landing zones and infrastructure using Azure, AWS, and GCP integrated with on-prem hub-and-spoke networking.
- Create and manage infrastructure and Kubernetes clusters on Azure, AWS, and GCP using Pulumi IaC alongside Helm, Kustomize, and Helmfile for consistent, repeatable deployments.
- Integrated New Relic with cloud infrastructure and Kubernetes for instrumentation.
- Deploy and manage Azure SQL, RDS, AlloyDB, and PostgreSQL with automated provisioning and backups.
- Implement Azure Data Lake Storage Gen2 for scalable cloud data storage.
- Integrate Azure Data Factory and Synapse Analytics for data ingestion and transformation.
- Build and maintain ETL pipelines to support reliable and scalable data integration.
- Design and implement reusable CI/CD pipelines with Azure Pipelines and GitHub Actions.
- Standardize CI/CD modules to accelerate onboarding and reduce drift.
- Set up SSO with Azure AD for secure authentication across cloud and internal apps.
- Drive security, networking, and compliance best practices to optimize system performance.
- Implement cost observability and optimization practices across cloud infrastructure, reducing operational expenses and improving resource efficiency.
- Enable cost observability and optimize cloud resource usage across Azure, AWS, and GCP to control operational expenses.
- Proactively communicate technical tradeoffs, risks, and infrastructure recommendations to cross-functional stakeholders to align delivery with organizational goals.
Project Impact:
- Delivered production-grade multicloud landing zones and expanded the platform from single-cloud (Azure) to a hub-and-spoke multicloud architecture (Azure, GCP, AWS, and on-prem) using Pulumi IaC, ensuring high resiliency, security, and scalability.
- Built secure private networking across clouds and on-premises sites by implementing site-to-site (S2S) and point-to-site (P2S) VPNs, centralizing connectivity through Azure as the network hub.