Espoo, Finland · via DoTech Oy
Senior Platform Engineer & DevOps Architect with 18 years building and running production platforms on Kubernetes — securely, at scale. Now bringing that to teams as an independent.
// About
I build the infrastructure that lets engineering teams ship fast and sleep at night.
Most recently I owned the platform end-to-end at Jaja Finance, a UK FinTech — Kubernetes, the full Kong API Gateway lifecycle, HashiCorp Vault Enterprise for secrets and identity, and GitOps delivery with Argo CD. I work fully remote across European and UK time zones, and I contract through my own company, DoTech Oy. I care about reliability, doing security properly, and platforms that developers actually enjoy using.
// Expertise
Proven, production, interview-defensible.
EKS + self-managed clusters, full lifecycle & upgrades, Helm, ingress, internal developer platforms.
Deep Kong expertise — production migrations (1.5 → 3.4), plugin development, full lifecycle.
HashiCorp Vault Enterprise, Consul, Keycloak, privileged access management.
Terraform (HashiCorp Certified), CDKTF, Ansible, Puppet.
AWS — EKS, EC2, RDS, S3, MSK/Kafka, Bedrock — with cost optimisation.
Argo CD, GitHub Actions, Jenkins — progressive delivery and clean pipelines.
Datadog, ELK — metrics, logs, alerting and SLOs.
RAG pipelines (LiteLLM, ChromaDB), AWS Bedrock & self-hosted chatbots, a custom MCP server and TUI tooling for infrastructure diagnostics.
Python (primary), Go, Bash, JavaScript/Node.js.
CCNP-level — BGP, HAProxy, DNS, firewalling.
// Selected results
UK FinTech · Senior Platform Engineer · 2022–present
Sole owner of the API gateway carrying all production API traffic for a UK bank — routing, plugin development, and a multi-major-version migration executed with minimal service disruption.
FinOps across EKS + self-managed (Kubernetes 1.21 → 1.35), Terraform-provisioned AWS, Argo CD GitOps and Datadog — cutting annual cloud spend by roughly a third.
Ran secrets, identity and service discovery (Vault, Consul, Keycloak) for a regulated FinTech; executed enterprise upgrades while keeping authentication and access control highly available.
// 18 years, in brief
// Projects
Self-hostable Internal Developer Platform
A full internal developer platform you run on your own infrastructure — Hetzner or fully on-premises — so startups and mid-sized teams get a real IDP for free.
Privileged Access Management
A PAM platform that controls, records and audits privileged access to servers — RDP, SSH, databases, Kubernetes. In production at a bank. Co-architected by me with the DoTech team.
MCP · RAG · Bedrock
A custom MCP server and a TUI application for diagnosing infrastructure problems; RAG chatbots on AWS Bedrock and self-hosted (LiteLLM + ChromaDB). Bridging platform engineering and applied AI.
Free DevOps & Platform Engineering community
A free, hands-on community for DevOps and platform engineering that I founded — real sandbox terminals (Linux, Kubernetes, Docker) and practical scenarios for a growing community of engineers.
Visit babakacademy.com →Consultancy · products · open source
My Finnish consultancy — independent client work funds a lean team building B2B platform and security products, plus open-source tools for the community (FreeZenith, Babak Academy).
// Contact
Available for remote contract engagements from October 2026 — and open to the right permanent remote role. Based in Finland, working across EU & UK time zones.