# Sureshkumar Karuppaiah > Staff Software Engineer - Cloud Architect @ PTC | CKA, Iac-Terraform, AWS, AI/ML Ops, Kubernetes and tools, Copilot, HPC, CDK, AWS SAM, Claude, GitOps and ML/AI agents Workflows, TypeScript, SecOps and Observability. Location: San Francisco Bay Area, United States Profile: https://flows.cv/sureshkumar As a Staff Software Engineer at PTC with over five years of experience, I specialize in cloud computing, kubernetes, build automation, and security operations. My work focuses on developing and managing AWS cloud environments, automating infrastructure with Security hardening, Custom Ingress, Helm Charts, GitOps, Kustomize, Istio, ArgoCD, Terraform, Wiz and CloudFormation, and maintaining Kubernetes clusters with its closer and efficient eco system while adhering to stringent security standards with centralized changes and observability. At PTC, I have contributed to key initiatives, including contributing the FedRAMP migration to ensure compliance with federal security requirements for government clients. My expertise in containerizing apps for Kubernetes eco-system has been instrumental in driving secure and efficient cloud solutions and kubernetes to support organizational objectives and enhance operational processes for AI applications. ## Work Experience ### Staff Software Engineer - Cloud Architect (Kubernetes and DevSecOps) @ PTC Jan 2020 – Present | San Francisco Bay Area I focused on enhancing cloud architecture and security compliance at PTC, achieving key milestones in our projects. • Developing, Improving and maintaining secure AWS cloud eco-system and Kubernetes eco-system for variety of products and applications. • Contributing the successful FedRAMP migration, ensuring compliance for GovCloud applications and SOC monitoring. • Automated infrastructure provisioning, deployment and release processes, improving efficiency for AI-driven applications. * Supporting for feature development, ReleaseOps, DevOps, SecOps for AI applications, agents and supporting components for package of AI Products. ### Senior DevOps Engineer @ Thales Cloud Security Jan 2019 – Jan 2020 | San Francisco Bay Area - Supported and maintained over 240 servers in cloud and virtual infrastructure, ensuring high availability, security and performance. - Administered Kubernetes clusters and developed secure CI/CD pipelines using Jenkins for efficient deployment. - Automated resource provisioning and configurations for DSM appliance on AWS and GCP, enhancing operational efficiency and security compliance. - Experienced in maintaining HSM and DSM capabilities. Worked on FIPS based kernel builds, openssl, and end to end FIPS enabled security appliance by adapting standards and compliance for the certification of the products. - Worked on enhancing Security Common criteria certification for some products. - Maintained non prod environments with up to date security and reliability requirements. - Provided infrastructure and automation support for security feature developments and QA requirements of the products. ### Staff Software Engineer - Platform Engineering @ GE Digital Jan 2017 – Jan 2019 | San Francisco Bay Area #Restructured by automation and enforcing the environment to comply with industry standards and security best practices* #Enforced Standards and Policies ; Optimized usage cost, security and performance. #Redefined to 99.97% service uptime. - Restructured the VPC networks, peered to connect internally with bastion and eco system - Working to scale the systems infrastructure from small to enterprise level - Built config management, backup/restore, DR lifecycle - NewRelic, DataDog Instrumentation, Synthetic, APM configurations and notification - PagerDuty Integrations, escalation policies and notifications - Worked with central Cybersecurity team in scanning, auditing and mitigating the potential vulnerabilities. - SumoLogic and Prometheus configuration. - Setup Apache Kafka clusters on AWS - Configured Qualys Internal and External scans and mitigated all kinds of vulnerabilities - Mitigated PenTest Scan vulnerabilities - Successfully Setup and established the life cycle policies for Kibana, Elasticsearch central log server + Filebeat harvesting - Built CICD Pipelines for build, deploy, approval and release management with various pipeline stages - Containerized applications for DCOS. - Access control and auditing of user access, group, policies management, credential rotation - SSH and AWS CLI - MFA setup and security enforcement - Network Tunnels to improve the security in access - Ad-hoc developer requests on services failures, issues, availabilities and access - Move applications to auto-Scaling configurations. - Cloud Automations using Lambda functions - Godaddy to Route53 domain migrations - Python scripts for instance bootstrap, automation, TechOps tasks, auto-scaling, and auto deployments. - Shell scripts for TechOps tasks - Automation of Propel to Windows SahiPro testcase integrations - Handling Tenant Management systems of Field service application for 100s of customer tenants. - Basics of Sales force configurations and Integrations of applications. ### Sr Software Engineer - TechOps @ Google Jan 2017 – Jan 2017 | San Francisco Bay Area eTouch Systems Corp.(FullTime)==>Google Inc(Contract) ===>Parrable Inc (Client). =>Google Inc (Parabble ) - AWS to GCP application product migration: - Designed and Built AWS to GCP migration and automation plan using Saltstack and Terraform - Migrate webservers(EC2 servers), databases, IAM, Analytics platform from AWS->GCP. - Restructure terraform modules while migrating to GCP - Migrate as per Industrial standards and Security Best practices - Written terraform scripts, bootstrap scripts for applications - Saltstack scripts to work with GCP instances - Mentored the 4 members team for project success ### Sr.Software Engineer - Dev Ops @ Google Jan 2017 – Jan 2017 | San Francisco Bay Area eTouch(Full Time)-(Google Cloud Project)==>Google Inc(Contract) =>Client Splunk Inc - Containerize applications, deploy in to GKE and migrate applications from AWS ECS - Build and Run various applications in Google Cloud and migrate from AWS - Node JS apps, Bash Shell Scripts, Jenkins Blue Ocean, Pipeline (Groovy Scripts) - Create build and deployment pipelines for webdev products - Automate manual interventions using shell scripts - Automate Jenkins build and deployments - Establish master slave configurations of build and deployment systems - Integrate, configure notification systems - automate to run software test-cases, standards - Build CICD automated systems, pipelines as per industry standards and Best practices - Documents the details of tasks, implementation procedures, and findings - Handle ad-hoc, intermittent issues, fix them to stablise the pipelines. record the solutions in confluence - Handle developers technical operations requests respect to build and deployments. - Monitor and run load tests on CICD environment and adjust the resource requirement for smooth running of process. Migrate as Saas Application (eTouch Sys) - Worked primarily with Google Cloud Platform in setting up the resources for applications services - Install, configure, maintain services and automate the basics repetitive tasks in the cloud. - Automate for CI/CD using tools and plugins - Documenting the findings and experiences - Install, configure, integrate and bring-up the application services until smooth running and consumption. - Automate provisioning and setup using terraform, shell and python scripts. - Dev Ops engineering support for production, stage and development environments. - On-Premise infrastructure support and applications migrations to the cloud. - Build CI/CD Environment in GCP - Automate LAMP setup and application configuration by bootstrap scripts - Analysis, capacity planing, change orientation while migrating to GCP. ### Principal Software Engineer - Cloud Site Operations @ HARMAN International Jan 2016 – Jan 2017 | Bangalore - Dockerise web applications and supporting back-end services - Periodical Production rollout - Automated custom AMI creation that are used for Dockerhost with security - Configuring custom nagios service monitoring and verify nagios alerts. - On-call production availability coverage by time zone - Communicate issues that are affecting production services - Migrate web services to docker containers - Documenting the procedures and record application flow diagrams - Collaborate with Engineering for POCs and Ops Technical Support - Automating container build, and deployments for various web services using jenkins jobs and shell scripts - Setup Hadoop, EMR and Apache Kafka clusters on AWS - Maintain docker hosts, containers security, accessibility to the qa and dev users, and logs rotation - Support to dev on dockerised web services - Automated Nagios client agent configuration in the dockerhost bootstrap and other hardening and access control - Containerized application system integrations within the cloud through private IP - Collaborate, Work with Onshore team for by weekly and daily meetings - Reduce no-of alerts from Nagios - Optimize the cloud usage cost and infrastructure security - Control security groups, minimize the access, minimize usage of root users to avoid potential security breaches - Tableau CLI setup in Jenkins and invoke from Jenkins jobs to refresh the periodical visualization data by Windows Tableau by SSH server - enable and analyse audit, access logs - Collaborate, Work with Onshore team for by weekly and daily meetings - Reduce no-of alerts from Nagios - Optimize the cloud usage cost and infrastructure security - Control and minimize the access, minimize usage of root users to avoid potential security breaches - Enable and analyse audit, access logs - Configured Auto-Scaling for web services - Integrated mobile messaging system for production service state change notifications - Adjusting Nagios alert threshold upon Dev, QA needs ### Senior Software Engineer II - Site-Operations @ HARMAN International Jan 2014 – Jan 2016 | Bangalore Area, India - Ensure production stability and maintain smooth running of applications in Dev, Stage, Prod environments in AWS - Cloud SiteOps technical support to various teams (Server Platform Engineering, Mobile, Automotive Clients, Analytics , QA, Datawarehouse and Visualisation) - Configuring custom nagios service monitoring and verify nagios alerts. - On-call production availability coverage 24/7 by time zone - Automate, manage cloud infrastructure provisioning and setup using Cloud Formation and Basic Ansible CLI script experience - Automated custom AMI creation using for Dockerhost with security and Explore Service Orchestration requirements - Worked to tighten the security by MFA, Key rotation, ssh access, security group and Support to ensure - Setup and support hadoop clusters and support pipeline issues - Verify Nagios alerts, Integrate new service monitoring, and analyze the trends - IAM Access control of services, users, Tools, and cloud resources - Communicate issues affecting production - Reduce single point of failures - Technical Support Hadoop clusters issues and data pipelines. - Manual Postgres, MySQL, Oracle backup restore for recommendation Engine on-demand for POCs - DNS mapping, maintenance, key rotation and https configurations - Upgraded higher version of Queue, Solr, and Couch base services and enabled Multi-node HA. - Technical Support to the team with JRebel, SSH tunnels to route connectivities through bastion. - Automating DB Backup restore and DB sync jobs across AWS region - Maintain log Archival Storage and its life cycle - Provide access, Maintain, administer, prepare for failures of Jira, Jenkins, crucible, reviewboard, SVN, Trac Wiki and confluence - Build on-demand systems for various use-cases on request, scale them. - Move Applications services to Amazon Linux from other OS' - Migrate on-premise servers to AWS cloud - Ops Support to all the product lines - Act to AWS trusted advisors Alerts and configure Audit logs, ELB access logs ### Senior System Analyst - AWS Cloud SaaS Operations @ Neustar MarketShare Jan 2013 – Jan 2013 | Bangalore Payroll company (Value Labs LLB, Hyderabad) - AWS Cloud SaaS Operations and on-demand provisioning, - Ops Support to Big Data Processing, daily, weekly, monthly refresh. - Build High capacity RAID volumes using EBS for FTP server ( for petabyte raw file storage) - Build shell script to aggregate raw files by date and notify if there is anything missed - Modify python scripts to add new parameters upon cloud changes orientation - Mentor new ops members - Run regular data refreshes and communicate the data structure issues - Create Tunnel to connect Hadoop clusters in the cloud - Oracle Custom DB setup in the AWS cloud for POC - Apache, Tomcat Webservers, - Hadoop Administration, track the job failures and communicate to further optimization - Automation and System integration of Java applications and its dependent resources, - Cloud Infrastructure resources setup, install, configure and optimize, - Opensource software platform implementation, - Hadoop eco system setup, configuration, support, performance optimization, - Cost and time effective solution and implementation. - Periodically optimize the usage cost, Infrastructure security - Provide ops support for R&D of applications and Bench marking, - AWS Cloud architecture and Implement use-case in cloud - Shell script to automate regular back up tasks, deployment tasks. - Capacity management, scale up and down, fail-over, auto-scaling automations - Process flow, work flow automation, event based triggers by polling - Configure Monitoring, respond to issues, and alerts and optimization. - Report vulnerabilities to security team. - Build a script to manage raw files and life cycle policy to move to the archival storage. ### R&D Engineer II, Software (Virtualization, Cloud and SaaS Operations) @ Nokia Siemens Networks Jan 2009 – Jan 2013 | Bangalore India Porting the Telecom product on the Virtualization and AWS cloud platform Automation, AMI preparation, AMI upload, bringup the application services and integrate with funtional nodes and databases. Porting the Telecom product on the private cloud infrastructure - Eucalyptus Java application setup in a distributed computing environment. Cloudera hadoop cluster setup and administration, performance tuning. OCS farm cluster setup , installation SAN, NAS Storage integration Shell scripting, SaaS provisioning, Cluster, RAC configuration. Distributed computing infrastructure setup. Hardware, Storage and Network configuration and administration. Linux, Unix, Solaris administration. Application server, VAS deployments on the cloud and real servers. Automating AWS cloud infrastructure tasks. Setting up the multi-node telecom application products in the AWS cloud. Monitoring Measuring, Bench marking the resource utilization. R&D infrastructure technical support, Support for AWS Cloud, Virtual servers of application Innovation environment. POC demo, trial support. ### R&D Engineer I -Test Bed @ Nokia Siemens Networks Jan 2008 – Jan 2009 | Bengaluru Area, India - Engineering TestLab - Large scale distributed server, application installation, configuration, administration, patching, hardware setup, network setup, storage initiation and bringing up the applications BSS-Charging & Billing products setup implementation -IN, Porting the Telecom product on the Virtualisation and cloud platform, Java application setup OCS farm cluster setup , installation Storage integration Shell scripting Cloudera hadoop setup and administration, Cluster, RAC configuration. Distributed computing infrastructure setup. Hardware, Storage and Network configuration and administration. Linux, Unix, Solaris administration. Application server, VAS deployments real servers. Automating VAS deployment infrastructure tasks. Documentation. Measuring, Bench marking the resource utilization. R&D infrastructure technical support, Support to the Innovation environment and POC demo, trial support. ### Sr Customer Engineer @ HCL Infosystems Ltd. Jan 2008 – Jan 2008 | Nagpur Area, India Customer Remote Support Engineer Enterprise and Mid Range server hardware and operating systems Network Subnet and LAN Install, configure and setup applications on Linux, HP-UX, Windows 200X, Novell, SCO, Windows NT, and SuSe Linux servers Backup , Restore, data recovery strategies. Printer configurations Tape Backups and Restores Sun, HP Storage arrays ArgGis Application installation Oracle, DB2, MySQL, Sybase DB setup and configurations. Database backup and Restore strategies. Shell scripts, Linux, Groups, access permission management. OS, System, Network Security and configuration Cron Job scheduling and automation by script As an average met 4 to 5 customers per day solving issues permanently by travelling 50 to 150 miles per day, 6 days per week. ### Customer Engineer @ HCL Infosystems Ltd. Jan 2004 – Jan 2007 | India Infrastructure bring up, Customer Support, Server and Network configuration and Administration, Remote technical support, Backup/Restore strategy, Highly available solution support, Troubleshooting, Infrastructure design and implementation. Solutions for day-to-day problems and repeating issues. Novell Netware, Sun Solaris, HP Unix, Redhat Linux servers installation, server services configuration and administrations. Intel X86, SPARC, PARISC architecture hardware setup and troubleshooting Server, Desktop, Dump Terminal - client server model Volume managers, HA Cluster, Storage arrays, Tape drives- backup restore methods. SCO Unix server installation and configuration Oracle, SyBase, DB2 database installation, customisation and application bring up until smooth running of the software. Software demo, customer interaction, Solving end customer requirements to government, public sector, private organization, Institution, Finance, Insurance and banking domains. As an average met 4 to 5 customers per day solving issues permanently by travelling 50 to 150 miles per day, 6 days per week. ### Technical Apprentice (Electronics-Systems Dept.) @ Bharat Heavy Electricals Limited Jan 2003 – Jan 2004 Electronic Data Processing center - SSTP(Seamless Steel Tube Plant) - EDP HPBP (High Pressure Boiler Plant) End user technical support, customer relationships, EDP, LAN establishment, Optical Fiber Cable network establishments, Server hardware, LAN troubleshooting, Software demonstration, Server Administration, Data backup and restore, Server, clients, peripherals, Installation, Configurations and troubleshooting. Vendor coordination, Inventory, and planning for computer hardware, software, peripheral and consumables procurements. ## Education ### Diploma in Engineering in Electronics and Communications Engineering Government Polytechnic College, Aranthangi ### Bachelor of Technology - BTech in Electronics and Telecommunication Engineering Janardan Rai Nagar Rajasthan Vidyapeeth University ### Master of Business Administration in Finance, General Alagappa University, Alagappa Nagar, Karaikudi ### Master of Computer Applications in Artificial Intelligence Amity University, Noida ## Contact & Social - LinkedIn: https://linkedin.com/in/sureshk2806 --- Source: https://flows.cv/sureshkumar JSON Resume: https://flows.cv/sureshkumar/resume.json Last updated: 2026-04-12