βοΈπ‘οΈ Cloud DevOps / DevSecOps Engineer | π§ Splunk Architect | π» Backend Developer (Python & Node.js)
π Ghana πnakodtech.xyz | π https://linkedin.com/in/bernard-ofosu
Cloud DevOps / DevSecOps Engineer with 6+ years of experience designing, deploying, and operating production-grade cloud & hybrid infrastructures.
π§ Specialized in CI/CD automation, Kubernetes platforms, observability, and security, with strong hands-on expertise across AWS βοΈ, Azure βοΈ, and GCP βοΈ.
π€ Automation & IaC:
Ansible, Shell Scripting, Python, Go (Golang), Terraform
π οΈ CI/CD & Platform Tools:
Kubernetes, Jenkins, GitHub Actions, GitLab CI/CD, Trivy, SonarQube, Splunk, Prometheus, Grafana
π» Backend Development:
Python (FastAPI, Flask), Node.js (Express)
π― Core Focus:
Automation β‘ β’ Reliability π β’ Security π β’ Scalability π
I design and operate secure, scalable, and observable cloud platforms using modern DevOps and DevSecOps practices. I have extensive experience building end-to-end CI/CD pipelines, containerized platforms, and enterprise observability solutions.
My background in GIS & Spatial Systems gives me a systems-thinking approach to infrastructure, resilience, and performance optimization. I enjoy solving complex problems through automation and data-driven insights.
- Build and automate CI/CD pipelines for cloud-native workloads
- Design and operate Kubernetes platforms (EKS, AKS)
- Implement observability using Splunk, Prometheus, and Grafana
- Secure pipelines and platforms using DevSecOps best practices
- Automate infrastructure with Terraform and Ansible
- Reduced manual deployment effort by ~70% through CI/CD automation
- Improved deployment reliability and consistency across environments
- Centralized logs and metrics for 10+ services to improve MTTR
- Implemented security scanning at every pipeline stage (shift-left security)
Description:
Production-grade CI/CD platform centered on Jenkins, orchestrating build, test, security scanning, containerization, and deployment to AWS EKS. Infrastructure provisioned with Terraform, deployments managed via GitOps using Argo CD, and full observability enabled with Prometheus and Grafana.
Tech Stack:
Jenkins β’ AWS (EKS, EC2, VPC, IAM, Route 53) β’ Terraform β’ Docker β’ Kubernetes β’ Helm β’ Argo CD β’ SonarQube β’ Trivy β’ Nexus β’ Prometheus β’ Grafana β’ GitOps β’ DevSecOps
Description:
Modern DevSecOps CI/CD pipeline using GitHub Actions for a 3-tier cloud-native application. Includes automated testing, secret detection, vulnerability scanning, container image build, and Kubernetes deployment.
Tech Stack:
GitHub Actions β’ Node.js β’ Docker β’ Kubernetes β’ SonarQube β’ Trivy β’ Gitleaks β’ Linux β’ Bash β’ DevSecOps
π GitHub:
https://github.com/bernardofosu/3-Tier-GitHub-Actions-Project
Description:
End-to-end Azure DevOps CI/CD implementation deploying containerized workloads to AKS with images stored in ACR. Secure service connections, YAML pipelines, RBAC, and Azure-native monitoring included.
Tech Stack:
Azure DevOps β’ AKS β’ ACR β’ Azure CLI β’ Kubernetes β’ YAML Pipelines β’ RBAC β’ Linux β’ Cloud Monitoring
π GitHub:
https://github.com/bernardofosu/Azure-DevOps-Project-AKS--ACR--CICD-Pipelines--and-Full-Cloud-Monitoring-Setup
Description:
Architect-level Splunk project covering indexer clustering, search head configuration, deployment server architecture, data ingestion pipelines, CIM normalization, troubleshooting, and performance optimization.
Tech Stack:
Splunk Enterprise β’ Indexer Clustering β’ Search Heads β’ Deployment Server β’ CIM β’ Syslog β’ REST APIs β’ Kubernetes Logs β’ Linux β’ Observability
π GitHub:
https://github.com/bernardofosu/Splunk-Architect-Practicals
Description:
Production-grade HashiCorp Vault deployment on AWS EC2 integrated with Jenkins pipelines for secure secrets management using TLS, DNS, RBAC, and short-lived tokens.
Tech Stack:
HashiCorp Vault β’ Jenkins β’ AWS EC2 β’ TLS (Letβs Encrypt) β’ DNS β’ Linux β’ systemd β’ DevSecOps
π GitHub:
https://github.com/bernardofosu/Jenkins-Crush-Course-2025
Description:
A production-style Azure DevOps CI/CD project that automates the build and deployment of a Node.js application backed by MongoDB (Azure Cosmos DB API) to Azure App Service. This project demonstrates both classic pipelines and YAML-based pipelines, showcasing flexibility in Azure DevOps delivery models.
The CI pipeline builds and packages the Node.js application, while the CD pipeline deploys it to Azure App Service using secure service connections. Application configuration, database connectivity, and DNS handling are managed through Azure-native services. The project also includes operational tasks such as cleaning and managing App Service instances via SSH, validating deployments, and inspecting live MongoDB Cosmos DB data.
This implementation highlights end-to-end application delivery on Azure PaaS, combining CI/CD automation, cloud-native application hosting, and managed database services with enterprise-ready practices.
Tech Stack:
Azure DevOps (CI/CD) β’ Node.js β’ Azure App Service β’ Azure Cosmos DB (MongoDB API) β’ Azure CLI β’ YAML Pipelines β’ Classic Pipelines β’ Service Connections β’ SSH β’ DNS β’ Linux β’ Bash β’ Cloud PaaS β’ CI/CD Automation
Repo / Documentation:
Designed AI-powered automation workflows using n8n, integrating APIs, webhooks, and intelligent agents to automate DevOps and business processes.
π GitHub:
https://github.com/bernardofosu/AI-Agents---n8n-Automation-Masterclass---From-Zero-to-Production
π― DevOps & Cloud Engineering β Udemy
- Mastered Python by building 100 projects covering data science (NumPy, Pandas, Matplotlib), automation (subprocess, Invoke, Fabric, Paramiko), and backend web development (Flask, FastAPI, Django).
π Observability & Logging (Certified User) β Cribl
-
π οΈ Production-Grade DevSecOps & Cloud DevOps β DevOpsShack
(Hands-on training covering CI/CD, Kubernetes, DevSecOps, Azure DevOps, AWS, and enterprise-grade projects) -
βοΈ Azure Administrator (AZ-104) β In Progress
π°οΈ Earned earlier in my career, currently not verifiable, and re-certification is planned.
- βοΈ AWS Cloud Practitioner (Legacy β re-certification planned)
- π Splunk Core Certified User (Legacy β re-certification planned)
- π Splunk Core Certified Power User (Legacy β re-certification planned)
- π‘οΈ Splunk Core Certified Admin (Legacy β re-certification planned)
Python β’ Go β’ Node.js β’ JavaScript β’ Bash β’ PowerShell
AWS β’ Azure β’ GCP β’ EC2 β’ VPC β’ IAM β’ EKS β’ AKS β’ CloudWatch β’ Azure Monitor
Docker β’ Kubernetes β’ Helm β’ Kustomize β’ Ingress β’ Container Security
Terraform β’ Ansible β’ CloudFormation β’ ARM Templates
Jenkins β’ GitHub Actions β’ GitLab CI/CD β’ Pipeline Security β’ GitOps
Splunk β’ Prometheus β’ Grafana β’ ELK β’ OpenTelemetry
IAM β’ RBAC β’ HashiCorp Vault β’ Secrets Management β’ Compliance Automation
Iβm open to remote or international roles in:
- Cloud DevOps Engineering
- DevSecOps & Platform Engineering
- SRE & Observability Engineering
π« Contact:
LinkedIn: https://linkedin.com/in/bernard-ofosu
Website: https://blogtechacademy.org
β‘ Fun Fact: I automate everything β and then automate the automation π