Hi, I'm Lal Budha

DevSecOps Engineer & Instructor | Securing Cloud Infrastructure | Training Global Teams

View My WorkGet In Touch
Scroll Down

About Me

DevSecOps Engineer & Instructor with 8+ years of experience securing cloud infrastructure and training global teams. Specialized in zero-trust architectures, automated security, and cost-optimized solutions.

DevSecOps Engineer & Instructor at Yoll Academy, specializing in zero-trust architectures and automated security. Reduced infrastructure costs by 90% while training global teams.

8+
Years Experience
90%
Cost Reduction
7+
Certifications
Global
Training

Security First

Implementing security at every layer of the development lifecycle

Cloud Native

Expert in AWS, Azure, and GCP with focus on scalable architectures

Automation

Building CI/CD pipelines and Infrastructure as Code solutions

Development

Full-stack development with modern frameworks and best practices

Technical Skills

Technologies I use to build secure and scalable infrastructure

Cloud

🟠

AWS

⚑

EKS

πŸ”΅

Azure

πŸ”΄

GCP

DevOps

☸️

Kubernetes

🐳

Docker

IaC

πŸ—οΈ

Terraform

πŸ”§

Ansible

CI/CD

πŸ”„

Jenkins

βš™οΈ

GitHub Actions

🦊

GitLab CI

πŸš€

ArgoCD

Code

🐍

Python

🐹

Go

πŸ’›

JavaScript

Script

πŸ’»

Bash

Security

πŸ”

SonarQube

πŸ›‘οΈ

Trivy

⚑

OWASP ZAP

πŸ—ΊοΈ

Nmap

πŸ”

Vault

Monitor

πŸ“Š

Grafana

πŸ”₯

Prometheus

πŸ“ˆ

Splunk

πŸ”

ELK Stack

OS

🐧

Linux

VCS

πŸ”—

Git/GitHub

Network

🌐

Networking

πŸ–₯️

Web Servers

Work Experience

Building secure and scalable infrastructure solutions across various industries

DevSecOps Engineer / Instructor

Yoll Academyβ€’Full-time
Jun 2023 - Presentβ€’2 yrs 5 mos
πŸ“ United States, 10306 Eaton Place, Suite 300 Fairfax, VA, 22030
  • β€’Took initiative of integrating security into DevOps workflows using Git/GitHub, Jenkins, Terraform, Docker, K8s, AWS, SonarQube, Trivy, Grafana, Nmap, and OWASP Top 10
  • β€’Trained global students on DevSecOps tools and practices, equipping them with skills to excel in the DevSecOps landscape
  • β€’Optimized and scaled DevOps infrastructure, helping reduce costs by 90% through strategic implementation of open-source solutions
  • β€’Enhanced compliance and resilience across development to deployment pipelines
KubernetesBash ScriptPythonSonarQubeAWSJenkinsLinux System AdministrationCyber Security

Associate DevSecOps Engineer

Yoll Academyβ€’Contract
Nov 2022 - Oct 2023β€’1 yr
πŸ“ Remote
  • β€’Seamlessly integrated security into DevOps workflows using key tools like Git/GitHub, Jenkins, Terraform, Docker, AWS, SonarQube, Trivy, Grafana, Nmap, and OWASP Top 10
  • β€’Ensured compliance, resilience, and continuous improvement of security measures across development to deployment
  • β€’Implemented automated security scanning and vulnerability assessment processes
  • β€’Collaborated with cross-functional teams to establish security best practices
Git/GitHubJenkinsDockerTerraformSonarQubeLinux System AdministrationWeb ServersNagios XIAWSCI/CDSplunkGrafanaNetworkingScripting

DevOps Engineer

Oxenham Groupβ€’Contract
Nov 2021 - Oct 2022β€’1 yr
πŸ“ United States - 4816 S Technopolis Dr, Sioux Falls, SD 57106
  • β€’Streamlined software delivery by automating release pipelines, fostering collaboration across teams
  • β€’Optimized AWS infrastructure, tackling operational hurdles and implementing robust security measures
  • β€’Implemented proactive monitoring and fine-tuning to ensure peak performance and reliability
  • β€’Played key role in setting up monitoring and alert systems, keeping defenses vigilant
AWSDockerKubernetesJenkinsTerraformMonitoringSecurity

DevOps Engineer

Deerhold Ltd.β€’Full-time
May 2021 - Oct 2021β€’6 mos
πŸ“ Sifal, Kathmandu, Nepal
  • β€’Assisted in streamlining software delivery pipelines and automated infrastructure tasks
  • β€’Monitored system performance and fostered collaboration between teams
  • β€’Optimized release management, cloud infrastructure, and ensured security throughout development lifecycle
  • β€’Contributed to DevOps best practices implementation across the organization
DockerKubernetesCI/CDCloud InfrastructureMonitoring

IT & Network Administrator

Shree Krishna Engineering Pvt. Ltdβ€’Full-time
Mar 2017 - Apr 2021β€’4 yrs 2 mos
πŸ“ Dillibazar, Kathmandu, Nepal
  • β€’Oversaw network and server maintenance, upgrading hardware and software
  • β€’Supervised staff and configured routing, switching, and firewall systems
  • β€’Installed security systems and analyzed network security
  • β€’Documented processes and ensured data backup and recovery procedures
Network AdministrationServer ManagementSecurity SystemsFirewall Configuration

Licenses & Certifications

Professional certifications in cybersecurity, cloud technologies, and ethical hacking

7
Active Certifications
5
Security Certs
3
Specializations
2024
Latest Cert
Security

Practical Ethical Hacking

TCM Security

Aug 2024Active
Security

Practical Web Application Security and Testing

TCM Security

Jul 2023Active
Security

Certified in Cybersecurity (CC)

ISC2

Jun 2023Active
Cloud

AWS Academy Graduate - AWS Academy Cloud Foundations

Amazon Web Services (AWS)

Nov 2021Active
Technology

Huawei Seeds For The Future 2021 Graduate

Huawei

Nov 2021Active
Security

Fortinet Fortigate Cookbook

Cybrary

May 2021Active

Featured Projects

Real-world DevSecOps projects with measurable security outcomes

Zero-Trust Cloud Infrastructure Orchestration for Scalable E-Commerce Ecosystem
CodeLive Demo

Zero-Trust Cloud Infrastructure Orchestration for Scalable E-Commerce Ecosystem

Architected a multi-region, zero-trust AWS infrastructure for a global e-commerce platform handling 1M+ daily transactions, integrating runtime encryption, automated drift detection, and AI-enhanced anomaly response to safeguard against sophisticated supply chain attacks.

Key Technologies

AWS (EC2, S3, VPC Peering, GuardDuty)Terraform with TerragruntHashiCorp VaultSonarQubeGitHub ActionsFalco

Key Outcomes

  • βœ“99.99% uptime during peak loads
  • βœ“Reduced MTTD vulnerabilities by 70%
  • βœ“Eliminated lateral movement risks
  • βœ“PCI DSS Level 1 compliance with zero audit findings
End-to-End Secure CI/CD Pipeline with Policy-as-Code for Distributed Microservices
CodeLive Demo

End-to-End Secure CI/CD Pipeline with Policy-as-Code for Distributed Microservices

Engineered a resilient, policy-driven CI/CD pipeline for a fintech application comprising 100+ microservices, embedding SAST/DAST/SCA scans, automated remediation workflows, and blockchain-based audit trails to ensure tamper-proof deployments in regulated environments.

Key Technologies

Jenkins with Blue OceanDocker ComposeKubernetes (EKS)OWASP ZAPTrivySnykGitLab CI/CDOPA

Key Outcomes

  • βœ“Accelerated release cycles from weekly to daily
  • βœ“95% automated vulnerability fixes
  • βœ“Lowered false positives by 60%
  • βœ“SOC 2 Type II attestation maintained
Advanced Container Runtime Security and Orchestration in Multi-Tenant Kubernetes Clusters
CodeLive Demo

Advanced Container Runtime Security and Orchestration in Multi-Tenant Kubernetes Clusters

Fortified a production-grade, multi-tenant Kubernetes setup for a healthcare SaaS provider, incorporating eBPF-based kernel-level monitoring, immutable infrastructure, and automated quarantine for compromised pods to counter zero-day exploits and ransomware.

Key Technologies

Kubernetes (AKS/GKE)DockerFalco with eBPF probesAqua SecurityHelm ChartsPrometheus/GrafanaCilium

Key Outcomes

  • βœ“Mitigated 150+ runtime threats in real-time
  • βœ“Shrunk attack surface by 65%
  • βœ“HIPAA/HITECH compliance ensured
  • βœ“Improved pod startup time by 40%
Multi-Cloud Compliance Orchestration Platform with Automated Remediation Loops
CodeLive Demo

Multi-Cloud Compliance Orchestration Platform with Automated Remediation Loops

Built a unified compliance-as-code platform spanning AWS, Azure, and GCP for a multinational enterprise, featuring real-time auditing, AI-prioritized risk scoring, and self-healing configurations to align with GDPR, ISO 27001, and NIST frameworks in dynamic environments.

Key Technologies

Ansible TowerAzure PolicyAWS Config RulesGCP Security Command CenterCheckovPython/Boto3Steampipe

Key Outcomes

  • βœ“Automated 90% of compliance workflows
  • βœ“Slashed audit cycles from months to days
  • βœ“Prevented 200+ configuration drifts annually
  • βœ“95%+ continuous compliance scoring
ML-Augmented Threat Intelligence and Response System in GitOps-Driven Workflows
CodeLive Demo

ML-Augmented Threat Intelligence and Response System in GitOps-Driven Workflows

Deployed an AI-powered threat detection and orchestration system within a GitOps pipeline for a logistics conglomerate, fusing log analytics, behavioral baselining, and automated incident response playbooks to preempt advanced persistent threats (APTs) and insider risks.

Key Technologies

ELK Stack with Elastic MLSplunk PhantomTensorFlow/KerasAWS GuardDutyGitOps via FluxCD/ArgoCDZeek

Key Outcomes

  • βœ“Identified and neutralized 30+ APT indicators
  • βœ“Reduced MTTR by 75%
  • βœ“Enhanced threat hunting with 85% accuracy
  • βœ“Integrated into zero-trust architectures

Get In Touch

Ready to secure your infrastructure? Let's connect!

Let's Connect

Ready to work together?

E

Email

lalbudha47@gmail.com

in

LinkedIn

codeboylal

gh

GitHub

codeboylal

⚑ Response Time: Usually within 24 hours