Freelancer profile translated to English.

Description

I help you industrialize your platforms, secure your cloud environments, and ensure production reliability worthy of SRE standards. I intervene when it's necessary to set up or improve your Kubernetes environments, optimize your CI/CD pipelines, strengthen security, reduce incidents, or guide your teams towards a mature DevSecOps approach.

What I bring you:

Robust and secure cloud-native architectures (AWS, GCP, OVH).
Advanced expertise in Kubernetes, EKS/GKE/OVH Managed K8s, GitOps, autoscaling, monitoring, and hardening.
High-performance CI/CD pipelines integrating security scanning, automated tests, supply-chain security, and continuous deployments.
An SRE approach focused on performance, SLOs/SLIs, MTTR reduction, availability, and operational best practices.
An offensive security dimension: technical audit, internal attack simulation, Docker/K8s hardening, defense control verification.
Support and training for your teams to accelerate DevOps/Cloud skill development.

My usual deliverables:

Complete setup of a production-ready Kubernetes cluster.
Creation or redesign of CI/CD pipelines.
Migration to a cloud-native architecture.
Deployment of observability tools (Prometheus, Grafana, Loki, ELK).
Cloud and container security hardening.
Clear documentation and skills transfer.

I am available for high technical value missions, fully remote.

Industry field of expertise

Languages

English
Fluent
French
Native or bilingual

Workplace preferences

Remote only

Primarily works remotely

Fasfox
SRE & DevSecOps Tech Lead
DIGITAL AND IT
March 2024 - September 2025 (1 year and 6 months)
Paris, France
Technical leadership of cloud and containerized platforms, with a Kubernetes reference role: architecture, hardening, deployments, autoscaling, network optimization, advanced observability, and implementation of production standards.
Design and management of highly available infrastructures on OVH Cloud: Kubernetes/Managed Kubernetes, Load Balancer, Private Networks, Public Cloud, storage, network security, and cost optimization.
Implementation of robust CI/CD pipelines integrating supply-chain security: SAST/DAST scans, dependency control, image signing, Zero Trust, artifact verification, and workload security.
Global strengthening of offensive security: technical audits, controlled vulnerability exploitation, internal penetration tests, attack surface analysis, Linux hardening, and detection mechanism validation.
Implementation of SRE best practices: SLO/SLI/SLA definition, MTTR reduction, incident management, structured post-mortems, continuous improvement, and automation of service reliability.
Training, support, and skill development for DevOps/Cloud teams: creation of internal documentation, individual coaching, workflow standardization, Git/GitOps practices, cloud and operational security.
Infrastructure as Code via Terraform and Ansible: reproducible provisioning, multi-tier environments, secrets management, access policies, compliance, and change automation.
Implementation of comprehensive observability solutions: Prometheus, Grafana, Loki, ELK, intelligent alerting, log auditing, traces, and metrics for real-time platform visibility.
Operational leadership: technical decisions, strategic framing, architecture reviews, priority management, and inter-team coordination to ensure stability, security, and performance.
OVHCloud Kubernetes Terraform Red Hat Linux PenTest
ERUGIS Consulting
DevSecOps Consultant – AWS & Kubernetes Specialization
TECH
November 2022 - May 2023 (6 months)
Design and optimization of AWS Cloud architectures: VPC, subnets, security groups, IAM, ALB/NLB, RDS, EKS, S3, CloudFront, Route53, CloudWatch.
Setup, management, and security of Kubernetes clusters (EKS & K3s): deployments, autoscaling (HPA/VPA), network policies, Ingress, TLS, RBAC, and workload hardening.
Creation of robust CI/CD pipelines (GitLab CI, GitHub Actions, Jenkins) with integration of automated tests, security scans, optimized Docker builds, and continuous deployments on EKS.
Deployment of infrastructure as code with Terraform (reusable modules, workspaces, secure state, scalable architecture).
Implementation of AWS security policies: IAM least privilege, centralized secrets rotation and management via AWS Secrets Manager and Vault, image control, CloudTrail auditing.
Building and optimizing secure, multi-stage, and high-performance Docker images, reducing build times and standardizing environments.
Deployment of complete observability solutions: Prometheus, Grafana, Loki, ELK, CloudWatch Metrics/Logs, advanced dashboards, intelligent alerting.
Implementation of high availability and disaster recovery strategies: RDS/S3 backups, multi-AZ replication, proactive monitoring, resilience testing.
Environment automation via Ansible, Bash/Python scripts, and GitOps workflows (ArgoCD, Flux).
Support for Dev, Ops, and security teams: cloud-native best practices, AWS cost optimization, Kubernetes hardening, DevSecOps culture.
Kubernetes Terraform Ansible Amazon Web Services (AWS) Gitlab CI/CD
Wazoom Studio
Senior SRE & DevSecOps Engineer
DIGITAL AND IT
July 2022 - January 2024 (1 year and 6 months)
Neuilly-sur-Seine, France
Design, deployment, and optimization of large-scale cloud-native platforms on AWS (EKS, EC2, VPC, ALB/NLB, RDS, IAM, CloudWatch) and GCP (GKE, Cloud Run, Cloud Storage, Pub/Sub, IAM, Stackdriver).
Advanced Kubernetes expertise: HA architecture design, Ingress + TLS, RBAC, Network Policies, autoscaling (HPA/VPA/Cluster Autoscaler), advanced resource management, deployment strategies (Blue/Green, Canary, Progressive Delivery).
Implementation of SRE standards: SLOs, SLIs, SLAs, MTTR reduction, availability rate improvement, incident management, post-mortems, end-to-end observability, and remediation automation.
Development and maintenance of reliable CI/CD pipelines (GitLab CI, Jenkins, GitHub Actions) integrating automated tests, security scanning, optimized builds, and continuous deployments on EKS/GKE.
Setup of infrastructure as code via Terraform (modules, workspaces, state management), multi-environment organizations, automated security and compliance.
Complete observability via Prometheus, Grafana, Loki, Alertmanager, ELK, CloudWatch, Stackdriver: creation of key dashboards, intelligent alerting, performance monitoring, and resource optimization.
Management and hardening of containerized workloads: secure Docker images, scanning, signing, dependency control, supply-chain security, and Zero Trust on Kubernetes.
SRE/DevOps automation with Ansible, Bash/Python, GitOps (ArgoCD, Flux), and integration of reliability engineering best practices.
Technical leadership: team mentoring, continuous improvement, environment standardization, and dissemination of DevSecOps/SRE culture.
Kubernetes Amazon Web Services (AWS) Google Cloud Platform (GCP) Terraform Monitoring

Check out Krist's experience

Be the first to recommend Krist

Help this freelancer shine by sharing your experience working together.

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

Baptiste Duhen

Fullstack developer

4.6

(4)

Amed Hamou

Senior Lead Developer

(2)

Audrey Champion

Web developer

4.3

(3)

Signup to reveal

Master in Audit and Security of Computer Systems and Networks
ESGIS
2016
Administration Linux, Cybersécurité, Pentest, Cloud Computing

CKA: Certified Kubernetes Administrator
The Linux Foundation
2021
https://www.credly.com/badges/c98ba907-ca03-4d48-813a-956697e452ba/public_url
Orchestration Conteneurisation Network Clustering Kubernetes

Krist Durand

Senior SRE & DevSecOps Engineer

About Krist

Experience

Recommendations

These freelancer profiles also match your criteria

Education

Certifications

Skill set

Categories