Luhur Muhamad Fatah

Cloud Platform & DevOps Engineer

code Skills

Amazon Web ServicesGoogle Cloud PlatformMicrosoft AzureOpenStackDockerPodmanDocker ComposeKubernetesHelmSUSE Linux Enterprise ServerRed Hat Enterprise LinuxUbuntuAmazon LinuxTerraformAnsibleTerragruntGrafanaPrometheusGraylogZabbixAlertmanagerAWS CloudWatchGitHub ActionsGitLab CI/CDJenkinsAWS CodeBuildAWS CodePipelineFluxCDNode.jsPythonBashCephMinIORabbitMQRedisExternal SecretsKarpenterKVMKyverno

work Work Experience

Cloud Platform Engineer - Senior Analyst

Accenture • Semarang, Indonesia

12/2024 - Present

Managed 300+ AWS-based Linux and Windows servers, overseeing end-to-end lifecycle operations including provisioning, patching, security hardening, vulnerability remediation, and decommissioning, with established rescue and rollback procedures to ensure system reliability.
Remediated security findings from CSPM tools (Prisma Cloud, AWS Security Hub) aligned with CIS benchmarks and other industry standards, ensuring compliance without disrupting operations.
Owned automation and standardization initiatives, redesigning Ansible playbooks into reusable, role-based frameworks with Vault integration, and developing AWS automation (EC2, AMI, EBS) that reduced execution time by over 50%.
Owned infrastructure improvement initiatives, leading a SUSE Linux upgrade POC that enabled repeatable MOPs and reduced upgrade risk, and conducting AWS Global Accelerator assessment that improved API latency in development.
Owned DevOps adoption initiatives, led Gitea implementation, facilitated training workshops, and standardized code management by migrating fragmented scripts to a centralized, version-controlled platform.
Owned critical platform upgrades such as the EC2 Instance Scheduler, executing a zero-downtime Blue/Green migration, and eliminating manual onboarding processes.
Contributed to team growth through mentorship and enablement by coaching an intern with a structured curriculum and hands-on labs, and delivering internal training sessions, including a 2-day AWS workshop for 35+ participants, achieving 90% satisfaction.
Delivered operational support via ServiceNow (incident, service request, change, and problem management) for AWS and OS platforms, including monitoring, P1 incident response, on-call participation, and root cause analysis to maintain high service availability.

DevOps Engineer

Feedloop AI • Remote

12/2023 - 12/2024

Architected and standardized a GitOps-based deployment platform across 5+ products (20+ services) using FluxCD and GitHub Actions, and improved security by migrating secrets from hardcoded plain text to AWS Secrets Manager with External Secrets Operator.
Migrated 10+ containerized products (50+ services) from AWS to another cloud provider, reducing infrastructure costs by over 50% with minimal downtime.
Designed and delivered a highly available on-premises Kubernetes platform, covering documentation, architecture, implementation, and integration with client tools.
Designed, built, and maintained cloud infrastructure across multiple clients and industries using AWS, GCP, Azure, and local cloud providers.
Managed and maintained CI/CD pipelines and Infrastructure as Code (IaC) for AWS environments using GitHub Actions, AWS CodePipeline, AWS CodeBuild, Terraform, and Bash.
Led deployments of containerized SaaS products across multiple clients using Docker, Docker Compose, Podman, and Kubernetes (on-premise and managed services like EKS, GKE, AKS), with most services deployed using Helm charts.
Designed and implemented a centralized VPC endpoint architecture using a hub-and-spoke model with Transit Gateway and Route53, resolving IP exhaustion issues in AWS.
Built an automation solution to scale Kubernetes deployments during non-peak hours in development environments, reducing costs using AWS Lambda, EventBridge, Python, Kubernetes client libraries, and Terraform.
Deployed and maintained LLM and embedding models across multiple Kubernetes platforms using vLLM, including deployments in highly secured environments.
Resolved security and compliance findings from CSPM, IaC scanning, and SAST tools, and improved Terraform modules to align with IM8 compliance standards and prevent recurring issues.

Cloud Operation Engineer

Boer Technology • Remote

12/2022 - 11/2023

Managed and maintained a large-scale Ceph and OpenStack cluster across 250+ bare-metal servers, focusing on troubleshooting and optimizing nodes in a hyper-converged architecture.
Deployed and maintained multiple on-premises Kubernetes clusters using kubeadm, managing core platform components including CNI (Calico, Flannel), load balancing (MetalLB), and ingress controllers (NGINX), along with other critical cluster services.
Deployed and maintained monitoring and logging solutions for OpenStack, Ceph, Kubernetes, and bare-metal nodes. Utilized tools such as Grafana, Prometheus, Alertmanager, Node Exporter, Graylog, and Zabbix to ensure comprehensive visibility and operational insights across the infrastructure.
Created operational procedures (MOPs), responded to incidents, and documented issues to ensure clear and efficient resolution.
Automated infrastructure provisioning and operational tasks by deploying KVM-based virtual machines with Terraform and developing Python and Bash scripts to streamline workflows and improve efficiency.

Cloud Computing Mentor

Bangkit Academy • Remote

02/2023 - 07/2023