Bahadır Geçgel

Senior DevSecOps Engineer · Ankara, TR · bahadir.gecgel@gmail.com

Contact Download CV

Building secure, automated cloud platforms — fintech-grade.

DevSecOps engineer with 5+ years’ experience (3yrs fintech) running AWS multi‑account environments, Kubernetes/GitOps, and security at scale. Organization‑level superadmin, point of contact for infra & security. PCI DSS & GDPR compliant. Cost‑focused. Automation‑obsessed.

Cloud
AWS · 4 accts · 100+ servers
Delivery
80% faster releases
Cost
30% cloud savings
Kubernetes (EKS) GitOps (ArgoCD, Kustomize) HashiCorp Vault Cloudflare (DNS/WAF) GitLab CI/CD Prometheus · Grafana

Selected Work

Release Orchestrator

End‑to‑end automated releases via Jira → GitLab → Slack/Gmail. Cut release window from half‑day to ~1 hour.

  • GitLab CI templates, reusable pipelines
  • Slack approvals & notifications
  • Audit‑friendly change logs

Secret Management Overhaul

Replaced SOPS with HashiCorp Vault. No secrets in Git. Auditable, version‑controlled, JIT DB access.

  • Vault + Jira + Slack integration
  • Time‑boxed credentials & access trails

Cloudflare Migration

Moved DNS/WAF/edge to Cloudflare with zero downtime; improved posture and simplified ops.

  • gRPC/HTTP3 ready, strict TLS
  • Rulesets & automation

Cost & Observability

Migrated from OpenSearch to self‑hosted Elasticsearch; dashboards for SLO/error budgets; 30% monthly savings.

  • Prometheus + Grafana
  • Elasticsearch ingest pipelines

Contact

📧 Email 🔗 LinkedIn

This site is static, deployed on Cloudflare Pages. Changes are delivered via GitOps-style workflows.