Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Andrew Aigbe

Summary

Accomplished Cloud Engineer with over seven years of experience in designing, deploying, and managing cloud solutions on Microsoft Azure and Google Cloud Platform. Expertise in automating deployments utilizing CI/CD and DevOps methodologies, ensuring scalability, reliability, and security during legacy system migrations. Proven track record of collaborating with cross-functional teams to achieve cost reduction and operational efficiency.

Overview

9
9
years of professional experience
1
1
Certification

Work History

AKS Escalation Engineer

Microsoft
07.2022 - Current
  • Delivered advanced technical support for enterprise customers running mission critical workloads on AKS, ACR, ACI with deep expertise across CNI, storage (Azure Disk, Azure Files, CSI drivers), identity, networking, RBAC, and node lifecycle management.
  • Diagnosed and resolved complex customer issues involving pod scheduling, DNS failures, node pressure, kube-proxy, CoreDNS, Cilium, and CSI attach/mount problems, consistently restoring production environments with minimal downtime.
  • Guid customers through AKS cluster upgrades and node image updates, explaining compatibility requirements, performing pre-checks, and mitigating upgrade failures (CSP violations, CNI migrations, drain issues, CSI version mismatches).
  • Led root cause analysis for high severity incidents, identifying underlying failures such as container runtime issues, API server throttling, subnet exhaustion, node taints/evictions, and misconfigured identity bindings.
  • Provided expert support for Azure CNI & CNI Overlay, Azure CNI Powered by Cilium, resolving IP exhaustion, SNAT issues, and race conditions involving Key Vault provider, KMS encryption, and workload identity.
  • Assist customers in configuring load balancers, ingress controllers, and AGIC, resolving issues related to TLS termination, backend health probes, and outbound connectivity restrictions.
  • Drove customer education by explaining Kubernetes fundamentals, Azure integrations, node pools, cluster autoscaler behavior, pod disruption budgets, and AKS operator architecture.
  • Helped customers adopt best practices for AKS security and compliance, including Pod Security Standards, network policies, Azure Policy for AKS, secret management, private clusters, and mTLS.
  • Utilized IaC with Azure Resource Manager and Terraform for seamless and automated deployment.
  • Troubleshot and remediated Azure Files & Azure Disk CSI errors including 403 Forbidden storage account access, SMB mount failures, Stuck PersistentVolumeClaims, Missing controller/daemonset components and Managed Identity access bugs in preview features.
  • Leveraged kubectl, Azure CLI, Kusto (KQL), Container Insights, Network Watcher, Log Analytics, and AKS diagnostics tools to detect failures and accelerate resolution time.
  • Assist customers adopt best practices for AKS security and compliance, including Pod Security Standards, network policies, Azure Policy for AKS, secret management, private clusters, and mTLS.

Cloud Engineer

Mastery Logistics System
05.2020 - 07.2022
  • Spearheaded the deployment, scaling, and management of containerized applications across multiple environments using Azure Kubernetes Service, resulting in increased improvement in deployment speeds and a significant reduction in downtime.
  • Managed Kubernetes cluster configurations, including upgrades, patching, and tuning for optimal performance and security, ensuring high availability and compliance with industry best practices.
  • Deployed and maintain a variety of AKS resources, compute and storage.
  • Implementation of CMEK for deployed resources.
  • Integrated and optimized CI/CD pipelines using Jenkins, GitHub Action, and Kubernetes, facilitating continuous integration and continuous deployment processes that enhanced productivity and operational efficiency.
  • Led the design and implementation of Gatekeeper policies within Azure Kubernetes Service (AKS) to establish robust governance and enforce security standards across all cluster deployments.
  • Utilized Open Policy Agent (OPA) for dynamic policy enforcement, created custom constraints, and templates that integrated seamlessly with CI/CD pipelines, resulting in reduction of deployment issues and enhanced compliance with internal and external security regulations.
  • Managed Scalable object with Azure Storage and optimized SQL/NoSQL databases.
  • Created monitoring dashboards using Azure Monitor, Grafana, Datadog
  • Implemented comprehensive monitoring solutions using Prometheus and Grafana to track system performance and resource usage. Developed automated alerting systems to proactively address potential issues.
  • Contributed to product improvement initiatives by providing valuable insights based on hands-on experience with various cloud engineering tools and frameworks.
  • Collaborated closely with cross-functional teams during major incident response efforts, ensuring timely resolution of critical issues affecting business operations.
  • Enforced IAM Policies and integrated identity provider for secured access controls and authentication.
  • Remote

Google Cloud Support Engineer

Home Depot
02.2019 - 05.2020
  • Designed and configured Google Cloud VPC networks (subnets, routes, DNS, DHCP, firewall rules) and securely deployed Compute Engine workloads following GCP best practices.
  • Implemented high-availability architectures using internal/external load balancers, managed instance groups, and resilient network designs to improve uptime and reliability.
  • Extended on-premises environments into GCP via Cloud VPN, Cloud Interconnect, and VPC peering, enabling secure hybrid connectivity and simplified network management.
  • Managed Cloud IAM roles and permissions across multiple projects, enforcing least-privilege access and supporting audit/compliance requirements.
  • Performed advanced troubleshooting of network, system, and DNS/VPN issues, providing 24/7 operational support, root cause analysis, and performance optimization.
  • Supported data and application workloads using Cloud Pub/Sub, Linux services (NFS, Samba, package repositories), and cloud-based security appliances (virtual firewalls, IDS/IPS).

Cloud Security Architect

Paystack
01.2017 - 02.2019
  • Strengthened multi-cloud security posture by architecting secure landing zones (GCP VPC Service Controls, AWS SCPs, Azure Policies) and IAM guardrails, eliminating cross-project/account privilege drift and enforcing least privilege across all environments.
  • Accelerated secure infrastructure provisioning by automating cloud guardrails and security tooling with Terraform, Ansible, GitHub Actions, and CI/CD pipelines, cutting deployment time from days to minutes and ensuring full auditability.
  • Hardened compute workloads by building automated Windows/Linux image pipelines for GCP, AWS, and Azure, achieving 100% adherence to CIS/STIG benchmarks and reducing manual patching overhead.
  • Improved firewall and network segmentation by engineering enterprise Palo Alto policies, Azure Firewall rules, and AWS VPC security strategies, reducing unauthorized outbound traffic by 90% and tightening egress controls.
  • Enhanced cloud incident response by triaging and remediating findings across IAM misconfigurations, TLS weaknesses, container vulnerabilities, and open services, preventing multiple high-severity exposure events.
  • Reduced unknown internet exposure using CloudFox, ProjectDiscovery, and custom enumeration workflows to identify misconfigured assets, closing dozens of externally reachable endpoints.
  • Operationalized policy-as-code governance by authoring OPA/Rego policies (GCP Policy Controller, AWS Gatekeeper, Azure Constraint Templates), establishing deny-by-default security models and automated CIDR validation.
  • Enabled secure adoption of cloud services by advising engineering teams on IAM patterns (Workload Identity, IAM Roles, Managed Identities), network design, and compliance-aligned deployments, reducing architecture review churn.
  • Improved operational reliability by diagnosing complex multi-cloud issues—DNS failures, identity flow breakages, load balancer misconfigurations, WAF migration bugs—and restoring secure service continuity while reducing escalations.
  • Remote

Education

Higher National Diploma (HND) - Quantity Surveying and Technology

Federal Polytechnic
Nekede, Nigeria
08.2011

National Diploma (ND) - Quantity Surveying and Technology

Ozoro Polytechnic
Delta State, Nigeria
09.2007

Skills

  • CI/CD Tools: Azure DevOps, GitHub Actions, Jenkins, ArgoCD, GitLab
  • Infrastructure Automation/ Programming: Java, Python, Powershell, C Bash scripting, Terraform, Ansible
  • Operating System: Linux (Ubuntu, Red hat), Windows OS
  • Monitoring Tools: Azure Monitor, Prometheus, New Relic, Grafana, Splunk
  • Containerization: Docker, Kubernetes, EKS, GKE, AKS, Helm
  • Cloud Platform: Microsoft Azure, GCP, SAAS, IAAS
  • Networking: VNETs, VPN Proxy Server, Load Balancers, DNS, Active Directory, Wireshark, SCOM, Conviva, Remedy
  • Security: Azure Security Center, IAM, Gatekeeper, OPA, Palo Alto, Azure Firewall, VPC Service Controls, SCPs, Azure Policies, WAF (Cloud Armor, Cloudflare, Akamai, AWS WAF)

Certification

  • Microsoft Azure Administrator Associate
  • Certified Kubernetes Administrator
  • Microsoft Azure Solutions Architect Expert

Timeline

AKS Escalation Engineer

Microsoft
07.2022 - Current

Cloud Engineer

Mastery Logistics System
05.2020 - 07.2022

Google Cloud Support Engineer

Home Depot
02.2019 - 05.2020

Cloud Security Architect

Paystack
01.2017 - 02.2019

National Diploma (ND) - Quantity Surveying and Technology

Ozoro Polytechnic

Higher National Diploma (HND) - Quantity Surveying and Technology

Federal Polytechnic

Similar Profiles

CREATE PROFILE