Evan Hermenau

Washington D.C. Metro Area -remove-

Navy Cyber Warfare Technician transitioning from 10 years of service. Expert in architecting resilient, zero-trust distributed systems. Combines a deep security background with cloud-native expertise to build observable, hardened platforms designed for peak performance and global scale.

Technical Expertise

Cloud Native Orchestration

Kubernetes ArgoCD Helm Kustomize

Infrastructure as Code

Terraform Ansible Python GitOps

Cloud & Virtualization

AWS GCP vSphere

Security & Identity

Zero Trust Secrets Management (m)TLS / PKI Linux Hardening

Observability & Telemetry

Prometheus Grafana OpenTelemetry Splunk

Distributed Systems & Networking

L4/L7 Traffic Management Message Queuing (RabbitMQ/SQS) High Availability (Keepalived/VIP) NGINX/Traefik

Systems Engineering

Linux Internals Kernel Networking (IPTables/Firewalld) DNS/DHCP

Data Storage

PostgreSQL (HA/Replication) MongoDB (Replica Sets) S3

Experience

Senior Platform Engineer

U.S. Navy

June 2020 - Present

Cyber Analyst

U.S. Navy

November 2017 - June 2020

Education

University of Maryland Global Campus

B.S. Computer Networks and Cybersecurity

Summa Cum Laude

2019 - 2023

Joint Cyber Analysis Course (JCAC)

U.S. Navy

Graduated with Honors (Top 10% of Class)

2017

Certifications

Certified Kubernetes Administrator (CKA)

CNCF / Linux Foundation

Active

AWS Certified DevOps Engineer – Associate

Amazon Web Services

Active

AWS Certified Solutions Architect – Associate

Amazon Web Services

Active

Certified Information Systems Security Professional (CISSP)

ISC²

Active

Red Hat Certified Engineer (RHCE)

Red Hat

Active

HashiCorp Certified: Terraform Associate

HashiCorp

Active

Red Hat Certified Specialist in Containers

Red Hat

Active

GIAC Python Coder (GPYC)

GIAC

Active

GIAC Cloud Security Automation (GCSA)

GIAC

Active

GIAC Penetration Tester (GPEN)

GIAC

Expired

Cisco Certified Network Associate (CCNA)

Cisco

Expired

Projects

BUILDING A ZERO TRUST DISTRIBUTED SYSTEM

Kubernetes, RabbitMQ, MongoDB, NGINX, Traefik, Cloudflare, Python

Architected a resilient application using a highly available ingress layer, asynchronous messaging, persistent data replication, and secure remote access via a zero trust network.

Read Technical Deep Dive

PLATFORM RESILIENCY IN RESTRICTED CLOUD ENVIRONMENTS

AWS, Kubernetes, Zero Trust, Cloudflare

Provisioned a highly available platform in a restricted VPC using private networking, AWS native services, and Cloudflare Zero Trust for remote access.

Read Technical Deep Dive

MULTI-ENVIRONMENT EKS PLATFORM

EKS, Terraform, Route53, Gitlab CI, OIDC

Engineered a scalable AWS infrastructure suite for VPC networking, Route53 DNS orchestration, and EKS clusters. Developed a high-velocity GitLab CI/CD architecture featuring OIDC-based identity federation and a strictly governed staging-to-production promotion workflow.

View on GitLab

HYBRID-DNS WEBSITE ORCHESTRATOR

Terraform, Cloudflare, AWS, Gitlab CI, OIDC

Engineered a multi-tenant IaC framework for automated site deployments across AWS and Cloudflare using GitLab OIDC for passwordless authentication and GitOps-driven state management.

View on GitLab

HOSTING A WEBSITE USING IaC PRINCIPLES

AWS, Gitlab, CICD, Hugo

Hosted a personal portfolio website using Hugo, Gitlab CICD pipelines, OIDC, and AWS Cloudfront + S3.

View on GitLab