Evan Hermenau

Washington D.C. Metro Area -remove-

Senior Platform & Infrastructure Engineer transitioning from 10 years of military service. Expert in architecting resilient, zero-trust distributed systems from the ground up. I combine a deep security background with cloud-native expertise to build observable, hardened platforms designed for peak performance and global scale. Seeking new opportunities starting December 2026.

Technical Expertise

Cloud Native Orchestration

Kubernetes Helm Kustomize ArgoCD Cluster Lifecycle Management

Infrastructure Strategy & IaC

Terraform Ansible Python Continuous Delivery (GitOps) State Management

Cloud & Virtualization

AWS GCP vSphere Private Cloud Networking

Security & Identity

Zero Trust Networking Secrets Management IAM Cloudflare Zero Trust (m)TLS / PKI Linux Hardening

Observability & Telemetry

Prometheus Grafana OpenTelemetry (OTel) Splunk Log Aggregation

Distributed Systems & Networking

L4/L7 Traffic Management Message Queuing (RabbitMQ/SQS) High Availability (Keepalived/VIP) NGINX/Traefik

Systems Engineering

RHEL/Debian Internals Kernel Networking (eBPF/IPTables/Firewalld) DNS/DHCP Architecture

Data Infrastructure

PostgreSQL (HA/Replication) MongoDB (Replica Sets) S3

Experience

Senior Platform Engineer

U.S. Navy

June 2020 - Present

Cyber Analyst

U.S. Navy

November 2017 - June 2020

Education

University of Maryland Global Campus

B.S. Computer Networks and Cybersecurity

Summa Cum Laude

2019 - 2023

Joint Cyber Analysis Course (JCAC)

U.S. Navy

Graduated with Honors (Top 10% of Class)

2017

Certifications

Certified Kubernetes Administrator (CKA)

CNCF / Linux Foundation

Active

AWS Certified DevOps Engineer – Associate

Amazon Web Services

Active

AWS Certified Solutions Architect – Associate

Amazon Web Services

Active

Certified Information Systems Security Professional (CISSP)

ISC²

Active

Red Hat Certified Engineer (RHCE)

Red Hat

Active

HashiCorp Certified: Terraform Associate

HashiCorp

Active

Red Hat Certified Specialist in Containers

Red Hat

Active

GIAC Python Coder (GPYC)

GIAC

Active

GIAC Cloud Security Automation (GCSA)

GIAC

Active

GIAC Penetration Tester (GPEN)

GIAC

Expired

Cisco Certified Network Associate (CCNA)

Cisco

Expired

Projects

BUILDING A ZERO TRUST DISTRIBUTED SYSTEM

Kubernetes, RabbitMQ, MongoDB, NGINX, Traefik, Cloudflare, Python

Architected a resilient application using a highly available ingress layer, asynchronous messaging, persistent data replication, and secure remote access via a zero trust network.

Read Technical Deep Dive

PLATFORM RESILIENCY IN RESTRICTED CLOUD ENVIRONMENTS

AWS, Kubernetes, Zero Trust, Cloudflare

Provisioned a highly available platform in a restricted VPC using private networking, AWS native services, and Cloudflare Zero Trust for remote access.

Read Technical Deep Dive

MULTI-ENVIRONMENT EKS PLATFORM

EKS, Terraform, Route53, Gitlab CI, OIDC

Engineered a scalable AWS infrastructure suite for VPC networking, Route53 DNS orchestration, and EKS clusters. Developed a high-velocity GitLab CI/CD architecture featuring OIDC-based identity federation and a strictly governed staging-to-production promotion workflow.

View on GitLab

HYBRID-DNS WEBSITE ORCHESTRATOR

Terraform, Cloudflare, AWS, Gitlab CI, OIDC

Engineered a multi-tenant IaC framework for automated site deployments across AWS and Cloudflare using GitLab OIDC for passwordless authentication and GitOps-driven state management.

View on GitLab

HOSTING A WEBSITE USING IaC PRINCIPLES

AWS, Gitlab, CICD, Hugo

Hosted a personal portfolio website using Hugo, Gitlab CICD pipelines, OIDC, and AWS Cloudfront + S3.

View on GitLab