Evan Hermenau

Greater Boston -remove-

Senior Infrastructure Engineer building production systems with security as a design constraint, not an afterthought. Leveraging a deep understanding of how systems are targeted to build resilient, high-scale infrastructure. Expanding upon a 9-year career spanning the full technical spectrum: 4 years shipping zero-trust networking, Kubernetes platforms, and IaC on top of 5 years of cybersecurity.

Technical Expertise

Cloud Native Orchestration

Kubernetes ArgoCD Helm Kustomize

Infrastructure as Code

Terraform Ansible Python GitOps

Cloud & Virtualization

AWS vSphere

Security & Identity

Zero Trust Secrets Management (m)TLS / PKI Linux Hardening

Observability & Telemetry

Prometheus Grafana OpenTelemetry Splunk

Distributed Systems & Networking

L4/L7 Traffic Management Message Queuing (RabbitMQ/SQS) High Availability (Keepalived/VIP) NGINX/Traefik

Systems Engineering

Linux Internals Kernel Networking (IPTables/Firewalld) DNS/DHCP

Data Storage

PostgreSQL (HA/Replication) MongoDB (Replica Sets) S3

Experience

Founder & Principal Engineer

Fetch Labs LLC

2026 - Present

Senior Infrastructure Engineer

U.S. Navy

2024 - Present

Infrastructure Engineer

U.S. Navy

2020 - 2024

Cyber Analyst

U.S. Navy

2017 - 2020

Education

University of Maryland Global Campus

B.S. Computer Networks and Cybersecurity

4.0 GPA

Joint Cyber Analysis Course (JCAC)

U.S. Navy

With Honors

Certifications

Certified Kubernetes Administrator (CKA)

CNCF / Linux Foundation

Active

AWS Certified DevOps Engineer – Associate

Amazon Web Services

Active

AWS Certified Solutions Architect – Associate

Amazon Web Services

Active

Certified Information Systems Security Professional (CISSP)

ISC²

Active

Red Hat Certified Engineer (RHCE)

Red Hat

Active

HashiCorp Certified: Terraform Associate

HashiCorp

Active

Red Hat Certified Specialist in Containers

Red Hat

Active

GIAC Python Coder (GPYC)

GIAC

Active

GIAC Cloud Security Automation (GCSA)

GIAC

Active

GIAC Penetration Tester (GPEN)

GIAC

Active

Cisco Certified Network Associate (CCNA)

Cisco

Expired

Projects

BUILDING A ZERO TRUST DISTRIBUTED SYSTEM

Kubernetes, RabbitMQ, MongoDB, NGINX, Traefik, Cloudflare, Python

Architected a resilient application using a highly available ingress layer, asynchronous messaging, persistent data replication, and secure remote access via a zero trust network.

Read Technical Deep Dive

PLATFORM RESILIENCY IN RESTRICTED CLOUD ENVIRONMENTS

AWS, Kubernetes, Zero Trust, Cloudflare

Provisioned a highly available platform in a restricted VPC using private networking, AWS native services, and Cloudflare Zero Trust for remote access.

Read Technical Deep Dive

MULTI-ENVIRONMENT EKS PLATFORM

EKS, Terraform, Route53, Gitlab CI, OIDC

Engineered a scalable AWS infrastructure suite for VPC networking, Route53 DNS orchestration, and EKS clusters. Developed a high-velocity GitLab CI/CD architecture featuring OIDC-based identity federation and a strictly governed staging-to-production promotion workflow.

View on GitLab

HYBRID-DNS WEBSITE ORCHESTRATOR

Terraform, Cloudflare, AWS, Gitlab CI, OIDC

Engineered a multi-tenant IaC framework for automated site deployments across AWS and Cloudflare using GitLab OIDC for passwordless authentication and GitOps-driven state management.

View on GitLab

HOSTING A WEBSITE USING IaC PRINCIPLES

AWS, Gitlab, CICD, Hugo

Hosted a personal portfolio website using Hugo, Gitlab CICD pipelines, OIDC, and AWS Cloudfront + S3.

View on GitLab