Dobry Nikolov

Platform & DevOps Engineer - Cloud · Kubernetes · IAM · IaC
dobry@dobryops.com +359 878 860 752 Sofia, Bulgaria whoami.dobryops.com

Summary

Platform & DevOps Engineer with 5+ years designing and operating enterprise-scale Azure architectures, Kubernetes-based microservices, and IAM/IDP platforms. Experienced building production-grade CI/CD pipelines, IaC automation, and observability frameworks across heterogeneous stacks. Proven ability to modernize legacy systems, implement zero-trust identity platforms, and embed DevOps best practices across cross-functional teams. Active open-source contributor; GitOps practitioner with public operator and homelab projects.

Experience

Ascent

Platform DevOps Engineer - Data & AI Platform (Insurance) Remote
  • Architected end-to-end observability framework across Azure microservices, Databricks analytics, and ML pipelines processing daily insurance claims - unified monitoring via Datadog and reduced MTTR by 40%
  • Designed and built reproducible Kubernetes clusters from scratch with Terraform-driven IaC, providing stable platform foundations for internal data and ML teams
  • Onboarded internal client teams onto the platform with documentation, paved-path templates, and hands-on support to shorten time-to-first-deploy
  • Defined SLOs, error budgets, and alert routing aligned with SRE practices - cut incident response from hours to minutes
  • Standardized operational runbooks across 15+ services, accelerating onboarding and incident resolution
  • Partnered with data teams to productionize AI-assisted data enrichment pipelines with reproducible Azure deployments and IaC-managed infrastructure
  • Stack: Azure (AKS, App Services), Datadog, Grafana, Kubernetes, Databricks, Terraform

Schwarz IT Bulgaria

IAM DevOps Engineer - Enterprise Identity Platform (500K+ users) Sofia · Hybrid
  • Contributed to a centralized IAM/IDP platform serving 500K+ users across two parallel projects: Golang microservices replacing legacy IDP/IAM components, and a GraphQL + REST wrapper API consolidating policy management on top
  • Took part in architectural design discussions and trade-off decisions across both projects, working with senior architects to shape the platform's API surface and service boundaries
  • Built features in the Golang microservices targeting 60% throughput improvement over legacy components
  • Owned the complete testing lifecycle (unit, integration, E2E) in the absence of dedicated QA, maintaining 95%+ coverage
  • Implemented CI/CD pipelines with automated security gating, policy enforcement, and release management via Azure DevOps
  • Stack: Go, Kubernetes, Azure DevOps, GraphQL, REST, LDAP, Active Directory

CleverPine

DevOps Engineer - Multi-Client Cloud Delivery Sofia · Hybrid
  • Provisioned and operated Kubernetes/OpenShift clusters across AWS and Azure using Helm - canary deployments, health probes, and auto-scaling for HA workloads
  • Built CI/CD pipelines across Jenkins, Azure DevOps, GitLab CI, and GitHub Actions, reducing deployment time by 70% and enabling daily production releases
  • Managed multi-cloud infrastructure with Terraform and Terragrunt, ensuring consistent, reproducible environments at scale
  • Codified configuration management with Ansible and containerized workloads with Docker/Podman for fully reproducible environments
  • Deployed Prometheus/Grafana observability stacks with golden-signal alerting, sustaining 99.9% uptime
  • Acted as embedded DevOps consultant across client squads - propagated best practices, documented runbooks, trained teams on cloud-native workflows
  • Stack: Kubernetes, OpenShift, Jenkins, Ansible, Docker, Prometheus, Grafana, Helm, Terraform, AWS, Azure

Projects

Pangolin Operator

Kubernetes operator for secure tunneled reverse proxies via CRDs - zero-trust network access without exposed ports or VPN overhead.

github.com/bovf/pangolin-operator

A Kubernetes operator I built to explore controller-runtime patterns and zero-trust networking. It provisions secure tunnels through declarative CRDs, with custom controllers managing organizations, tunnel sites, and resource proxying including automatic domain resolution and SSL termination. Reproducible dev environment via Nix flakes.

  • Go
  • Kubernetes
  • Operator SDK
  • CRDs
  • Zero-Trust
  • Helm
  • Nix

NixOS Homelab Platform

Enterprise-grade GitOps homelab on NixOS + K3s - 15+ self-hosted services, encrypted secrets (SOPS), fully reproducible from a single command.

codeberg.org/bovfbovf/homelab-overkill

Designed a complete IaC platform applying enterprise GitOps patterns at home scale. Manages GitLab (CI/CD), PostgreSQL, MinIO (S3-compatible), Jellyfin, and a full Grafana/Prometheus stack - all through declarative Nix configuration. SOPS integration handles encrypted secrets management with Bitwarden sync. Real-world IaC, secrets management, and observability practice.

  • NixOS
  • K3s
  • Helm
  • SOPS
  • Nix Flakes
  • GitOps
  • Prometheus
  • Grafana