About Skills Work AI Work Certs Contact
Lead DevSecOps Engineer Kathmandu, Nepal

NITESH
Ghimire

I design cloud-native security systems, operate Kubernetes at scale, and build Agentic AI automations that solve real business problems. CKA · PNPT · Azure Expert.

Let's talk → See my work
50K+
Concurrent users
30%
Cloud cost reduced
4+
Years building
DevSecOps Engineer AI Automation Consultant Cloud Security Architect Remote · Contract · Full-time
Kathmandu, Nepal · Remote globally
01

About me

I'm a Lead DevSecOps Engineer with over four years of experience securing and scaling cloud-native infrastructure. My background spans enterprise networking, systems administration, and — increasingly — building intelligent automation using LLMs and Agentic AI frameworks.

"Security isn't a layer you add at the end. It's the architecture from the first line."

At Cognix Insights, I designed and operate AKS clusters serving 50,000+ concurrent users, embedded shift-left security across all CI/CD pipelines, and led a team of six engineers to build a genuine DevSecOps-as-a-Service capability. I've closed ISO 27001 compliance gaps, conducted penetration tests with Metasploit and Sliver C2, and modelled threats for fintech apps handling live KYC and PII data.

Lately I've been deep in Agentic AI — not as a side project, but as a serious engineering discipline. I build production-grade automation workflows using n8n and OpenClaw that handle email triage, client communications, and ticket resolution entirely autonomously.

I hold a BSc in Computer Networks Engineering from the University of Northampton and have lectured networking and cloud fundamentals at Bajra International College.

Currently at
Cognix Insights

Lead DevSecOps Engineer
Nov 2022 – Present

Platforms
  • Microsoft Azure & AKS
  • Amazon Web Services & EKS
  • Kubernetes (CKA Certified)
  • Terraform · Helm · ArgoCD
Security Specialisms
  • Penetration Testing (PNPT)
  • Threat Modelling & SAST/DAST
  • CIS Benchmarks · ISO 27001
  • Incident Response · Forensics
Education
BSc (Hons) Computer Networks Engineering

University of Northampton · 2018–2021

02

Technical Skills

☁️
Cloud & Infrastructure
Azure / AKSAWS / EKS KubernetesTerraform HelmDocker KEDAGateway APIArgo CD
🔐
Security & Offensive
Threat ModellingPentest SAST / DASTBurp Suite MetasploitSliver C2 NessusOWASP Top 10 Digital Forensics
⚙️
CI/CD & Automation
Azure DevOpsGitHub Actions JenkinsGitOps Container ScanningPolicy as Code
🤖
Agentic AI & LLMs
n8n WorkflowsOpenClaw LLM PipelinesEmail Automation AI Ticket SystemsBusiness Process AI
📊
Monitoring & Observability
PrometheusGrafana ZabbixAzure Monitor Log Analytics
💻
Languages & Systems
PythonGolang BashPowerShell LinuxWindows Server PostgreSQLMSSQL
🌐
Networking
IPSec / SSL VPNMikrotik CiscoEnterprise Design QoS / FirewallFault Tolerance
📋
Compliance & Governance
ISO 27001CIS Benchmarks ITIL-aligned OpsSDLC Incident ResponseRisk Management
🧑‍💼
Leadership
Team of 6 Engineers MentoringSecurity Culture Cross-team CollabLecturing
03

Where I've worked

Nov 2022
— Present
Lead DevSecOps Engineer
Cognix Insights
50,000+Concurrent users on AKS clusters I designed and operate
40%Pipeline efficiency gain via DevSecOps-as-a-Service
30%Azure cloud cost reduction through rightsizing & automation
6Engineers mentored into a security-first culture
  • Designed AKS clusters with TLS automation, Gateway API routing, and KEDA autoscaling for high-throughput fintech workloads.
  • Built end-to-end DevSecOps-as-a-Service integrating SAST, DAST, and container scanning into Azure DevOps and GitHub Actions pipelines.
  • Implemented CIS benchmarks and ISO 27001 controls across the cloud estate, closing compliance gaps ahead of audit cycles.
  • Conducted threat modelling for fintech applications handling live KYC and PII data — enabling design-stage risk mitigation.
  • Performed penetration testing using Metasploit, Sliver C2, Burp Suite, and Nessus; remediated critical CVEs across production systems.
  • Refactored monolithic systems into microservices, improving deployment speed and system resilience.
  • Designed a DR-ready enterprise network with IPSec/SSL VPNs connecting internal and partner systems.
Oct 2021
— Nov 2022
Network & Systems Administrator
Network Store Pvt. Ltd.
  • Configured QoS policies, VPN tunnels, and granular firewall rules across Mikrotik and Cisco infrastructure.
  • Improved network uptime by 25% through fault-tolerant topology redesigns and proactive monitoring systems.
Aug 2022
— Mar 2023
Part-Time Lecturer
Bajra International College
  • Taught networking and cloud fundamentals with a focus on secure system architecture and real-world application.
  • Ran hands-on labs covering firewalls, VPNs, and Linux server security — practical skills over theory.
04

Agentic AI work

Beyond infrastructure, I've been building Agentic AI systems that handle real business operations end-to-end — not proofs-of-concept, but production systems running daily.

Using n8n, OpenClaw, and modern LLM pipelines, I've shipped automation that replaces hours of manual work: intelligent email triage that reads context and responds appropriately, client handling workflows that escalate when needed and resolve autonomously when they can, and AI-powered ticket systems that diagnose, assign, and close issues without human intervention.

The convergence of security engineering and Agentic AI is where I see the next frontier — building systems that are both intelligent and trustworthy by design.

📧
Intelligent Email Automation
LLM-powered triage and auto-reply pipelines that understand context, sentiment, and urgency — routing or resolving without human touch.
🎫
AI Ticket Resolution
End-to-end ticket creation, diagnosis, and resolution using AI agents. Integrates with existing systems and escalates intelligently.
🤝
Client Handling Workflows
Multi-step n8n workflows managing onboarding, follow-ups, and communications through coordinated AI agent orchestration.
🔒
Secure Agentic Design
AI automations with security-first principles — access controls, audit trails, and safe failure modes baked in from day one.
05

Certifications & credentials

Certified Kubernetes Administrator
CNCF — CKA
🔓
Practical Network Penetration Tester
TCM Security — PNPT
DevOps Engineer Expert
Microsoft Certified
☁️
Azure Administrator Associate
Microsoft Certified
06

Get in touch

Let's build
something great.

Whether you need to harden cloud infrastructure, ship secure pipelines, scale a Kubernetes platform, or explore what Agentic AI can do for your business — I'm open to the conversation.

Emailniteshghimire2@gmail.com
📱
Phone+977 9844416811
in
LinkedInnitesh-ghimire-00712a185
LocationKathmandu, Nepal · Remote globally