Gideon Warui

Old Mutual Group East Africa (via Invent Consulting)

• ›Hands-on senior IC with de facto platform ownership across ~10 production AKS clusters supporting ~20 internal teams and ~5 vendor teams.
• ›Built CI/CD + DevSecOps baseline from scratch across 9+ projects using GitHub Actions, Terraform (multi-environment AKS provisioning + modules), and Helm chart management; reduced deployment TAT from ~8 hours (manual) to ~10 minutes dev→staging and ~2–5 minutes to prod after approvals.
• ›Improved flagship platform reliability from ~90% to formal ~99.9% SLO/uptime and defined reusable DR blueprints (multi-AZ AKS, HA DBs, Cloudflare -> Azure Front Door failover).
• ›Built and operate production Azure AI Foundry tooling for Risk/Compliance/Audit/Ops; improved workflow accuracy from ~80% target to ~95% with governance + observability controls.
• ›Identified ~US$150K/year savings on a managed Azure subscription scope (~US$47K/month baseline), with ~US$30K/year already implemented.

Syndikiza (Fintech) · Independent · Part-time

• ›Designed and built the entire AWS + Kubernetes platform from scratch — VPC, EKS (K8s 1.34), RDS PostgreSQL (prod + nonprod), ECR, IAM/IRSA, Secrets Manager, and S3 — all provisioned via custom Terraform modules (vpc, eks, rds-postgres, secrets-manager).
• ›Operate 16 ArgoCD applications across dev and production environments serving 5 microservices (Django + Java); automated GitOps with self-heal, unlimited retry, and Kustomize base/overlay pattern across all app repos.
• ›Authored and maintain Helm-deployed platform stack: Traefik Gateway API (ingress + TLS termination), cert-manager (Let's Encrypt automation), Karpenter (spot + on-demand node autoscaling), External Secrets Operator (AWS Secrets Manager → K8s Secrets), and VictoriaMetrics/Loki/Grafana observability.
• ›Implemented HPA (autoscaling/v2) for all production Django services and Karpenter NodePool taint patterns to isolate production workloads on on-demand nodes; achieved cost-optimized platform at ~$185–270/month through single shared cluster + spot instance strategy.
• ›Delivered full security posture: IRSA for pod-level AWS access (no long-lived credentials), non-root containers, read-only root filesystems, Security Group least-privilege, and AWS CloudTrail + K8s audit logging.

NCBA Bank — CarDuka Platform (via Invent Consulting)

• ›Started with a V1 CI/CD enablement sprint (GitHub Actions deployment automation), then expanded into V2 data/AI/platform engineering for the marketplace rebuild.
• ›Owned data architecture, pipelines, warehouse/lakehouse evolution, and DB operations across ~21 databases; expanded into AKS/Kubernetes debugging, Helm-managed deployments, Terraform infrastructure updates, observability, and autoscaling work with NCBA cloud/DevOps teams.
• ›Built production/pilot AI and data features including valuation, Similar Cars, CLM/LTV, liquidity balancing, RAG-based review/search, KYC processing, and content moderation workflows.
• ›Impact highlights: Similar Cars increased listing views ~3x; valuation engine improved pricing/listing accuracy ~13%; KYC pilot reduced verification TAT from ~24h to <1h.
• ›Designed and secured approval for the reusable Azure architecture + CI/CD templates for the broader Duka marketplace roadmap through 2028.

World Relief (East & Central Africa) (via Invent Consulting)

• ›Designed and delivered a Microsoft Fabric lakehouse + self-service data platform integrating 1,400+ datasets across 6+ countries.
• ›Replaced manual Excel + R-script reporting workflows with automated daily pipelines, improving reporting/data turnaround from ~2 weeks to daily refreshes.
• ›Shipped a production FastAPI self-service data API/platform on Azure Container Apps with Entra ID country-scoped RBAC and multi-format exports (Excel/CSV/TSV/JSON/XML).
• ›Trained and onboarded teams in Kenya, Uganda, and Rwanda; handed over the production platform after funding cuts constrained wider rollout.

Yakwetu Online Limited

• ›Joined as first data hire; designed and built the AWS data/analytics platform from scratch — architecture decisions, service selection (S3 data lake, EC2 compute, CloudWatch observability, IAM access controls), and full platform operations — progressing from Data Engineer to Data Lead.
• ›Built recommendation and watch analytics systems that increased transactions (~8%), reduced abandonment (~15%), and improved engagement/watch time.
• ›Optimized ad campaign spend (~10% reduction) while bringing CPC below $0.03 and established Tableau reporting for revenue/content/campaign visibility.
• ›Helped hire 5 interns (2 retained full-time) and established data SOPs for cataloging, taxonomy, schema management, and optimization.

Upwork & Fiverr (Independent)

• ›Delivered short 2–3 month freelance projects across hospitality, logistics, and healthcare (predictive modeling, BI dashboards, and lightweight data warehousing).
• ›Built predictive modeling workflows for a hotel franchise across 4 counties and fleet dashboards + predictive repairs planning for a logistics company.
• ›Delivered miniature PostgreSQL + Tableau data warehouse/reporting setups for 2 clinic operations teams.