DevOps Engineer | Infrastructure Architect | Reliability Partner

James Shulman

Results-driven DevOps and infrastructure specialist focused on secure, scalable systems that meet strict availability and compliance targets. I blend deep hands-on cloud experience with a proven track record of automating everything-from golden AMIs and CI/CD pipelines to PCI reporting-so teams can ship faster with confidence.

Focused on current DevOps leadership commitments with remote-first teams across North American time zones.

Location Florida, USA • Remote-only

Engagements Remote-only contracts

Reach out See the journey →

15+

Years in Ops & Infra

250+

Cloud Builds

24/7

Incident Leadership

Portrait of James Shulman — Secure, observable infrastructure crafted with pragmatism.

Working Principles

Operational excellence rooted in empathy, automation, and observability

Automate with empathy

Automate with empathy, clean IaC, docs, and runbooks keep teams aligned.

Security & Compliance

Security and compliance are features, so bake them into every sprint.

Observability beats guesswork

Observability beats guesswork; measure, alert, and iterate quickly.

Services

High-leverage ways we can partner

Guide platform, infra, and compliance roadmaps as an embedded leader who keeps delivery predictable while mentoring the in-house team.

Set North Star KPIs for availability, observability, and cost
Stand up rituals: runbooks, postmortems, on-call rotations
Partner with engineering leadership on hiring and vendor strategy

Targeted program to tighten PCI/SOC controls, close audit gaps, and leave behind automation plus documentation teams can own.

Threat-model critical paths, then implement prioritized guardrails
Codify evidence collection for auditors (dashboards + IaC diffs)
Deliver remediation backlog with owner assignments and timelines

Deploy or tune logging, metrics, tracing, and alerting so operators spot issues before customers do—even across hybrid environments.

Instrument golden signals with service-level objectives in mind
Consolidate alert noise into actionable PagerDuty / Slack workflows
Enable self-serve dashboards plus playbooks for every critical service

Stack Mastery

The platforms, patterns, and tooling I lean on every day

Cloud, Networking & Edge

AWS (EC2, Lambda, ECS/Fargate, EKS, ALB/NLB/CLB, VPC, Route 53, IAM, KMS, ACM, CloudFront, API Gateway, EventBridge, S3, RDS/Aurora, DynamoDB, ElastiCache, ECR, CloudWatch, CloudTrail, Systems Manager, Cognito, SES/SNS/SQS, FSx, EFS, EBS, Glacier)
Multi-account AWS foundations (Organizations, account baselines, IAM guardrails, backup, tagging, and cost controls)
GCP fundamentals plus hybrid networking across VPNs, peering, NAT, ACLs, dnsmasq, BIND, Cloud DNS
Load balancing, CDN, and caching with Cloudflare, HAProxy, Nginx, Varnish, Redis

Automation, IaC & CI/CD

Ansible, Puppet, Chef, and custom AWX workflows for large fleets
Terraform, CloudFormation, Packer, Vault, and Consul for repeatable infrastructure
Jenkins, Bamboo, GitHub/GitLab/Bitbucket pipelines, Mercurial (HG), SVN
Release automation, artifact promotion, and environment drift control

Data & Application Platforms

Microsoft SQL Server, MySQL (MariaDB/Percona), PostgreSQL, Supabase, MongoDB, Redis, Memcached, Elasticsearch
Web servers and runtimes: Apache, Nginx, IIS, PHP-FPM, Tomcat, Node.js, Stripe integrations
Serverless patterns with AWS Lambda, Secrets Manager, and API-driven automation
Application architecture guided by Twelve-Factor principles (env parity, config as code, stateless workloads, and observable logs)

Observability, Security & Compliance

Observability stack: CloudWatch, Prometheus, Grafana, OpenTelemetry, Alertmanager, Fluentd, Kibana, LogDNA, Splunk, Sentry, Zabbix, Nagios, New Relic, PagerDuty
Reliability practices: SLO/SLI definition, error budgets, RTO/RPO planning, and rollout strategies (blue/green and canary)
Identity and access patterns: RBAC policy design, OAuth 2.0 / OpenID Connect (OIDC), least-privilege access, and service account hardening
Network and host security with OpenVPN, WireGuard, OPNsense, iptables/nftables, Fail2Ban, WAFs
Security and compliance tooling: Scout2, Snort, OPA/Gatekeeper or Kyverno, Checkov/tfsec, Trivy, GnuPG (GPG), age, SOPS, Restic, stunnel
Compliance frameworks and controls: ISO 27001, SOC 2 (SOC2), PCI DSS, CIS Benchmarks, NIST controls, evidence collection, and audit-readiness automation

Systems, Containers & Virtualization

Alpine, Arch, CentOS/RHEL, Debian/Ubuntu, FreeBSD, NetBSD, Windows Server/AD, macOS
Kubernetes, Helm, Docker, Docker Compose, GitOps delivery with Argo CD/Flux, and Kustomize
KVM, Proxmox, VMware vSphere/ESXi, XenServer, Hyper-V, VirtualBox, and Vagrant

Development & Scripting

Python, Bash/Shell, PowerShell, PHP, JavaScript, HTML, and CSS
Flutter (mobile app prototyping and integrations)
SQL, YAML, JSON, plus documentation in Confluence, MediaWiki, and MkDocs

Career Journey

15+ years building resilient infrastructure

May 2021 - Present Modern Campus / Destiny One - Toronto, ON

DevOps Engineer

Designed and hardened AWS + on-prem environments using Ansible, Terraform, and custom AWX workflows to keep every stack compliant and reproducible.
Administer Microsoft SQL Server-including encrypted backups, restores, and client data migrations-while ensuring PCI auditors get the artifacts they need.
Built stateless Lambda services, CloudFront distributions, and WAF policies that reduced latency and blocked bad traffic globally.

Jul 2018 - May 2021 CaseWare International Inc. - Toronto, ON

DevOps / Infrastructure Engineer

Architected multi-account AWS foundations with Terraform, Ansible, and Packer to deliver versioned environments on demand.
Integrated Ansible into CI/CD workflows supporting Java and .NET apps, shrinking release cycles and drift.
Deployed AWS Secrets Manager, service discovery, and auto-scaled HAProxy layers to tighten security and improve resiliency.

Mar 2017 - Jul 2018 VM Farms - Toronto, ON

DevOps / Linux Administrator

Provisioned co-located XEN stacks plus AWS/OpenStack resources via Terraform, Cobbler, Puppet, and Ansible.
Hardened and tuned Apache, Nginx, MySQL, and PostgreSQL stacks with automation (MySQLTuner, HAProxy, Consul, Vault).
Built proactive monitoring and documentation that gave clients clear SLAs and faster incident resolution.

Education

Foundation for a career in infrastructure leadership

Network and Security Specialist (NSS)

Everest College, Toronto, ON

2009 - 2010

Let’s Talk

Need a calm operator for high-stakes infrastructure?

Whether you’re scaling a new platform, hardening regulated workloads, or wrangling an observability overhaul, I bring the same mix of curiosity, pragmatism, and shipping discipline to every engagement.

Reach out Download resume Review experience

Availability

Location Florida, USA • Remote-only across Canada & the United States
Mode Remote-only collaboration