About Me

Hi! I'm Zaki, a Cloud Engineer with 3+ years of experience building reliable and scalable systems across industries, including technology, finance, and telecommunications.

Navigating complex enterprise environments, I've collaborated with cross-functional teams to bridge modern cloud solutions with legacy infrastructure. This exposure has honed my ability to align technical implementations with critical business workflows.

My previous employer primarily delivered AWS-based solutions, which gave me deep hands-on experience with the AWS ecosystem and its native services. Beyond specific tools, I focus on understanding how systems work from systems architecture, networking, distributed systems, and the principles that make infrastructure resilient and performant. This foundation helps me adapt quickly to new technologies and design solutions that scale effectively.

You can find more details about my professional background below, or check my Credly page to see my certifications journey that reflect my commitment to both containerized workloads and cloud platform expertise.

Credly

Education
Naval Architecture & Marine Engineering, Universitas indonesia - 2016-2020
AWS Re/Start - 2022

Life
I'm Indonesian, born in Tangerang and currently living in South Tangerang. I love it here, but I'm really keen to relocate to Japan or Singapore. Honestly beside there are relatives there, it is because both countries are beautiful (and great for my career too! 😊). Get some of the vocabulary daily under my life section below!

I really love listening to music, it's the soundtrack to how I think and work. My playlists shift between R&B and jazz, pulling in folk when I need something raw and honest, or pop when I just want something easy and fun. Lately, trap soul has been on repeat, though alternative R&B still holds the top spot for me. Smooth soul is where I go for comfort, and when I need energy, funk & pop does the trick. Check out my Spotify!

Professional Journey

Engineered Enterprise Banking Migration to AWS
Engineered the cloud infrastructure for 50+ B2B microservices, deploying a secure Landing Zone via CloudFormation and orchestrating 25+ AWS services via Terraform to standardize deployment velocity. Built a standardized compute platform using EKS, ECS, and EC2 that enabled 5+ daily rolling deployments, consistent runtime configurations, and streamlined day-2 operations while optimizing network traffic through AWS Load Balancers and Direct Connect integration. Secured the environment using IAM Identity Center, Network Firewall, and KMS encryption for 20 TB of sensitive data, while configuring a 7-node clustered EC2 EFK stack and CloudWatch for deep observability.

Standardized Cloud Security for Telco Enterprise
Established a comprehensive security framework for a major telecommunications provider, standardizing Infrastructure as Code (IaC) security practices across 12 production environments. Conducted Proof of Concepts (POC) to define baseline security configurations for EKS and EC2, integrating IAM Access Analyzer, SecurityHub, Config and GuardDuty to achieve 100% visibility into compliance drifts. Enforced automated remediation and secret management using AWS Config and Lambda, significantly reducing the attack surface for critical telco workloads deployed via Terraform and CloudFormation.

Optimized Telco Platform Engineering Operation
Spearheaded critical platform stability initiatives for the telco's core infrastructure, executing complex Terraform state surgery and remediation to recover drifted environments without downtime. Streamlined the AWS Landing Zone provisioning process by optimizing CloudFormation StackSet automation, reducing account vending time by 50%. Furthermore, defined and implemented automation standards for infrastructure workflows, eliminating manual configuration toil and ensuring consistent state management across the multi-account architecture.

Engineered Scalable Mailing Infrastructure
Migrated enterprise mail infrastructure to AWS SES, ensuring 99%+ deliverability via DKIM, SPF , and DMARC protocols. Automated bounce handling for 100k+ monthly emails using SNS and enforced TLS encryption, guaranteeing secure, reliable transmission with real-time delivery monitoring.

Modernized Banking Corporate Web Infrastructure
Re-architected a high-availability corporate website using Windows EC2 fleets and Auto Scaling Groups to support up to 20,000 concurrent users. Optimized traffic via Network Load Balancers and secured hybrid connectivity using AWS VPN, ensuring 99.9% uptime and automated data protection via AWS Backup.

and 10+ more... (these are like my top 5 favorites)

*ps. i will add my lab journey later on this section!

🤝🏼

Dont hesitate to reach me on socials above! Cheers!