Lê Bình Phương | Cloud Infrastructure & Security Manager

About

Cloud & Security Manager

200+

K8s Nodes

99.9%

Uptime SLA

10+

Years Exp.

Cloud Platforms

Cloud Infrastructure & Security Manager at 7-Eleven Vietnam, where I design and operate the platform that powers hundreds of convenience stores across the country. I lead a team responsible for a Kubernetes fleet of 200+ worker nodes, 50+ microservices, and 30+ database servers — maintaining 99.9% uptime in a mission-critical environment.

My work spans multi-cloud architecture (AWS, GCP, VNG Cloud, FPT Cloud), DevSecOps pipelines, platform security, and cost optimization. I drive GitOps, IaC (Terraform/Ansible), and full-stack observability (PLG, ELK, New Relic) so engineering teams ship reliably and safely. I also maintain an Engineering Knowledge Base documenting production patterns, runbooks, and SRE practices.

Kubernetes Amazon AWS Google GCP Terraform ArgoCD DevSecOps SRE Prometheus Grafana ELK Stack

Skills

Cloud & Orchestration

Docker Kubernetes Amazon AWS Google GCP VNG Cloud FPT Cloud VMware OpenStack Linux Windows Server

DevOps & IaC

Terraform Ansible Jenkins ArgoCD GitOps Helm Git Kafka CI/CD GitLab CI

Security & Observability

WAF IDS/IPS Firewall Prometheus Grafana Loki ELK Stack New Relic Jaeger SAST / DAST

Coding & Databases

Python Bash Golang PowerShell PostgreSQL MySQL MongoDB ClickHouse Redis Replication

Certifications

Amazon Web Services

Certified Solutions Architect

Associate

Verified

Amazon Web Services

Certified DevOps Engineer

Professional

Verified

Projects

200+ nodes

Kubernetes Platform at Scale

Designed and operated a K8s cluster with 200+ worker nodes, 50+ microservices, and 600+ pods for 7-Eleven Vietnam. Achieved 99.9% uptime with auto-scaling, rolling deployments, and multi-zone redundancy.

Kubernetes Helm ArgoCD HPA

60% faster deploy

DevSecOps Pipeline

Built end-to-end CI/CD with integrated SAST, DAST, and container image scanning. Implemented WAF, IDS/IPS, and automated compliance checks — cutting deployment time 60% while hardening security posture.

Jenkins WAF IDS/IPS Trivy

4 cloud providers

Multi-Cloud Landing Zone

Architected hybrid landing zones across AWS, GCP, VNG Cloud, and FPT Cloud using Terraform and Ansible — enabling consistent, repeatable provisioning and unified governance.

Terraform Ansible AWS GCP

30+ DB servers

Observability & Monitoring

Deployed full-stack observability — PLG (Prometheus + Loki + Grafana), ELK, and New Relic. Built alerting pipelines and on-call runbooks covering 30+ database servers and 120+ tenant databases.

Prometheus Grafana Loki ELK

Significant savings

Cloud Cost Optimization

Led cloud cost governance — right-sizing workloads, Reserved Instance planning, and Spot instance strategies. Reduced monthly spend while maintaining full SLA compliance.

AWS Cost Explorer RI / Spot Karpenter

Engineering KB

Engineering Knowledge Base

Personal documentation covering Cloud, Security, SRE, Observability, Database, and Platform Engineering — built from production experience with runbooks, ADRs, and cheatsheets.

Docs SRE Runbooks Browse →

Contact

Available to connect

Location

Ho Chi Minh City, Vietnam

[email protected]

Phone

+84 559 522 667

Timezone

GMT+7 — Indochina Time

$ connect --with lebinhphuong

Let's build something reliable.

Open to discussions on cloud infrastructure, platform security, DevSecOps practices, or SRE challenges. Drop a message or connect via any channel below.

Connect on LinkedIn Engineering Docs