Available · Q3 2026 · Remote / EU

Razvan-Ioan Petrescu Infrastructure & Security Architect.

For 14+ years I have designed resilient, secure systems for banks, stock exchanges, industrial groups and national infrastructure — orchestrating AWS, GCP, Kubernetes, SIEM and on-prem estates. Now consulting independently from Alicante.

Start a conversation Download CV
01 · Profile

Engineering quiet
infrastructure.

I help organisations move beyond fragile, hand-rolled systems toward infrastructure that is observable, automated, and provably secure — the kind of stack that simply does not wake people up at night.

My career has taken me from a stock exchange in Sibiu to a national security vendor, from industrial robots in the Carpathians to a UK fintech and an Italian bank. The brief is always the same: make critical systems resilient, automated, and defensible — without slowing the people who depend on them.

I work end-to-end. Architecture diagrams to Ansible roles. Threat models to Grafana panels. AWS landing zones to bare-metal Kubernetes. I prefer evidence over opinion and small, durable improvements over heroic rewrites.

Today I operate as an independent consultant serving banking, fintech, public sector and HPC clients across Europe. I speak at security conferences, mentor engineering teams, and write for openthreat.ro.

14+
Years in infrastructure
9
Sectors served
15+
Active certifications
4
Languages spoken
02 · Trajectory

A decade plus
of mission-critical work.

From university IT to senior architecture roles in cybersecurity vendors — every step shaped by the discipline of running things that cannot afford to fail.

  1. 2021 — 2024 Bucharest, RO

    Senior Infrastructure Engineer

    Bitdefender
    • Orchestrated full AWS → GCP migration of mission-critical systems, achieving HA and cost-efficiency.
    • Designed and managed multi-cluster Kubernetes (on-prem + GCP) with auto-scaling and CI/CD.
    • Built an internal solution for DNS subdomain takeover prevention, integrated with all major providers.
    • Implemented WAF and host-based FIM on hybrid infra; integrated with Splunk, Wazuh, Elastic.
    • Acted as technical lead and advisor for cloud infra, security posture and team mentoring.
    AWSGCPKubernetes AnsibleTerraformSplunk WazuhElasticZabbix GrafanaGitLabNvidia DGX
  2. Jan — Jun 2021 Bucharest, RO

    Senior Advisor, Network Systems Management

    Secureworks
    • Managed enterprise-scale Splunk SIEM cluster; improved performance, retention, search and alerting.
    • Developed detections for brute-force logins, impossible-travel events and EDR alerts.
    • Automated data ingestion via Python and integrated third-party logs (EDR, WAF, DNS).
    • Defined SIEM architecture best practices; led the Splunk team assigned to the client.
    SplunkPythonLinux Security AutomationServiceNow
  3. 2019 — 2020 Bucharest, RO

    Senior Infrastructure Engineer & Pentester

    Zipper Services
    • Led the Linux team across research, design, implementation and operations.
    • Architected and deployed secure CI/CD/CS pipelines using GitLab, Ansible Tower, Nessus Pro.
    • Built monitoring with auto-deployed agents (Prometheus, Grafana, Ansible).
    • Conducted internal pen-tests on infrastructure and web apps; produced reports and remediation pipelines.
    • Built custom Dell EMC ECS auditing on Kibana + Elastic; SIEM with Windows / Linux audit and port mirroring.
    GitLabAnsible TowerSplunk Nessus ProElasticVMware AlienVaultVeeam
  4. 2016 — 2019 Bucharest, RO

    Infrastructure Engineer

    Smart-X Net App
    • Maintained, configured and planned multi-datacenter infrastructure with Ansible Tower.
    • Designed and implemented Vault + Consul cluster, Nginx-based WAF, HA VPN with global ACLs.
    • Managed MongoDB and MySQL (master–relay–slave) plus DR planning and validation.
    VaultConsulOpenStack OpenNebulaMongoDBMySQL OpenVPNIPSECCisco
  5. 2014 — 2016 Sebes, RO

    Infrastructure Engineer

    Holzindustrie Schweighofer
    • Designed monitoring connecting datacenter sensors to industrial robots; managed backup and HA.
    • Implemented secure video-monitoring and remote access via Cisco ASA VPN.
    • Operated multi-vendor network and VMware clusters across an industrial campus.
    VMwareVeeamCisco ASA ActiveDirectoryBitdefender
  6. 2014 — 2015 Sibiu, RO

    System & Network Engineer

    Sibex — Sibiu Stock Exchange
    • Configured Linux servers for stock-exchange applications; hardened the network against unauthorised access.
    • Implemented MySQL master–slave architecture and NagVis availability maps.
    LinuxNagiosiptables MySQLBGPCisco
  7. 2013 — 2014 Alba Iulia, RO

    System & Network Administrator

    Apulum Technologies
    • Built an on-prem mini-datacenter; managed AWS VPC, EC2, RDS, WAF, Route 53.
    • Led the development team and implemented Nagios + Dynatrace observability.
  8. 2011 — 2013 Alba Iulia, RO

    System & Network Administrator

    "1 December 1918" University of Alba Iulia
    • Planned and configured campus-wide network equipment, servers, and conferencing systems across all faculties.
03 · Capabilities

A toolkit built for scale.

Hands-on across the full stack — from kernel tuning to cloud landing zones — with a bias for automation, observability, and security by default.

Cloud & Platform

  • AWS
  • GCP
  • OVH
  • OpenStack
  • Proxmox
  • VMware
  • vSAN
  • Tanzu

Containers & Orchestration

  • Kubernetes
  • EKS
  • GKE
  • RKE2
  • Helm
  • Docker
  • Docker Compose
  • Istio

IaC & Automation

  • Ansible
  • Ansible Tower / AAP
  • Terraform
  • SaltStack
  • Bash
  • Python
  • Ruby

Security & SIEM/SOAR

  • Splunk
  • Wazuh
  • AlienVault
  • Nessus Pro
  • EDR
  • WAF
  • CloudFlare
  • Hardening

Observability

  • Grafana
  • Prometheus
  • Zabbix
  • CheckMK
  • Nagios
  • OpenTelemetry
  • Elastic / Kibana

DevSecOps Pipelines

  • GitLab CI
  • Bitbucket
  • Helm
  • Docker Hub
  • Vault
  • Consul

Linux Engineering

  • Red Hat
  • Ubuntu
  • Debian
  • Oracle Linux
  • BSD
  • AIX
  • Kernel tuning

Networking & VPN

  • BGP
  • OpenVPN
  • IPSEC
  • L2TP
  • Cisco
  • Juniper
  • Fortinet
  • Nginx
04 · Independent practice

Selected private
contracts.

A sample of the long-running engagements I have delivered as an independent consultant. Banking, fintech, public sector and HPC — most under NDA, summarised at the level of scope and stack.

2022 — Present ● Active

AWS Infrastructure & DevOps for a UK fintech

Long-running consultancy on a regulated AWS estate — landing zone hardening, GitOps with GitLab, Wazuh-based monitoring and serverless workloads.

AWSLambdaEC2RDSWAFCloudFormationIAMWazuh
2023 — 2025 Closed

L3 Technical Lead for an Italian bank

Led L3 infra and security engineering across Ansible (AAP), Kubernetes, Detica, CRIF, Broadcom API Gateway and a vSAN/vCenter virtualisation estate.

Ansible AAPKubernetesGrafanaEDRNessusVMwarevSAN
2024 — 2025 Closed

Senior Technical Consultant — Moldovan bank

Modernised the bank's Linux estate, automation backbone and Detica integrations across Oracle Linux and RedHat with a Bitbucket-driven Ansible workflow.

Oracle LinuxRedHatAnsibleBitbucketDetica
2024 — 2025 Closed

Helm developer — European agency

Authored production-grade Helm charts and Kubernetes manifests for an internal platform spanning RKE2, RKE and Docker Compose footprints.

HelmKubernetesRKE2Docker
2023 — 2024 Closed

Security Consultant — European agency

Vulnerability management, SIEM and edge protection — Nessus Pro, Wazuh, EDR and Cloudflare WAF on a Debian/Ubuntu fleet.

Nessus ProWazuhEDRCloudFlare WAF
2022 — 2023 Closed

Presales Technical Consultant — Romanian HPC datacenter

Designed solutions around Nvidia DGX, Kubernetes, NSX-T and the full VMware vSphere / vCloud stack for an HPC-grade tenant platform.

Nvidia DGXKubernetesNSX-TvSANvSphereTanzu
2020 — 2022 Closed

Senior DevOps Consultant — Romanian data archive company

End-to-end DevOps and observability — Ansible-driven CI/CD, Kubernetes, Splunk, Grafana/Prometheus, Nessus Pro and Veeam-backed VMware.

AnsibleGitLabKubernetesSplunkGrafanaNessus
2020 — 2022 Closed

AWS DevOps for a health-software provider

Cloud architecture and DevOps automation for a regulated health-tech product on AWS — VPCs, RDS, S3, SNS and Kubernetes workloads.

AWSKubernetesAnsibleGrafanaPrometheus
Also · Open source

Tools I've shared publicly.

Small but useful — built once, shared so others can avoid the same yak-shave.

EC2 Backup

Bash script that snapshots and rotates EC2 volumes via the AWS CLI.

Graylog Log Generator

Python utility for stress-testing Graylog ingestion at realistic volumes.

Syslog Log Generator

Generates synthetic syslog streams for SIEM benchmarking and rule QA.

imapsync Web App

Web interface around the imapsync binary for safer mailbox migrations.

Ansible Roles

A small library of reusable roles for common Linux hardening and ops chores.

Docker Images

Curated images on Docker Hub for monitoring, log generation and ops tooling.
05 · Credentials

Verified certifications.

Continuously refreshed credentials across cloud, Kubernetes, Linux, security and emerging fields. Click any badge to verify on Credly.

Certified Kubernetes Administrator (CKA)

Linux Foundation · Jan 2026

Linux Foundation Certified System Administrator (LFCS)

Linux Foundation · Nov 2025

AWS Well-Architected Proficient

Amazon Web Services · Dec 2025

AWS Knowledge: Amazon EKS

Amazon Web Services · Dec 2025

AWS Knowledge: Data Migration

Amazon Web Services · Jan 2026

Developing Helm Charts (SC104)

Linux Foundation · Jun 2025

Introduction to Istio (LFS144)

Linux Foundation · Jun 2025

Getting Started with OpenTelemetry (LFS148)

Linux Foundation · Jun 2025

Quantum Computing Essentials (LFQ102)

Linux Foundation · Jun 2025

EU Cyber Resilience Act (LFEL1001)

Linux Foundation · Apr 2025

Splunk Enterprise Certified Admin

Splunk · 2021

Splunk Core Certified Power User

Splunk · 2021

→ Full credential history at credly.com/users/razvan-ioan-petrescu

06 · Field notes

Writing & speaking.

Field notes from real engagements — published on openthreat.ro and presented at industry meetups.

SIEM · Wazuh

Real-time security analytics: Grafana dashboard integration with Wazuh

openthreat.ro
Virtualisation

Cutting costs and regaining control: migrating from VMware to Proxmox VE

openthreat.ro
Patch management

Automated multi-OS patch management for air-gapped infrastructure

openthreat.ro
DevSecOps

CI/CD & continuous security with GitLab on-prem and Nessus Pro

openthreat.ro
2018

iptables rules to scale

Speaker — Security Espresso 0x0F. A working session on building maintainable, performant iptables rule sets for production Linux fleets.

securityespresso.org/0x0f
2015–2018

OpenThreat.ro by UAB

Co-organiser of the OpenThreat security conference series at "1 December 1918" University of Alba Iulia — bringing practitioners and students together.

openthreat.ro
07 · Education

Foundations.

Computer Science training at one of Romania's oldest universities — followed by a Master's focused on advanced programming and databases.

Master's — Advanced Programming & Databases

"1 December 1918" University of Alba Iulia · Romania

2012 — 2014

Bachelor's — Computer Science

"1 December 1918" University of Alba Iulia · Romania

2009 — 2012
08 · Get in touch

Have a system that matters?

I take on a small number of long-running engagements per year — architecture reviews, cloud migrations, SIEM build-outs, and senior advisory for in-house teams. Tell me what you are building and what you would like to be true a quarter from now.