My Path to DevOps

From NYPD Sergeant to DevOps Engineer

My Self-Taught Journey into Cloud & Automation

After retiring from the NYPD and serving in the U.S. Army, I set out to build my next chapter — not in uniform, but in the terminal. What began as simple curiosity about Linux quickly evolved into a passion for DevOps, infrastructure, and automation. Over the past year, I’ve transformed my homelab into a production-grade environment — and now I’m applying those skills in the professional world.

Timeline of My DevOps Journey

🔹 December 2024 — The Spark of Virtualization

Installed Linux on an Intel N100 mini PC, which opened the door to system-level thinking and automation. Soon after, deployed a Plex Media Server in Docker, mounted a 16 TB Synology NAS, and began exploring VPN access and virtualization — marking the true beginning of my homelab journey.

🔹 January 2025 — Dynamic DNS & Security+ Certified

Set up Dynamic DNS using Cloudflare’s API, Bash, and cron — my first real step into Infrastructure as Code and network automation. Also earned my CompTIA Security+ certification, marking the start of my deep dive into cybersecurity fundamentals.

🔹 February — Lightweight Observability

Wrote custom Bash scripts to track system health (CPU, memory, disk, SSH attempts) and emailed daily summaries. This became my introduction to observability and alerting.

🔹 March — Cloud Database Training

Completed Google Cloud’s 70-hour Database Engineer learning path, covering:
  • Cloud SQL
  • Spanner
  • Bigtable
  • AlloyDB
  • Migration strategies & resiliency patterns

🔹 April — Tooling & Productivity

Sharpened my daily drivers: Git, GitHub, Docker, and tmux. Learned to manage containers, adopt version control workflows, and automate repeatable tasks via CLI.

🔹 May — Full Stack Infrastructure + CI/CD + Security + Cloud Deployment

Everything started to come together into a secure, automated stack:
  • Reverse-proxied services via Docker, Traefik, Cloudflare, and Let’s Encrypt TLS
  • Deployed a public-facing NGINX site on AWS EC2 with DNS, UFW firewall, and automated TLS
  • Built a CI/CD pipeline with GitHub Actions for Dockerized apps, deployed over SSH
  • Hardened SSH with key-only login, Fail2Ban, and daily intrusion reports

🔹 June — Internship Kickoff, GCP IAM & SSH Certificate Automation

June marked the start of my DevOps internship at Rakuten Advertising, focused on securing and scaling cloud infrastructure. Key milestones:
  • Managed IAM roles and PAM integrations in GCP to enforce time-bound access
  • Earned the Google Associate Cloud Engineer certification
  • Deployed SSH certificate-based authentication via HashiCorp Vault in my homelab
This month was all about real-world cloud security and automation.

🔹 July — IAM to PAM Automation, Mentorship & App-Backed Database

Built a script to convert IAM roles into PAM-managed entitlements, reducing privilege windows and enforcing least privilege. Also built a MySQL-backed app for internal tooling — sharpening infrastructure and automation skills. Most importantly, I learned from a phenomenal team of seasoned DevOps engineers, gaining invaluable mentorship in real-world DevSecOps.

🔹 August — Event-Driven PAM Alerts & Terraform Rollout

Engineered an event-driven alert system to improve visibility into PAM approvals:
  • Slack notifications for instant visibility
  • SendGrid email confirmations
  • Full Terraform rollout for reproducible deployments
This month deepened my understanding of event routing, secrets management, and scalable DevSecOps practices.

🔹 September — Load Balancers, CDN Optimization & Balancing College Life

Continued contributing to Rakuten’s DevOps team by tackling Jira tickets on load balancers, CDN optimizations, and performance monitoring — strengthening my grasp of traffic management and failover mechanisms. At the same time, I returned to full-time classes at Farmingdale State College, studying:
  • Cisco Networking — routing, switching, and design
  • Operating Systems — process and memory management
  • Vulnerability Analysis — bridging DevOps with cybersecurity
A month of applying theory to practice — and keeping both my career and academics in sync.

🔹 October — Wrapping Up an Incredible Internship & Strengthening My Security Foundations

As my seven-month internship at Rakuten Advertising concludes, I’m deeply grateful for the experience. These months gave me hands-on exposure to cloud automation, IAM/PAM security, and real-world DevSecOps — turning knowledge into production-ready skills. To close this chapter, I completed the HashiCorp Certified Vault Associate course, deepening my understanding of secrets management, dynamic credentials, and policy-based access. Meanwhile, I continue full-time studies in Networking, Operating Systems, and Vulnerability Analysis, reinforcing everything I’ve built through my internship and homelab work. October has been about reflection, certification, and momentum — closing one chapter and preparing for the next phase of my DevOps journey.

🔹 November — Finishing the Semester & Going All-In on CCNA Prep

As fall winds down, November is all about closing out my college semester strong while doubling down on networking fundamentals. I’m working through the full 63-day Jeremy’s IT Lab CCNA course on Udemy — dedicating the entire month to routing, switching, STP, VLANs, OSPF, EtherChannel, WAN technologies, and packet-flow analysis. My goal: Complete the full course in November so I can sit for the CCNA exam in December. Between labs in Packet Tracer, subnetting drills, and hands-on practice with STP root configuration, HSRP, DHCP relay, and OSPF, this month bridges everything I’m learning in college with everything I’ve built in my homelab and during my internship. It’s the perfect way to wrap up 2025 — ending the year with momentum, mastery, and a major certification goal in sight.

🔹 December — CCNA Certified, Automated Proxmox VM Provisioning & Centralized Logging

After weeks of labs, subnetting drills, and late-night study sessions, I passed the Cisco Certified Network Associate (CCNA) exam — strengthening my networking foundation alongside my systems and DevOps skillset. I also completed the fall semester at Farmingdale State College with a 3.95 GPA, entering my final two semesters before graduation. This month marked a major milestone: implementing Terraform- and Jenkins-driven Proxmox VM provisioning and deploying centralized monitoring and logging with Grafana and Loki, transitioning my homelab from manual builds to fully automated, observable, and reproducible infrastructure.

🔹 January 2026 — Advancing Network Security & Entering the Defense Space

Kicked off the Spring 2026 semester at Farmingdale State College, focusing on deeper cybersecurity and networking concepts through:

  • Network Security — firewalls, IDS/IPS, secure architectures, and threat mitigation
  • Introduction to Cryptography — encryption algorithms, symmetric/asymmetric systems, and real-world security applications
  • Connecting Networks — advanced routing, WAN technologies, and network design principles

At the same time, I took a major step forward professionally by interviewing for the ALIS Systems Security Administrator (Level 1) position at Lockheed Martin, marking my transition from DevOps-focused experience into enterprise-level system security within the defense sector.

This month represents a shift toward blending DevOps, networking, and cybersecurity — aligning my academic work with real-world security roles and long-term career growth.

🔹 February — Commitment to the Next Chapter

Continued progressing through the Spring semester at Farmingdale State College, building on core concepts in network security, cryptography, and advanced networking. This period has been focused on reinforcing foundational knowledge while applying it to real-world scenarios aligned with modern security operations. This month also marked a major milestone in my career journey. I officially accepted an offer for the ALIS Systems Security Administrator (Level 1) position at Lockheed Martin. Accepting this role represents the transition from hands-on DevOps and homelab-driven experience into enterprise-scale system security within the defense sector, where operational discipline, security compliance, and mission-critical systems take priority. February has been about commitment and direction — continuing to sharpen my technical foundation while stepping into an opportunity that aligns with my long-term goal of building a career in cybersecurity and systems security.

🔹 March — Preparing for Clearance & Adopting a Security-First Mindset

Continued advancing through the Spring semester at Farmingdale State College, applying concepts from network security and cryptography to more practical, real-world scenarios. As coursework deepened, so did my focus on how these principles translate into enterprise security environments. With my upcoming role at Lockheed Martin approaching, March became a period of preparation — both technically and mentally — for operating within a clearance-driven, security-first environment. I began shifting my mindset from building and automating systems to securing and maintaining them under strict compliance standards, with increased attention to:

  • System hardening and secure configurations
  • Access control, auditing, and least-privilege enforcement
  • Log analysis and security event monitoring
  • Understanding frameworks like STIGs and enterprise security policies
This month has been about transition and readiness — preparing to step into a role where security, accountability, and operational discipline are critical to mission success.

Tooling Overview

  • Infrastructure & Virtualization - Proxmox VE (MinisForum MS-01) · Terraform · Cloud-Init
  • Automation & Configuration Management - Ansible · Jenkins · GitHub Actions · cron
  • Networking, Proxy & DNS - Docker · Traefik · Cloudflare DNS
  • Monitoring & Observability - Prometheus · Node Exporter · Grafana · Loki · Promtail
  • Security & Access Control - HashiCorp Vault · SSH certificate authentication · UFW · Fail2Ban · Let’s Encrypt TLS
  • Cloud & Hosting - AWS EC2 · NGINX (Alpine) · GCP IAM

Key Highlights

  • Automated Proxmox VM lifecycle management using Terraform and Jenkins, enabling repeatable VM creation triggered from GitHub commits
  • Standardized system builds with cloud-init templates for users, SSH access, networking, and baseline configuration
  • Post-provisioning system configuration and hardening using Ansible for packages, services, and security controls
  • End-to-end automation workflow: GitHub → Jenkins → Terraform → Proxmox → Ansible
  • Implemented automatic TLS certificate issuance and renewal using Traefik and Let’s Encrypt
  • Deployed and secured AWS-hosted NGINX services behind Cloudflare DNS with firewall controls
  • Built real-time monitoring and logging dashboards with Grafana, Prometheus, and Loki for system health and troubleshooting
  • Implemented short-lived SSH certificate authentication via HashiCorp Vault for auditable, least-privilege access
  • Generated daily SSH intrusion and Geo-IP reports to support security monitoring and incident awareness

Final Thoughts

Systems administration brings the structure, discipline, and operational ownership I developed through military and public service — with the added challenge of continuous learning. My homelab was the proving ground. Now, I’m supporting and operating systems in production.

Let’s Connect

GitHub Projects LinkedIn Thanks for reading — feel free to connect or share your own DevOps journey!