Yasas Banuka
← Home

Yasas Banuka Malavige

DevOps / Cloud Infrastructure Engineer

+94 78-236-7333 ybanuka2003@gmail.com Colombo, Sri Lanka iamyasasbanuka.me LinkedIn GitHub

Career Summary

Production-minded DevOps engineer who led the Prime Minister-attended national launch of Sri Lanka's UoVT website with zero downtime, while neutralizing a live SSH brute-force campaign on the same server. BEng Software Engineering graduate, currently a final-year undergraduate in BTech Network Engineering, with hands-on depth in AWS, Docker, CI/CD pipelines, and Linux server operations — looking to bring that same production discipline to cloud infrastructure and DevOps engineering roles.

Technical Skills

Cloud & Infrastructure

AWS EC2, AWS S3, AWS Lambda, Docker, Nginx, VM provisioning, Linux server administration

CI/CD & Automation

GitHub Actions, Git, deployment pipelines, release automation, Bash scripting, YAML

Containers & Orchestration

Docker, Docker Compose, Kubernetes, multi-service stack management

Monitoring & Observability

Prometheus, Grafana, Micrometer, Spring Actuator, custom dashboards, health checks

Networking & Security

SSH hardening, Fail2Ban, UFW firewall rules, TLS/HTTPS, JWT, rate limiting, environment secrets management, Spring Security

Backend & Data

Spring Boot, Python, REST APIs, PostgreSQL, pgvector, MySQL

Professional Experience

Infrastructure & DevOps Lead

JAN 2026 – PRESENT

University of Vocational Technology | Project-based

  • Executed a zero-downtime production release of the national UoVT website during a high-visibility launch attended by the Prime Minister of Sri Lanka — coordinating live environment validation, pre-launch health checks, and real-time incident response across a 2-server production/staging architecture.
  • Architected and provisioned the full production and staging infrastructure from scratch, provisioning Ubuntu 22.04 VMs and configuring Docker, Docker Compose, Nginx, and GitHub Actions CI/CD pipeline to deliver a structured, repeatable release pipeline for a team of 7+ contributors.
  • Identified and neutralized an active SSH brute-force campaign exceeding 300,000 intrusion attempts by deploying and tuning Fail2Ban with progressive banning rules — restoring full server integrity, and maintaining 100% uptime throughout the incident.
  • Authored a production operations runbook covering the full server lifecycle — architecture decisions, deployment, SSL, secrets management, daily ops, monitoring, backup/recovery, security hardening, and emergency procedures — actively referenced by team members for independent server operations, eliminating single-point-of-failure dependency on any one operator.

STEM Mentor L2

DEC 2025 – PRESENT

RoboticGen | Colombo, Sri Lanka | Hybrid / Part-time

  • Deliver project-based Python and AI mentoring to K-12 students while contributing to curriculum development and guiding L1 mentors through structured knowledge transfer, building technical communication and cross-functional leadership alongside engineering practice.

Co-Founder & Lead Web Developer

MAR 2024 – JUN 2025

WebDynamo Digital Agency | Remote

  • Co-founded a remote digital agency serving Australian SME clients — owning end-to-end project delivery from requirements and scoping through to deployment, hosting setup, and post-launch support across multiple concurrent client environments.

Web Developer

JUL 2023 – APR 2024

WDCSE (PVT) LTD | Kottawa, Sri Lanka | Hybrid / Full-time

  • Maintained web environments and CMS configurations within a structured corporate setting — handling deployments, content updates, backups, and availability support across a 9-month full-time engagement.

Projects

UoVT Official Website — Infrastructure, Deployment & Operations

Infrastructure & DevOps Lead | uovt.ac.lk

  • Planned and provisioned a 2-server production/staging infrastructure from zero — including VM sizing, OS selection, network access rules, and Cloudflare DNS — supporting a public-facing national university website.
  • Built a GitHub Actions CI/CD pipeline that automated linting, build validation, and deployment triggers across production and staging branches, reducing manual deployment steps and enforcing consistent release quality.
  • Instrumented the production environment with service health checks and real-time log monitoring, enabling rapid diagnosis of deployment issues and maintaining uninterrupted availability through the national launch window.
  • Hardened the production server against an active brute-force campaign — implementing Fail2Ban rate limiting, tightening UFW firewall rules, restricting SSH access to key-based authentication only, and restoring full server integrity within hours.
  • Documented the full operational lifecycle in a structured runbook — from architecture rationale and deployment procedures to security hardening and emergency recovery — ensuring operational continuity and complete knowledge transfer.
Ubuntu 22.04 LTS
Docker
Nginx
GitHub Actions
Git
Bash
Next.js
Spring Boot
PostgreSQL
Cloudflare

Docura — Multi-Tenant RAG Engine

Individual Project | docura.iamyasasbanuka.me | github.com/YasasBanuka/docura-deployment

  • Deployed a 5-service Docker Compose stack on AWS EC2 with Nginx reverse proxy routing, TLS termination, and network exposure rules — delivering a production-ready multi-tenant RAG application accessible over HTTPS.
  • Built end-to-end observability for the production stack using Prometheus and custom Grafana dashboards — tracking p95 request latency, container memory saturation, and per-tenant error rates across 3 Spring Boot microservices, cutting mean time to diagnose anomalies from ~20 minutes to under 3 minutes.
  • Implemented a layered security model including JWT authentication, bcrypt password hashing, per-tenant rate limiting, and restricted service exposure — aligning the deployment with production security standards.
  • Configured Nginx tuning and Spring Boot Actuator health endpoints to support stable production traffic handling and zero-downtime operational checks during iterative releases.
AWS EC2
Docker
Docker Compose
Nginx
Prometheus
Grafana
PostgreSQL
pgvector
Spring Boot
JWT
Bash
HTTPS/TLS

Education

Dual-Degree Graduate — BEng Software Engineering & BTech Network Engineering

Bachelor of Engineering (Hons) in Software Engineering

IIC University of Technology

2022 – 2026

Bachelor of Technology in Network Engineering

University of Vocational Technology

MAY 2023 – PRESENT

Certifications

In Progress

  • AWS Certified Solutions Architect – Associate (SAA-C03)

Completed

  • Fundamentals of DevOps — KodeKloud
  • Learning Linux Basics Course & Labs — KodeKloud
  • Microsoft Azure Fundamentals (AZ-900) — KodeKloud

Leadership & Community

Institute of Electrical and Electronics Engineers (IEEE)

FEB 2026 – PRESENT

Webmaster & Technical Activities Member | IEEE Sri Lanka Section (SLSAC)

  • Supporting technical coordination, digital communications, and structured execution of IEEE student branch initiatives.
  • Prior IEEE roles: IEEEXtreme 19.0 Student Branch Ambassador, Chairperson IEEE Day 2025, Lead Organiser XtremeIgnite 1.0, Public Visibility Team Lead JamborIEEE 2025, Founding Chairperson TechSpark 1.0.

Leo Club of Colombo Grand Circle

DEC 2024 – PRESENT

Co-Director of Service

  • Leading community service initiatives and coordinating volunteer activities across club membership.