I build and operate network infrastructure that doesn't go down — across multiple data centers, hostile internet edges, and PCI-regulated environments.
15+ years scaling product... Show moreI build and operate network infrastructure that doesn't go down — across multiple data centers, hostile internet edges, and PCI-regulated environments.
15+ years scaling production networks: fintech (Kaspi.kz), national-scale government services (Ministry of Agriculture, Kazakhstan), 54-site retail WAN (Mechta Market), and an active-active-active multi-DC private fund (ALT Fund, current).
- What I focus on -
• BGP edge security — IRR/RPKI filtering, max-prefix limits, AS-path policies, ROA hygiene
• High-availability network architecture — ECMP, VRRP/HSRP, dual/triple-DC failover, predictable convergence
• Linux & virtualization platforms — VMware vSphere (vDS/HA/DRS), Proxmox, KVM, Kubernetes
• Infrastructure automation — Ansible, Netmiko, PowerCLI, Terraform; eliminating config drift, git-backed configs
• SLO-driven observability & on-call — Prometheus, Grafana, Zabbix, Vector/Loki, Alertmanager
• Compliance-driven segmentation — PCI DSS CDE isolation, zero-trust between zones
- Selected impact -
• Operated active-active-active core across 3 geo-distributed data centers with >99.9% availability for critical apps (ALT Fund)
• Hardened production BGP edge of a national payment provider with IRR/RPKI filtering + max-prefix policies — reduced routing incidents and accelerated convergence (Kaspi.kz, PCI DSS environment)
• Cut VM provisioning from ~2 hours to ~30 minutes via golden templates + CloudInit + PowerCLI (Equant AG, Zurich)
• Designed and rolled out a nationwide 54-site WAN blueprint with dual-WAN (wired + LTE), IPsec failover, and zero-touch provisioning (Mechta Market)
• Architected nationwide government IT/network — 400+ network devices, 32 blade servers, L2VPN/L3VPN inter-regional connectivity (Ministry of Agriculture, Kazakhstan)
- Tech -
BGP/OSPF/VRF/VLAN · IRR/RPKI · IPsec/IKEv2 · WireGuard · VMware vSphere · Proxmox · Kubernetes · Linux · Windows/AD · Ansible · Terraform · Python · PowerCLI · Prometheus/Grafana/Zabbix · Veeam · AWS · Hetzner
Certifications: IPv6 Security Expert · MTCINE · RIPE Database Associate · CCNA
- Open to -
Senior IC roles in Network Engineering, SRE, or Production Engineering. Remote (EU/US-compatible timezones) or relocation.
???? berik@ashimov.com Show less
ashimov
@ashimov
Berik Ashimov
Senior Network & Infrastructure Engineer. 15+ yrs HA multi-DC, BGP/RPKI, Kuberne...
About
I build and operate network infrastructure that doesn't go down — across multiple data centers, hostile internet edges, and PCI-regulated environments.
15+ years scaling product... Show more
15+ years scaling product... Show more
chevron_left