Software Engineering Lead Stara Zagora, Bulgaria | martin@yankovs.com | linkedin.com/in/mdyankov
Software Engineering Lead with 10+ years of experience in cloud infrastructure, FinOps, IAM governance, and full-stack development. Led distributed teams and built internal platforms at scale across AWS, GCP, and Azure at VMware and Broadcom. Navigated the Broadcom-VMware acquisition as a sole transition into a new organization, standing up new systems while shutting down and transferring previous ones.
January 2024 – Present
- Designed and built Broadcom's company-wide cloud inventory and chargeback platform from the ground up, initially as sole developer, later scaling to a team with microservice architecture deployed on GKE with Helm and fully automated CI/CD through GitOps
- Platform serves all Broadcom business units across both Software and Semiconductor divisions (VCF, ESG, AOD amongst the largest), managing terabytes of billing data and millions of dollars in spend across AWS, GCP, Azure, and additional hyperscalers including Alibaba, Azure China, Oracle, and IBM
- Worked with the team to identfy and decommission 5,000+ orphaned and stale cloud accounts, reducing waste and security exposure
- Enabled SecOps to automatically enrich security data with accurate account ownership, reducing time to contact owners on identified vulnerabilities from hours to minutes
- Achieved high product adoption with dozens of daily active users across engineering, finance, and security teams, as well as our FinOps team
- Enabled anyone in Broadcom to proactively self-service manage ownership of their accounts - full transparency within the product business units for who owns what
- Architected all services using OpenAPI, Node.js/Express, and Angular with zero single points of failure
December 2022 – January 2024
- Managed a sub-team of 6 engineers within a wider organization of 30 distributed across Ireland, India, US, Bulgaria, and Armenia, responsible for Public Cloud Governance across 12,000+ accounts in AWS, GCP, and Azure
- Operated a ring-0 internal cloud access service at 99.999% availability, depended on daily by all VMware SRE teams
- Participated in weekly on-call rotation (2-person coverage), handling PagerDuty alerts, ticket queue processing, and support escalations following established incident procedures
- Led post-incident reviews, tracking follow-ups, root cause analysis, and presented incident findings to senior leadership
- Balanced roadmap delivery across feature development, SOC2/PCI DSS/ISO compliance, and operational load
- Contributed to catching and mitigating dozens of potential security breaches through centralized IAM governance
- The team's SOC2/PCI-compliant platform served as VMware's central access control layer, significantly reducing the company's attack surface since inception
- Led automation of deployments to thousands of accounts across all cloud providers
- During the Broadcom acquisition, managed knowledge transfer of the team's systems to dedicated VCF teams, shut down legacy services, and transitioned solo into Broadcom's internal FinOps organization
January 2021 – December 2022
- Co-architected a ground-up refactor of an event-driven multi-cloud access platform (Terraform + AWS Lambda) deploying infrastructure across 17,000+ accounts in all AWS regions simultaneously at 99.9999% availability
- Reduced cloud account access time to seconds through just-in-time credential provisioning, centralizing incident and SRE management for all of VMware
- Automated full cloud account lifecycle — creation, configuration, usage, and deletion — across AWS, GCP, and Azure, including GovCloud integration and company acquisition onboarding
- Personally automated numerous manual tasks: account creation/deletion, build pipelines, and cross-cloud provisioning workflows, significantly reducing build and deployment time
- Helped establish team standards for documentation, Jira tracking, CI/CD, and development practices, enabling the team to scale operations
- Co-authored published technical blogs in collaboration with AWS and GCP (available on LinkedIn)
April 2020 – January 2021
- Built custom software for construction process automation, eliminating paper trails between on-site and back-office operations
- Established a stable digital archive for all work at every step of every project
- After initial pilot, time to document decreased and precision increased across all active projects
- Introduced agile project management practices to construction teams
- Co-authored 2 Bulgarian utility patents for construction management systems
February 2020 – April 2020
- Built API layer using Django for internal trip management
- Contributed to React/Redux/Apollo frontend for trip management web application
- Participated in design reviews and performance optimization
August 2019 – December 2019
- Started as a bachelor thesis project, learned Ionic from scratch and successfully delivered a conference event app generator
- Built a Node application using Ionic 4 and Angular for on-demand building of cross-platform mobile applications for events
- Developed an ETL process for extracting data from the existing API
- Released multiple applications to Google Play Store and Apple App Store, used across real events
- Created workshops to onboard new team members into the project
December 2017 – December 2019
- Built and maintained data science web applications for customer automation and churn reduction on Azure
- Improved database and backend structures to increase machine learning algorithm performance
- Redesigned frontend UX in Vue.js, improving usability and engagement
- Designed and implemented a PWA using Ionic 4 for customer sales automation
- Worked on multiple tailored data science solutions for data extraction
- Participated as main developer in Founders Foundation Startup Accelerator
December 2016 – July 2017
- Built, SEO-optimized, and published 5–6 websites in raw PHP and Bootstrap, including company main site and subsidiary sites
- Built internal mobile time recording system for employees
Bachelor of Science, Business Computer Science — University of Munster, Germany
- Cloud Platforms: AWS, GCP, Azure
- AWS: Lambda, Step Functions, CloudTrail, CloudWatch, S3, EC2, API Gateway, Secrets Manager, IAM, Cost Explorer, Organizations, GovCloud
- GCP: Cloud Run, Pub/Sub, GCR, GKE, Cloud Storage, IAM, Organizations
- Azure: Azure Functions, IAM, Organizations
- Container & Orchestration: Kubernetes, GKE, EKS, Helm, Docker
- Infrastructure as Code: Terraform, CloudFormation, GitOps
- Languages: TypeScript, JavaScript, Go, Python, Bash, PHP
- Backend: Node.js, Express, Django, OpenAPI, REST, GraphQL
- Architecture: Event-driven, microservices, Pub/Sub, orchestration, serverless
- Frontend: Angular, React, Vue, Ionic
- Databases: PostgreSQL, MySQL, DynamoDB, Cassandra
- Monitoring & Observability: Grafana, Prometheus, Wavefront, PagerDuty, ELK Stack
- CI/CD: GitHub Actions, GitLab CI, Jenkins, GitOps
- Auth & Security: OAuth, JWT, RBAC, IAM policies, least-privilege
- Compliance: SOC2, PCI DSS, ISO auditing
- Tools: Git, Linux, Nginx, JSON/YAML
- Methodology: Agile, Scrum, Kanban
- Domains: FinOps, IAM, Cloud Governance, Security, Incident Management
- Google Cloud Certified Generative AI Leader
- Google Cloud Certified Associate Cloud Engineer
- Google Cloud Fundamentals: Core Infrastructure
- Build Infrastructure with Terraform on Google Cloud
- Build a Secure Google Cloud Network
- Implement Cloud Security Fundamentals on Google Cloud
- Implement Load Balancing on Compute Engine
- Set Up an App Dev Environment on Google Cloud
- Getting Started with Google Kubernetes Engine
- Develop Your Google Cloud Network
- Complete React Developer (2020)
- BG 3721 U1 · Jun 29, 2020 — Modular system for preparatory repairs of buildings
- BG 3640 U1 · Jun 1, 2020 — Construction process management and control system
- English (Native/Bilingual)
- German (Native/Bilingual)
- Bulgarian (Native/Bilingual)
- Russian (Elementary)