DoneRight · Infrastructure & DevSecOps
Infrastructure, done right.
Resilient, automated, secure platforms at scale. We engineer cloud-native infrastructure and wire security into every layer — so your teams ship faster with less risk.
Expertise
What we work with
A full-stack infrastructure toolkit, built from 12+ years running high-load, cloud-native platforms.
Cloud & Network
IaC & Config
Orchestration
CI/CD
Observability
Security
AI & Automation
DevSecOps
Security, engineered in — not bolted on.
Reliability, security and scalability are designed intentionally, from the first commit to production runtime. Security runs through the whole delivery lifecycle:
Secrets & identity
HashiCorp Vault, least-privilege IAM and short-lived credentials — no long-lived secrets in code or pipelines.
Supply-chain & images
Scanned and signed container images, dependency and SBOM hygiene, reproducible builds you can trust.
Runtime & network policy
Kubernetes network policies, segmentation and policy-as-code that contain blast radius by default.
Secure CI/CD
Security gates, secret scanning and least-privilege deploy roles wired directly into delivery.
Observability as security
Metrics, logs and traces feeding detection, SLOs and faster, calmer incident response.
Compliance readiness
Auditable, automated controls — so audits become a report, not a fire drill.
Services
How we work with you
Senior infrastructure and DevSecOps capability, available the way you need it.
Fractional infra leadership
A part-time Head of Infrastructure and DevSecOps lead for startups and scale-ups — senior ownership without a full-time hire.
- Roadmap, hiring and standards for your infra function
- Hands-on architecture decisions and reviews
- Security and reliability owned end to end
Cloud & infra architecture
Cloud-native design, migrations and Infrastructure as Code that scale with your product instead of fighting it.
- Terraform / Terragrunt IaC from the ground up
- Kubernetes platforms (EKS/ECS), Helm, Argo
- Migrations off legacy or bare metal to automated cloud
DevSecOps implementation
Security engineered into the delivery pipeline and runtime — not bolted on after an audit.
- Secrets management with HashiCorp Vault and least-privilege IAM
- Security gates, secret scanning and signed images in CI/CD
- Kubernetes network policy and runtime segmentation
Cost & reliability optimization
Right-sizing, observability and SLOs that cut spend and incidents at the same time.
- Infrastructure cost reductions (up to 60% on past engagements)
- Observability with Prometheus, Grafana, Loki, Thanos
- SLOs, alerting and incident readiness
Products
About
Led by Aleksandr Remniov
DoneRight is the practice of Aleksandr Remniov — an automation-driven engineering manager with 12+ years across infrastructure, DevOps and security. The work spans cloud-native architecture, Infrastructure as Code, Kubernetes ecosystems and observability — plus AI-based workflows that eliminate toil and accelerate delivery.
- Infrastructure Head / Engineering Manager · Hubstaff2023 — Present
Company-wide infrastructure refactoring and automation; founded and scaled the Data Analytics team; led a full marketing-frontend transformation.
- Head of Infrastructure · Cere Network2020 — 2022
Refactored legacy infrastructure into fully automated cloud-native architecture on AWS (EKS, Lambda, Terraform).
- Lead Infrastructure Engineer · Lion Studios2022
Built infrastructure for newly launched products from day one; cut infrastructure costs by over 60% through right-sizing and scaling.
- Infrastructure Tech Lead · BrainQ2019 — 2023
Owned the full infrastructure landscape across web, mobile and data platforms on bare metal and AWS.
- Head of Infrastructure · iMlab2019 — Present
Designed the entire infrastructure from the ground up for mission-critical financial web and mobile applications.
Let's build something resilient.
Open to consulting, fractional leadership and interesting infrastructure problems.