Alaa Ahmed, Developer in Cairo, Cairo Governorate, Egypt
Alaa is available for hire
Hire Alaa

Alaa Ahmed

Cloud Architect and DevOps Developer

Cairo, Cairo Governorate, Egypt

Toptal member since February 3, 2021

Expertise
System AdministrationSystem SecurityDevOpsCloud ArchitectureCode ReviewWindows DevelopmentAWSGitHubCloud EngineeringMachine LearningLinuxCybersecurity
Bio

Ahmed is a highly skilled cloud and DevOps engineer. He's also a certified Azure security engineer and a talented system and Linux engineer with a solid background in Docker, Kubernetes, and shell scripting. He has the know-how of various cloud service providers, like Microsoft Azure and AWS. Ahmed's experiences include implementing vulnerability scanners, DevSecOps tools, and CI/CD pipelines using Azure DevOps and Jenkins, infrastructure as code (IaC) using Terraform, Ansible, and ArgoCD.

Portfolio

Tariq Soliman
IT Helpdesk, System Administration, DevOps
Candid Group B.V
Kubernetes, Azure, Security, DevOps, Azure Kubernetes Service (AKS), n8n
RedJade
Kubeflow, Ansible, Azure Kubernetes Service (AKS), Azure, Kubernetes...

Experience

  • Linux - 10 years
  • Azure - 7 years
  • DevOps - 7 years
  • Azure Kubernetes Service (AKS) - 6 years
  • Terraform - 6 years
  • Automation - 5 years
  • Amazon Web Services (AWS) - 5 years
  • DevSecOps - 4 years

Preferred Environment

Kubernetes, DevOps, DevSecOps, Static Application Security Testing (SAST), Amazon Web Services (AWS), Terraform, Azure, CI/CD Pipelines, Ansible, Terraform Cloud

The most amazing...

...project I've worked on is implementing DevSecOps for Woven Azure Pipelines.

Work Experience

Head of IT and Systems Architecture

2025 - 2026
Tariq Soliman
  • Managed enterprise identity and access management (IAM) infrastructure using Okta, including user lifecycle automation, MFA enforcement, RBAC policies, and security compliance.
  • Built and maintained CI/CD pipelines using GitHub Actions to automate application build, testing, and deployment workflows.
  • Automated deployments to Azure Kubernetes Service (AKS), improving deployment reliability, release frequency, and rollback capabilities.
  • Automated onboarding and offboarding processes through SCIM provisioning, reducing manual administrative overhead and improving security governance.
  • Designed and implemented Single Sign-on (SSO) integrations between Okta and enterprise applications using SAML 2.0, OAuth, and OpenID Connect protocols.
  • Administered and maintained Google Workspace environment for organization-wide email, collaboration, user provisioning, security policies, and device management.
Technologies: IT Helpdesk, System Administration, DevOps

Azure Expert

2025 - 2026
Candid Group B.V
  • Deployed an application (n8n and n8n embed) to an Azure Kubernetes cluster.
  • Configured cluster auto-scaling and resource customization.
  • Configured WAF rules and the application gateway to optimize traffic and security.
Technologies: Kubernetes, Azure, Security, DevOps, Azure Kubernetes Service (AKS), n8n

Azure DevOps Engineer

2024 - 2024
RedJade
  • Configured and set up GPU-supported node pools, installed the Nvidia support package for K8S, and configured GPU metrics monitoring.
  • Built Helm charts to deploy for developed applications deployment.
  • Maintained GitHub actions pipeline and optimized performance and automation.
  • Installed and configured Kubeflow components and create Kubeflow pipelines to automate MLOps.
  • Provisioned cloud infrastructure and applications using Ansible and Terraform. Ensured IaC best practices dealt with edge cases in Kubernetes clusters with Linux and Windows nodes. Integrated Ansible playbooks with CI/CD pipelines.
Technologies: Kubeflow, Ansible, Azure Kubernetes Service (AKS), Azure, Kubernetes, Infrastructure as Code (IaC), Redis, Terraform, Ansible Tower, Helm, Prometheus, Grafana, Site Reliability Engineering (SRE), Solution Architecture, Architecture, Cloud Architecture, MLflow, ML Pipelines

Azure DevOps Engineer

2024 - 2024
Syn Tracts
  • Developed and configured Docker images for AI services and deployed them for on-prem environments.
  • Deployed AI Docker services on AKS and configured GitHub to automate the building, testing, and deployment phases.
  • Configured GPU VMs and a node pool, scaled the deployment on GPUs, and configured required resources and monitoring tools.
Technologies: Azure, DevOps, CI/CD Pipelines, Monitoring, Logging, Machine Learning Operations (MLOps), Azure Kubernetes Service (AKS), Docker Compose, Solution Architecture, Architecture, Cloud Architecture

Azure DevOps Engineer

2024 - 2024
Syntracts, Inc.
  • Migrated the application to a Dockized version, creating a Docker file and testing it on Azure Virtual Machines.
  • Built GitHub Actions to automate the building, testing, and deployment of various application components.
  • Provisioned Azure Kubernetes Service and deployed the application for different environments, enabling Horizontal Pod Autoscaling (HPA).
  • Designed and developed Ansible roles, playbooks, and PowerShell scripts for infrastructure automation. Built a highly available, scalable Kubernetes cluster using AWS EKS, CloudFormation, Ansible, and GitHub Actions.
Technologies: Azure, DevOps, CI/CD Pipelines, Monitoring, Logging, Machine Learning Operations (MLOps), Cloud Migration, Solution Architecture, SQL, Architecture, Cloud Architecture

DevOps Developer

2022 - 2023
GeneDx, LLC c/o Sema4
  • Migrated portal services from one Azure tenant to a new one and migrated DB from VM-based to an Azure MySQL flexible server.
  • Upgraded the architecture of the portal by migrating running containers to the Azure Kubernetes cluster.
  • Configured and implemented Datadog alerts and monitoring rules to follow the application and its resources.
  • Automated infrastructure scaling using Ansible and Terraform.
Technologies: Amazon Virtual Private Cloud (VPC), Infrastructure as Code (IaC), Terraform, CircleCI, Docker, Amazon Web Services (AWS), Azure, CI/CD Pipelines, AWS CloudFormation, AWS CodePipeline, Kubernetes, Helm, Git, Amazon CloudWatch, Sentry, Datadog, Google Cloud Platform (GCP), Security, MySQL, AWS Transit Gateway, Containerization, Containers, DevOps Engineer, Cloud Migration, Solution Architecture, SQL, Architecture, Cloud Architecture

Azure DevOps Engineer

2021 - 2022
Z-Tech
  • Managed Azure DevOps pipelines by creating code, building and pushing Docker, analyzing SCA security, scanning SAST, and deploying to AKS. Handled Azure resources, such as AKS, Azure VMs, Azure Vaults, Azure Functions, and Azure Logic Apps.
  • Used Jira Kanban boards to follow tasks and work progress.
  • Created and managed Azure DevOps pipelines to deploy application Dockers to AKS and mobile pipelines on Bitrise, code repositories on GitHub, and Terraform scripts for infrastructure automation.
  • Designed and developed Ansible roles, playbooks, and PowerShell scripts for infrastructure automation.
  • Created Terraform modules for infrastructure and workload deployment on Azure.
Technologies: Azure DevOps, Azure Key Vault, Azure Kubernetes Service (AKS), Azure Functions, Azure Blob Storage API, Azure API Management, Azure Logic Apps, Azure Web Application Firewall, Terraform, Helm, GitOps, Containerization, Security, Security Audits, DevOps Engineer, Datadog, Solution Architecture, SQL, Cloud Architecture, Ansible

DevSecOps Engineer

2021 - 2021
Woven Planet Holdings
  • Configured DevSecOps tools for secret scanning, software decomposition analysis, static code testing, and dynamic application testing.
  • Created GitHub Actions to automate the build and security process and deliver results.
  • Created and managed AWS resources, including AWS EC2, AWS VPC, AWS ELB, AWS IAM, AWS S3, AWS RDS, AWS Fargate, CloudWatch, and CloudTrail.
Technologies: AWS ALB, AWS Fargate, CodeQL, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), DevOps, GitHub, Vulnerability Assessment, Helm, IT Security, Web Security, Security, Security Audits, DevOps Engineer, Cybersecurity, Vulnerability Management, GitHub Actions, Code Review, Source Code Review

DevOps Engineer

2018 - 2021
Logicteca Solutions
  • Installed various Linux-based applications, including Apache, NGINX, HAproxy, Tomcat, Zimbra, Kurento, Asterisk, and many other applications and services.
  • Created and managed AWS resources, including AWS EC2, AWS VPC, AWS ELB, AWS ECR, AWS S3, AWS RDS, security groups, AWS Fargate, CloudWatch, and Cloudtrail.
  • Used Bash scripts, Docker, Docker Swarm, Kubernetes, and Ansible.
  • Implemented DevSecOps for Azure Pipelines. Used SonarQube, WhiteSource Bolt, OWASP ZAP scanner, and the Glue framework.
  • Managed a vulnerability assessment system and Azure and Office 365 advanced threat protection.
Technologies: Docker, Docker Compose, Docker Swarm, Amazon Web Services (AWS), Jenkins, Azure Kubernetes Service (AKS), Network Architecture

Information Security Instructor

2017 - 2020
University College of Applied Sciences
  • Lectured on certified ethical hacking, pen-testing tools, network security, and wireless network security.
  • Evaluated and mentored students taking the courses.
  • Tested and utilized Kali Linux tools like Metasploit, ZAP, and Burp Suite.
Technologies: Certified Ethical Hacker (CEH), Network Security, Application Security, Secure Access Service Edge (SASE), IT Security

System and Network Administrator

2006 - 2020
Islamic University of Gaza
  • Conducted vulnerability scanning and took care of the application and network security.
  • Served as a system and network administrator. My duties included network engineering, routing, switching, VoIP, VLAN, SAN, and network security.
  • Performed security administration tasks, such as Windows Server. For virtualization, I used VMware ESXi, vCenter, vSAN, DRM, and vSphere suite.
  • Conducted Linux Server administration and hardening using Apache, Tomcat, RADIUS, and Zimbra.
Technologies: Linux, Windows Server, Firewalls, Application Security, VMware ESXi, System Administration, Infrastructure Security, Network Architecture, Secure Access Service Edge (SASE), IT Security

Experience

DevOps and Cloud Architect

• Deployed Azure Resource Groups and AKS using Terraform scripts.
• YAML files were prepared to deploy the application using customized PHP images, Nginx, and MySQL database.
• The service has been exposed to the internet using a load balancer.
• Secrets and keys were stored on Azure Key Vault and integrated with AKS.

DevSecOps for Azure Pipelines

• Git-secrets has been configured to scan codes before uploading to Azure repo.
• SonarQube was integrated with Azure pipelines to scan for vulnerabilities.
• WhiteSource Bolt has been integrated with Azure CI for the dependency check.
• OWASP ZAP was used to scan for vulnerabilities at the release stage (Azure CD pipeline).

Web Application Firewall

My duties on this project included:
• Configuring and tuning of Cloudflare WAF.
• Implementing access rules based on the threat score.
• Implementing challenging rules for admin pages.
• Mitigating OWASP Top10 vulnerabilities.
• Auditing and troubleshooting of security incidents and false positives.

Education

2011 - 2013

Master's Degree in Computer Engineering

University of Gaza - Gaza, Palestine

Certifications

FEBRUARY 2023 - FEBRUARY 2024

Microsoft Certified: Azure Security Engineer Associate

Microsoft

JANUARY 2021 - PRESENT

DevSecOps: Continuous Application Security

LinkedIn

JANUARY 2021 - PRESENT

DevSecOps: Automated Security Testing

LinkedIn

DECEMBER 2020 - PRESENT

Fortinet Network Security Expert Level 4: Certified Professional

Fortinet

AUGUST 2018 - PRESENT

Cisco Networking: On-Premise and Cloud Solutions (OCSE)

Cisco

MARCH 2007 - PRESENT

Certified Linux Administrator (LPIC-1)

Linux Professional Institute, Inc.

Skills

Libraries/APIs

Azure Blob Storage API, Azure API Management

Tools

GitHub, Helm, Docker Compose, Docker Swarm, Jenkins, Azure Kubernetes Service (AKS), Terraform, Azure Key Vault, CodeQL, Git, AWS Fargate, Azure Logic Apps, Azure Web Application Firewall, Amazon Virtual Private Cloud (VPC), CircleCI, AWS CloudFormation, Amazon CloudWatch, Sentry, Logging, Ansible, Ansible Tower, Grafana, n8n

Paradigms

DevOps, DevSecOps, Azure DevOps, Automation, Continuous Deployment

Platforms

Amazon Web Services (AWS), Windows Server, Azure, Windows, Linux, Kubernetes, Docker, AWS ALB, Azure Functions, Azure PaaS, Google Cloud Platform (GCP), Kubeflow

Languages

Python, Java, SQL

Frameworks

OAuth 2

Storage

Datadog, Azure Blobs, MySQL, Redis

Industry Expertise

Cybersecurity

Other

Network Security, Firewalls, VMware ESXi, Fortinet Firewall Configuration, Vulnerability Identification, CI/CD Pipelines, System Administration, Security, Containerization, Containers, IT Security, DevOps Engineer, Infrastructure Security, Network Architecture, Code Review, Source Code Review, Solution Architecture, Architecture, Cloud Architecture, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Cloud, Application Security, Web Application Firewall (WAF), Office 365 Security, OWASP Top 10, Spam Filtering, Machine Learning, OWASP, Vulnerability Assessment, GitOps, Web Security, Security Audits, Vulnerability Management, GitHub Actions, Cloud Migration, OpenID Connect (OIDC), MLflow, Certified Ethical Hacker (CEH), Cloudflare, Infrastructure as Code (IaC), AWS CodePipeline, AWS Transit Gateway, Secure Access Service Edge (SASE), Monitoring, Machine Learning Operations (MLOps), Prometheus, Site Reliability Engineering (SRE), ML Pipelines, Terraform Cloud, IT Helpdesk

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring