Badreddine Gharbi, Developer in Toulouse, France
Badreddine is available for hire
Hire Badreddine

Badreddine Gharbi

Bio

Badreddine is a dedicated, knowledgeable, and highly productive DevOps engineer. Besides his experience in infrastructure, security, and cloud architecture, he also fully embodies product thinking and lean development. Badreddine moved to work as a consultant to share his expertise and help smaller businesses improve their cloud infrastructure until they are ready to grow their team with an in-house specialist.

Portfolio

Newrest
Azure, Azure Active Directory, Azure App Service, Azure Landing Zones...
Groupe Credit Agricole
Azure, Azure DevOps, CI/CD Pipelines, Continuous Integration (CI), Kubernetes...
Yuki
CI/CD Pipelines, Monorepos, Docker, Node.js, TypeScript, GitHub, Azure...

Experience

  • DevOps - 7 years
  • GitHub Actions - 6 years
  • Azure - 5 years
  • Linux - 5 years
  • Kubernetes - 5 years
  • Azure DevOps - 5 years
  • Google Cloud Platform (GCP) - 5 years
  • Site Reliability Engineering (SRE) - 3 years

Preferred Environment

Google Cloud Platform (GCP), Terraform, GitHub, GitLab CI/CD, Grafana, Azure, GitHub Actions, Azure Kubernetes Service (AKS)

The most amazing...

...project I've delivered included migrating an entire on-premise infrastructure to GCP with better resilience and fault tolerance for a fraction of the price.

Work Experience

Security Engineer

2025 - PRESENT
Newrest
  • Architected a secure cloud foundation. Co-designed a "Zero Trust" reference architecture utilizing network segmentation and RBAC hardening (Entra ID) to ensure strict environment isolation.
  • Fortified production back ends by deploying Azure Front Door with WAF policies, effectively mitigating Layer 7 attacks and securing public-facing API endpoints.
  • Automated security posture management using Microsoft Defender, transforming compliance from a manual audit into a continuous, real-time monitoring process.
  • Integrated GitHub Advanced Security (GHAS) for SAST, secret scanning, and dependency review, reducing the mean time to detect (MTTD) vulnerabilities before they reach production.
  • Secured the software supply chain by implementing SBOM (software bill of materials) and integrity controls, ensuring 100% visibility into third-party library risks.
Technologies: Azure, Azure Active Directory, Azure App Service, Azure Landing Zones, Azure DevOps, Terraform

DevSecOps Consultant

2024 - 2025
Groupe Credit Agricole
  • Configured Azure DevOps Server 2022, including the set up of databases, application tier, reporting services, and security settings to ensure a fully operational and secure environment.
  • Developed a CI/CD workflow using Azure DevOps for GitHub workflow integration, incorporating a private application packages repository to streamline builds, deployments, and version management.
  • Containerized applications for Angular 18 and .NET Core, creating Docker images for consistent and scalable deployment across environments.
  • Integrated JFrog Xray and SonarQube to assess code quality and detect security vulnerabilities throughout the development lifecycle.
  • Set up Argo CD for a GitOps-based deployment workflow using Helm charts, and assist in promoting applications to production environments.
  • Created dashboards in Azure DevOps to visualize application status, track key performance indicators, and identify bottlenecks in the development and delivery process.
Technologies: Azure, Azure DevOps, CI/CD Pipelines, Continuous Integration (CI), Kubernetes, GitHub Actions, Cloud Infrastructure

DevOps Engineer

2023 - 2025
Yuki
  • Created GitHub Actions pipelines supporting feature branch deployments and integrated security analysis with GitHub Security Scanning to ensure code quality and security compliance.
  • Containerized multiple Next.js applications and deployed them to serverless environments for scalable and efficient cloud-based operations.
  • Performed performance analysis and optimized architectural design to enhance system efficiency and scalability.
  • Optimized Cloud FinOps by setting up budget alerts and leading discussions to drive continuous financial improvements and cost management.
  • Developed a monitoring dashboard and conducted readiness and health checks to ensure system reliability and performance.
  • Created detailed documentation and architecture diagrams using Lucidchart to illustrate system designs and processes clearly.
  • Configured a Grafana dashboard for Kubernetes and Cloud Run, implemented email alerting, and utilized logs, metrics, and traces in Grafana to enhance troubleshooting and system monitoring.
Technologies: CI/CD Pipelines, Monorepos, Docker, Node.js, TypeScript, GitHub, Azure, GitHub Actions, Continuous Integration (CI), Grafana, Kubernetes, PostgreSQL

SAP Business One Cloud Migration Specialist

2024 - 2024
Agroecologia Intensiva Para El Campo
  • Monitored and managed SAP HANA database backups, ensuring data integrity and availability.
  • Designed and implemented Azure infrastructure tailored for SAP Business One migration.
  • Established robust VM redundancy and backup systems to enhance reliability.
  • Installed and configured SAP Business One add-ons following industry best practices.
  • Developed comprehensive architecture plans for seamless cloud migration.
Technologies: Azure, Azure DevOps, SAP, Cloud Migration, DevOps, SAP HANA, Azure Monitor

Kubernetes Expert

2024 - 2024
Association for the Advancement of Sustainability in Higher Education, Inc
  • Conducted a comprehensive review of the Kubernetes setup to assess configuration, performance, and security, ensuring optimal cluster operation and alignment with best practices.
  • Conducted an architectural review and provided improvement recommendations to enhance system design, scalability, and performance.
  • Produced a formal report detailing the methodology, findings, and actionable suggestions for improvements based on the architectural review.
Technologies: Kubernetes, Google Cloud Platform (GCP), Google Kubernetes Engine (GKE), GitHub, GitHub Actions, Kustomize

DevSecOps Engineer

2022 - 2024
Global POS
  • Acted as a key technical driver in achieving ISO 27001 certification, mapping technical controls to audit requirements, and establishing incident response protocols.
  • Developed a comprehensive monitoring and alerting suite in GCP to optimize MTTR (Mean Time to Recovery) and ensure 99.9% uptime for the production environment.
  • Implemented Workload Identity Federation for GitHub Actions, eliminating the need for long-lived service account keys and aligning with ISO 27001 best practices.
  • Designed Canary deployment pipelines using Google Cloud Deploy, enabling "zero-downtime" releases and reducing the change failure rate.
  • Engineered a comprehensive GCP monitoring stack and proactive alerting framework to optimize MTTD/MTTR.
  • Authored and managed Terraform configurations to provision mission-critical GCP services (GKE, Cloud SQL, Bigtable, Redis), ensuring reproducible and documented infrastructure.
Technologies: Docker, Google Cloud Platform (GCP), JavaScript, Kubernetes, GitHub, Linux, DevOps, Google Kubernetes Engine (GKE), CI/CD Pipelines, Cloud Architecture, Load Balancers, Networks, Terraform, DevSecOps, Continuous Integration (CI), GitHub Actions, PostgreSQL, Cloud Infrastructure

DevOps Engineer

2021 - 2022
Sidespin
  • Bootstrapped a Google Cloud Platform (GCP) organization and created GCP organization policies using Terraform.
  • Developed and improved GCP architecture and updated Terraform configuration.
  • Enhanced security utilizing Google Kubernetes Engine (GKE) workload identity.
  • Created GCP resources from Kubernetes using GKE Connector.
  • Performed GitLab CI/CD configuration with deployment on GKE using Helm.
Technologies: Google Cloud Platform (GCP), Terraform, GitLab, GitLab CI/CD, DevOps, Google Kubernetes Engine (GKE), Kubernetes, CI/CD Pipelines, Cloud Architecture, DevSecOps, Continuous Integration (CI), GitHub Actions, PostgreSQL, Cloud Infrastructure

DevOps Engineer

2020 - 2021
PixiMind
  • Installed, configured, and maintained on-premise web services.
  • Developed and implemented CI/CD with GitLab CI, GitHub Actions, and Azure DevOps.
  • Improved the deployment process within Azure and monitoring applications using Grafana.
Technologies: GitHub, Azure, Kubernetes, Azure Kubernetes Service (AKS), Grafana, CI/CD Pipelines, Continuous Integration (CI)

Software Developer

2017 - 2020
Softtodo
  • Developed front-end apps using React and landing pages using HTML, CSS, and JavaScript.
  • Built microservices and back ends using Express, the Node.js framework.
  • Performed code review and developed different—mainly unit and functional— tests.
Technologies: JavaScript, HTML5, CSS4, jQuery, Linux, NGINX

Experience

E-BRI

E-BRI redefines instant coupon processing in retail environments, emphasizing rapid response and scalable infrastructure.

Leveraging Google Cloud Platform (GCP), the project utilizes Google Kubernetes Engine (GKE) to streamline application deployment, ensuring robust management and automated scaling of containerized applications. To enhance responsiveness and manage dynamic load efficiently, the architecture integrates Cloud Run, a serverless platform that excels in delivering high-performance and scalable services.

Additionally, the system employs Google Cloud Memorystore to handle large volumes of data with low latency, meeting stringent client requirements for performance and scalability. This comprehensive solution meets and exceeds the operational demands of modern retail environments, providing a seamless, efficient, and cost-effective coupon system.

Education

2026 - 2026

MBA in Cybersecurity Expertise in Cybersecurity

HETIC - Paris

Certifications

MARCH 2026 - PRESENT

Microsoft Cybersecurity Architect

Microsoft

JUNE 2025 - JUNE 2026

Microsoft Certified: Azure Solutions Architect Expert

Microsoft

APRIL 2025 - APRIL 2026

Microsoft Certified: Azure Security Engineer Associate

Microsoft

OCTOBER 2024 - OCTOBER 2026

CKA: Certified Kubernetes Administrator

The Linux Foundation

SEPTEMBER 2024 - SEPTEMBER 2026

CKAD: Certified Kubernetes Application Developer

The Linux Foundation

SEPTEMBER 2024 - SEPTEMBER 2025

Microsoft Certified: DevOps Engineer Expert

Microsoft

Skills

Libraries/APIs

jQuery, Node.js

Tools

Google Kubernetes Engine (GKE), GitHub, Azure Kubernetes Service (AKS), Istio, Helm, Fluentd, Terraform, GitLab CI/CD, Grafana, GitLab, NGINX, Kustomize, Azure Monitor, Azure App Service

Paradigms

DevOps, Continuous Integration (CI), Azure DevOps, DevSecOps

Platforms

Kubernetes, Docker, Google Cloud Platform (GCP), Azure, Linux, SAP HANA

Storage

Google Cloud, PostgreSQL, Google Bigtable, Azure SQL, Azure Active Directory

Languages

JavaScript, HTML5, CSS4, TypeScript, GraphQL

Other

CI/CD Pipelines, GitHub Actions, Cloud Infrastructure, Site Reliability Engineering (SRE), Cloud Security, Infrastructure as Code (IaC), Prometheus, Google Cloud Functions, Networking, DevOps Engineer, Cloud, Cloud Architecture, Web Security, Load Balancers, Networks, Monorepos, Software Development, Open Source, Orchestration, SAP, Cloud Migration, Blob Storage, Azure Landing Zones, Cybersecurity Operations

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring