Saad is currently unavailable

Saad Abdullah

Verified Expert in Engineering

Cloud Architect and Platform Engineer and Developer

Lahore, Punjab, Pakistan

Toptal member since April 7, 2026

Expertise

Cloud Engineering Site Reliability System Security DevOps Kubernetes Docker Google Kubernetes Engine (GKE)Linux Agile Development AWS Terraform Amazon S3 SOC 2( Service Organization Control)

Bio

Saad is a cloud architect and platform engineer with 6+ years of experience across the DevOps and infrastructure spectrum, including cloud architecture, Kubernetes operations, IaC, CI/CD, security hardening, SRE practices, and developer experience. He's delivered systems on GCP and AWS for industries where reliability, compliance, and security are critical. Saad is a Google Professional Cloud Architect–certified engineer with a philosophy that DevOps is a mindset before it's a job title.

Portfolio

CarbonTeq

Google Cloud Platform (GCP), Kubernetes, Docker, Agile...

Automatiq

Amazon Web Services (AWS), CircleCI, Agile, Bash, Amazon EKS, Amazon RDS...

eBricks

Docker, Amazon Web Services (AWS), Ansible Tower, Ansible Playbooks, Terraform...

Experience

Kubernetes - 5 years
Docker - 5 years
Google Cloud Platform (GCP) - 5 years
Infrastructure as Code (IaC) - 5 years
Amazon Web Services (AWS) - 4 years
Site Reliability Engineering (SRE) - 4 years
Compliance - 4 years
GitHub Actions - 3 years

Preferred Environment

Google Cloud Platform (GCP), Kubernetes, Docker, Amazon Web Services (AWS), Terraform, Site Reliability Engineering (SRE), CI/CD Pipelines, Platform Engineering, Cloud Architecture, Cloudflare, Continuous Delivery (CD), Containers

The most amazing...

...thing I've done involved architecting cloud platforms that collectively serve 1.4+ million users across fintech and healthcare.

Work Experience

Senior DevOps and Cloud Engineer

2021 - 2026

CarbonTeq

Architected a HIPAA-compliant Kubernetes infrastructure for a 500+ staff correctional healthcare platform, integrating zero-trust access via Teleport and centralized secrets management with Infisical.
Designed a high-availability fintech system for a 1+ million MAU digital insurance marketplace, achieving 99.9% uptime and full PCI-DSS alignment through Pulumi-standardized environment provisioning.
Embedded end-to-end security into CI/CD pipelines using SAST gates, Trivy container scanning, and Cloud Armor WAF policies, preventing vulnerable artifacts from reaching production across multiple platforms.

Technologies: Google Cloud Platform (GCP), Kubernetes, Docker, Agile, Amazon Web Services (AWS), GitHub Actions, CircleCI, Jenkins, GitLab, Continuous Development (CD), Infrastructure as Code (IaC), DevOps, Security, MySQL, Server Optimization, Performance, Python, YAML, Software Development Lifecycle (SDLC), Terraform, Compliance, Helm, Solution Architecture, Cloud Architecture, Observability, Monitoring, Site Reliability Engineering (SRE), Pulumi, Google Kubernetes Engine (GKE), Web Application Firewall (WAF), Cloud Security, Google Cloud Security Command Center (SCC), Cloud Compliance, CI/CD Pipelines, Cloudflare, HIPAA Compliance, Cloud Run, Google Cloud Build, Snyk, GitLab CI/CD, Node.js, Redis, Kubernetes HorizontalPodAutoscaler (HPA), PostgreSQL, Logging, Trivy, Infisical, PCI DSS, Amazon EKS, NGINX, Podman, Docker Compose, Transport Layer Security (TLS), On-premise, REST APIs, HIPAA, AWS Lambda, SOC Compliance, Disaster Recovery (DR), Containerization, Scripting, Amazon S3 (AWS S3), Role-based Access Control (RBAC), GitOps, Continuous Delivery (CD), Zero Trust, GitHub, Continuous Integration (CI), IT Security, DevSecOps, Amazon RDS, Grafana, Prefect, Healthcare Software, Healthcare, Healthcare Services, SOC 2, TypeScript, Amazon EC2, Datadog, Amazon Elastic Container Service (ECS), AWS IAM, Amazon CloudWatch, Azure, Containers, Atlantis, Architecture, Azure Kubernetes Service (AKS), API Gateways, Networking, Virtualization, Linux, Cloud

Cloud & DevOps Engineer

2022 - 2023

Automatiq

Led end-to-end migration of legacy workloads to AWS, modernizing CI/CD pipelines and significantly reducing deployment complexity across staging and production environments.
Containerized core application services and orchestrated deployments across GKE and AWS environments, improving release consistency and operational reliability.
Established standardized infrastructure patterns across cloud environments, enabling faster onboarding of new services and reducing configuration inconsistencies between teams.
Provisioned and managed cloud infrastructure, including compute, networking, and managed databases, ensuring high availability and cost-efficient resource utilization.
Configured the security of dozens of microservices' Helm charts, ensuring modernization of Helm charts, thus eliminating security risks associated with Kubernetes security contexts.

Technologies: Amazon Web Services (AWS), CircleCI, Agile, Bash, Amazon EKS, Amazon RDS, Amazon EC2, Jenkins, Helm, Cloud Security, Cloud Architecture, New Relic, Datadog, Grafana, Prometheus, Linux, Terraform, DevOps, Security, MySQL, Server Optimization, Performance, YAML, Google Cloud Platform (GCP), Kubernetes, Continuous Development (CD), Docker, Software Development Lifecycle (SDLC), GitHub Actions, Infrastructure as Code (IaC), Compliance, Observability, Monitoring, Site Reliability Engineering (SRE), Python, Google Kubernetes Engine (GKE), Web Application Firewall (WAF), Cloud Compliance, CI/CD Pipelines, Cloudflare, Cloud Run, Node.js, Redis, Kubernetes HorizontalPodAutoscaler (HPA), PostgreSQL, Logging, NGINX, Docker Compose, Transport Layer Security (TLS), REST APIs, AWS Lambda, Containerization, Scripting, Amazon S3 (AWS S3), Role-based Access Control (RBAC), GitOps, Continuous Delivery (CD), Zero Trust, GitHub, Continuous Integration (CI), IT Security, DevSecOps, TypeScript, Amazon Elastic Container Service (ECS), AWS IAM, Amazon CloudWatch, Containers, Architecture, AWS CodeCommit, AWS DevOps, AWS ECS Fargate, AWS CodeBuild, Amazon Simple Notification Service (SNS), Networking, Virtualization, Cloud

DevOps Engineer

2020 - 2021

eBricks

Managed Kubernetes-based deployments for Mesmer AI, an accessibility-focused product, ensuring stable and reliable delivery across development and production environments.
Automated infrastructure configuration and provisioning using Ansible Tower, reducing manual operational overhead and improving environment consistency across the platform.
Contributed to containerization efforts using Docker, supporting the transition of core services into portable, reproducible deployment units.
Documented operational processes and deployment procedures, improving team knowledge sharing and reducing onboarding time for new engineers.

Technologies: Docker, Amazon Web Services (AWS), Ansible Tower, Ansible Playbooks, Terraform, DevOps, YAML, Google Cloud Platform (GCP), Kubernetes, Continuous Development (CD), Software Development Lifecycle (SDLC), GitHub Actions, Infrastructure as Code (IaC), Helm, Observability, Monitoring, Site Reliability Engineering (SRE), Google Kubernetes Engine (GKE), CI/CD Pipelines, Kubernetes HorizontalPodAutoscaler (HPA), Logging, MongoDB Atlas, NGINX, Docker Compose, Transport Layer Security (TLS), Containerization, Scripting, Role-based Access Control (RBAC), Continuous Delivery (CD), GitHub, AWS IAM, Azure, Containers, Networking, Cloud

Back-end Developer

2019 - 2019

Sofit

Designed and implemented RESTful APIs using Node.js and Express.js, serving as the primary back end for client-facing applications, handling thousands of daily requests with consistent sub-200ms response times.
Built and maintained MongoDB data models and aggregation pipelines that supported complex querying needs, reducing average query execution time by optimizing indexing strategies and schema design across multiple collections.
Developed authentication and authorization middleware, integrated third-party services via APIs, and established error-handling and logging patterns that improved debugging efficiency and reduced incident resolution time across the back-end codebase.

Technologies: JavaScript, Node.js, Software Development Lifecycle (SDLC), Development, Amazon Web Services (AWS), CI/CD Pipelines, Testing, Express.js, NoSQL, REST APIs, Git, Linux, Databases, Server Optimization, React

Experience

FirstClass Healthcare | Enterprise Clinical Infrastructure

http://firstclasshealthcare.com

Designed and delivered the cloud infrastructure backbone for a HIPAA-compliant correctional health management system serving 500+ clinical staff across high-security institutional environments. I led the full infrastructure lifecycle, from environment architecture to security hardening and CI/CD automation.

I replaced legacy bastion access with Teleport for zero-trust connectivity and full session auditing, implemented Infisical for centralized, encrypted secrets management across all CI/CD and runtime workloads, and shifted security left by integrating SAST into pipelines with severity-based build gates and hardened base images. I also designed a multi-environment setup with Qovery-integrated ephemeral deployments for rapid feature validation. Finally, I tuned WAF policies with targeted rate limiting and bot mitigation to protect sensitive clinical endpoints.

Honeycomb - High-availability Fintech & Insurtech Platform

https://www.honeycombcredit.com/

Architected and secured the cloud infrastructure for a modern digital insurance marketplace and underwriting engine serving 1M+ monthly active users. Took ownership of a full infrastructure security redesign using Pulumi to standardize environment provisioning, enforce compliance guardrails, and eliminate configuration drift across staging and production.
Ensured PCI-DSS alignment and 99.9% uptime across high-volume financial transaction workflows. Replaced static credentials with Teleport for identity-aware, short-lived access to Kubernetes and cloud resources with full session auditing. Centralized secrets management via Infisical for encrypted, auditable injection across CI/CD and runtime. Embedded Trivy container scanning into GitHub Actions workflows, enforcing vulnerability gates before production promotion. Designed and tuned Cloud Armor policies with behavioral filtering to protect underwriting and payment APIs. Defined autoscaling strategies aligned with underwriting traffic patterns and latency SLOs to sustain stability during peak transaction windows.

Aytics - Custom Government Technology Platform

http://aytics.com

Aytics is a govtech platform that delivers custom technology solutions for county governments, replacing outdated systems with modern software for citizen portals, workflow automation, GIS integration, analytics dashboards, and custom databases. Architected and deployed the back end as Dockerized applications on managed cloud services, designed for high availability and reliability, given the critical nature of government operations. Built end-to-end CI/CD pipelines with security gates at every stage, including dependency scanning, secret detection, and vulnerability checks, meeting public-sector compliance standards. Managed all infrastructure through infrastructure as code, ensuring reproducible and auditable environments. Configured monitoring and observability covering metrics, logs, and tracing for proactive incident detection. Cost optimization was a core constraint, balancing strict availability requirements against public-sector budget realities through right-sizing, auto-scaling, and efficient resource utilization

Reventure - Real Estate Intelligence & Data Lake Platform

Designed and delivered scalable cloud infrastructure for a data-intensive real estate analytics platform serving 400,000+ monthly active users, powering housing market intelligence, neighborhood demographics, and investment forecasting tools for property investors.
Led the containerization of data-processing workloads and their deployment to Kubernetes, enforcing consistency across development and production environments. Built large-scale data aggregation and analytics pipelines underpinning predictive investment dashboards with high query volumes. Implemented horizontal pod autoscaling and resource tuning strategies to absorb periodic traffic spikes without degradation. Optimized database interactions and background processing jobs to materially reduce latency across analytics queries and improve dashboard responsiveness. Strengthened observability across the cluster by improving monitoring and logging coverage, enabling faster identification of performance bottlenecks in data-intensive workloads.

Education

2014 - 2018

Bachelor's Degree in Software Engineering

Foundation University - Islamabad, Pakistan

Certifications

MAY 2026 - PRESENT

AWS Partner: Technical Accredited

Amazon Web Services

OCTOBER 2024 - OCTOBER 2026

GCP Professional Cloud Architect

Google Cloud

SEPTEMBER 2024 - PRESENT

Datadog Fundamentals

Datadog

Skills

Libraries/APIs

Node.js, REST APIs, React

Tools

Terraform, Helm, Google Kubernetes Engine (GKE), Amazon EKS, Kubernetes HorizontalPodAutoscaler (HPA), Grafana, GitLab CI/CD, Logging, NGINX, Docker Compose, GitHub, Amazon Elastic Container Service (ECS), AWS IAM, Amazon CloudWatch, Azure Kubernetes Service (AKS), CircleCI, Jenkins, GitLab, Ansible Tower, MongoDB Atlas, Git, Prefect, AWS Fargate, AWS CodeCommit, AWS CodeBuild, Amazon Simple Notification Service (SNS)

Paradigms

Continuous Development (CD), DevOps, HIPAA Compliance, Role-based Access Control (RBAC), Continuous Delivery (CD), Continuous Integration (CI), DevSecOps, Agile, Automation, Testing, Microservices Architecture

Platforms

Google Cloud Platform (GCP), Kubernetes, Docker, Amazon Web Services (AWS), Linux, Amazon EC2, Cloud Run, AWS Lambda, Azure, New Relic

Storage

Amazon S3 (AWS S3), Datadog, MySQL, PostgreSQL, Redis, On-premise, NoSQL, Databases, Auto-scaling Cloud Infrastructure

Languages

Python, TypeScript, YAML, Bash, JavaScript

Industry Expertise

Healthcare

Frameworks

Express.js

Other

GitHub Actions, Infrastructure as Code (IaC), Site Reliability Engineering (SRE), CI/CD Pipelines, Transport Layer Security (TLS), Containerization, Healthcare Software, Containers, Cloud, Networking, Security, Compliance, Solution Architecture, Cloud Architecture, Observability, Monitoring, Pulumi, Web Application Firewall (WAF), Cloud Security, Trivy, Infisical, Cloud Compliance, PCI DSS, Cloudflare, Amazon RDS, Server Optimization, Performance, Google Cloud Build, Podman, HIPAA, SOC Compliance, Disaster Recovery (DR), Scripting, Zero Trust, IT Security, Healthcare Services, SOC 2, Architecture, Virtualization, Software Development Lifecycle (SDLC), Cryptography, Data Structures, Operating Systems, Qovery, Google Cloud Security Command Center (SCC), Teleport, Prometheus, Ansible Playbooks, Snyk, GitOps, Platform Engineering, Development, SecOps, SSL, High Availability (HA), AWS Control Tower, Amazon GuardDuty, Atlantis, API Gateways, AWS DevOps, AWS ECS Fargate

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring