Ahmed Elgamal
Verified Expert in Engineering
Cloud Architect and Software Developer
Cologne, North Rhine-Westphalia, Germany
Toptal member since January 20, 2023
Ahmed has 14 years of experience working as a cloud architect and consultant with enterprise clients worldwide. Ahmed loves to transform business ideas into products, modernize old products and build cloud architecture for his clients to help them leverage the power and scale of the cloud.
Portfolio
Experience
Availability
Preferred Environment
Amazon Web Services (AWS), Serverless Architecture, Architecture, Kubernetes, Amazon EKS, AWS Lambda, DevOps, Argo CD, Terraform, AWS CloudFormation
The most amazing...
...projects I've created and operated are 100+ production-grade Kubernetes clusters on AWS for BMW, Ford, Audi, Volkswagen, Siemens, Roche, Bayer, and Amazon.
Work Experience
Senior Cloud Architect
Amazon Web Services (AWS)
- Served as a chief cloud architect and program lead for Siemens Teamcenter SaaS on Amazon EKS in a team of 90 consultants for 24 months.
- Managed eight development teams, each of eight members, to get Teamcenter SaaS with 24% cost reduction, using my experience in AWS, DevOps, Kubernetes, SaaS, Terraform, Ansible, Python, C++, Git, GitLab, Helm, GitOps, ArgoCD, GitLab CI, and CI/CD.
- Interviewed 150+ developers from two well-known consultancy companies to join the team in building multi-tenant SaaS solutions on top of Teamcenter. It has been quite a journey that cost around $10 million.
- Used infrastructure as code (IaC) AWS CDK to automate infrastructure provisioning on AWS, including Amazon EKS cluster and Argo CD for GitOps automated deployments, Argo Workflows for CI, and AWS Service Catalog for on-click tenant onboarding.
- Mentored 12+ new joiners into the team to get them up to speed and helped with scrum ceremonies such as backlog grooming. I was the key person implementing and documenting SOC2 compliance mechanisms.
- Built advanced multi-tenant architecture based on Amazon EKS for Siemens Simcenter with chargeback mechanisms for large-scale high-performance compute (HPC) clusters scaling from 20–2,000 worker nodes on demand using AWS Karpenter.
- Used custom ENI configuration for Amazon EKS VPC CNI plugin that allows the pods to run in a separate non-routable IP CIDR. The overall infrastructure is automated using AWS CDK and unit tests to validate the resulting templates.
- Built MLOps pipelines for healthcare and life science company Roche using the Kubeflow machine learning toolkit on top of Amazon EKS clusters and Rancher Fleet.
- Architected and implemented Schneider Electric's EcoStruxure for Amazon fulfillment centers on Amazon EKS for monitoring and automatically patching on-premise uninterruptible power supply (UPS) and central air conditioner units.
- Led the cloud architect community in AWS Germany, including interviewing candidates, mentoring new joiners, building improvement plans, and helping colleagues get promoted. Led office hours to answer ad-hoc questions for consultants and customers.
Hybrid Cloud Architect
Accenture
- Built a global data lake on AWS following the FAIR principles—findability, accessibility, interoperability, and reusability.
- Set standards for data sharing mechanisms for Bayer worldwide.
- Oversaw the onboarding of 1,000+ datasets globally across US, Canada, EU, and APAC.
Senior Solutions Architect
CIT Global
- Developed and operated four replicated Kubernetes clusters in Africa across Kenya, Ghana, Nigeria, and Botswana to host highly available mobile banking applications operating in 40+ countries.
- Built microservices architecture implementing all cloud scaling features on-premises having automated provisioning and deployment for system components to maintain auto-scaling resilient clusters.
- Led the operation teams and SREs for the system and implemented disaster recovery plans (playbooks) to fail-over among the four clusters.
Integration Architect
IBM
- Filed a patent for text analysis in USPTO on partial match derivation using text analysis. More information can be found under patent number US9471627B2.
- Joined the application innovation team in Toronto to design and develop the text processing and natural language understanding used for IBM's automated help center, IBM Support portal adviser.
- Contributed to a patent along with the project team in text analysis and partial match extraction.
Senior Software Developer
ITS
- Designed and implemented middleware integration layer between ETHIX internet banking system and core banking system.
- Built integration with the SWIFT payment interface for international wire transfers.
- Sorted out external payment gateway integration and provide an in-house sandbox for testing purposes.
Experience
Siemens Teamcenter SaaS
https://www.plm.automation.siemens.com/global/de/products/collaboration/cloud-plm-pdm.htmlMY ROLE
• Helped build software-as-a-service SaaS from Teamcenter, one of the flagship products from Siemens and leading product lifecycle management (PLM) software worldwide. It has been used for almost all products you have used, starting from kid's shoes to building an airplane.
• Served as a chief cloud architect and program lead in a team of 90 for 24 months.
• Acted as the key architect on the project, having eight development teams working with me to get every single component of Teamcenter containerized.
• Led hackathons to get the team up to speed with new tech and work on solving challenges together. I had to do 150+ technical interviews to build the team.
TECHNOLOGY
Main technologies include AWS, DevOps, Kubernetes, SaaS, Terraform, Ansible, Python, C++, Git, GitLab, Helm, GitOps, Argo CD, GitLab-CI, CI/CD, and operations.
Schneider Electric | EcoStruxure for Amazon
https://www.se.com/de/de/product-range/62111-ecostruxure-building-operation/?selected-node-id=12661185579MY ROLE
• Served as a lead cloud and DevOps architect in a team of five consultants for seven months.
• Detailed the architecture and layout for network design in one week involving Schneider Electric and Amazon fulfillment center teams to get ready for InfoSec response. The response includes future requirements for rolling out the solution into four AWS regions that will be interconnected to each other and also to Amazon's corporate network. As a result, InfoSec has approved the corporate connectivity request from the first attempt.
• Dove deep into all architectural details during daily stand-up meetings while keeping Schneider Electric involved in discussing all architectural topics and getting InfoSec requests approved.
Bayer Consumer Health | Global Smart Factory
Bayer built a smart factory POC in Grenzach, Germany, during Q4 2020 to take the industrial standards to the next level within the company. Another engagement started in Q1 2021 to go from Grenzach POC to Grenzach production-ready solution for the customer. This engagement is about scaling it to be deployed worldwide in 12 different factories across the globe. Bayer aims to establish the innovative work done in Grenzach by AWS ProServe as the new standard for manufacturing worldwide.
Roche | Enterprise Cloud Analytics Service (ECAS)
https://www.youtube.com/watch?v=OXMqImZ7cBY&themeRefresh=1• Nominated as the go-to person for all inquiries related to architecture from both Roche and AWS sides, including how the system will be segregated through different business units. ECAS 1.0 was built in 2.5 months and delivered by June 30, 2020. ECAS got GxP qualified by Q1 2021, and a 2-year roadmap was built for use cases to run on top of ECAS core infrastructure, account vending, and data-sharing mechanisms introduced by DataHub.
• Expedited the learning curve for partners to familiarize them with the security standards in ECAS and helped find innovative solutions for every obstacle the partner had in mind.
• Played the leading role in defining customer challenges by earning the trust of ECAS's main stakeholders. I steered requirements definition with Roche while building ECAS, such as how this system should fit into the current Roche organization structure and the separation of concerns and responsibilities.
Roche | ML Orchestration with Kubeflow
https://aws.amazon.com/blogs/opensource/managing-eks-clusters-rancher/MY ROLE
Served as a lead DevOps consultant in a team of six for eight months.
PROJECT BRIEF
After 2.5 months, the first phase of ECAS 2.0 was delivered in November 2020 and presented to 240+ attendees from Roche US and EU teams. The first version of Kubeflow was deployed, and a sample machine-learning pipeline was running. Models are deployed and served using AWS SageMaker endpoints. After the first demo, the Roche ECAS team received 40+ data science projects as early adopters for ECAS 2.0. Early adopters were scheduled to start in April 2021 to use the system and give feedback on what is important for them to focus on and deliver.
Bayer | FAIR Global Data Lake
Bayer's pharmaceuticals division, like units of most big corporations, generates lots of data but, until recently, managed to leverage only a small amount of it. Thanks to a pilot project, part of the company's advancing digital transformation initiative, it's making better use of data, and its plant in Garbagnate, Italy, has become a "lighthouse" factory teaching others how to do the same.
MY ROLE
• Built a global data lake on AWS that follows FAIR principles.
• Worked as an AWS cloud architect in a team of five for nine months.
• Used AWS, DevOps, and Terraform heavily, especially Amazon EMR, Amazon EKS, GitLab, Docker, Packer, and Terraform workspaces to maintain mature production-grade provisioning automation for the data science environment on demand.
• Worked closely with the product owner on backlog grooming, prioritization, and breakdown and supported team members technically.
• Built a multi-tenant solution to provide EMR clusters for data scientists to experiment on their datasets easily. It was challenging because of data governance, GDPR, security, and scalability of 200+ petabytes of data stored worldwide.
Siemens | Simcenter HPC Simulation
https://www.plm.automation.siemens.com/global/en/products/simcenter/• Acted as a lead AWS cloud and DevOps architect in a team of seven for 12 months.
• Transformed the Siemens Simcenter simulation cluster to use Amazon EKS on AWS. The software is used to run complex simulations for engines, for example, leveraging the scale of AWS.
• Migrated the software to Kubernetes clusters on AWS and built chargeback mechanisms and disaster recovery strategies.
• Used IaC AWS CDK to automate infrastructure provisioning on AWS, including Amazon EKS cluster and Argo CD for GitOps automated deployments, Service Catalog for on-click tenant onboarding, AWS Secrets Manager, AWS Systems Manager, and AWS SSM Patch Manager for patching the instances.
• Played a key role in implementing and documenting SOC2 compliance mechanisms.
• Introduced advanced multi-tenant architecture based on Amazon EKS-managed Kubernetes clusters with chargeback mechanisms, which was never easy for large-scale HPC clusters. HPC needed excessive scaling from 20–2,000 worker nodes on demand, which was also challenging.
• Implemented an advanced auto-scaler using Karpenter.
UBA Bank Mobile Payment
https://www.ubagroup.com/nigeria/personal-banking/digital-banking/mobile-banking/MY ROLE
Oversaw the microservice architecture, implementing all cloud scaling features on-premises having automated provisioning and deployment for system components to maintain autoscaling resilient clusters.
Education
Bachelor's Degree in Computer Engineering
Mansoura University - Mansoura, Egypt
Certifications
AWS Certified Security – Speciality
Amazon Web Services
AWS Certified Solutions Architect
Amazon Web Services
Skills
Libraries/APIs
Amazon API, Node.js
Tools
Amazon EKS, Terraform, AWS CloudFormation, GitLab, Amazon Virtual Private Cloud (VPC), AWS IAM, Helm, NGINX, Amazon CloudWatch, Grafana, GitHub, Amazon Elastic Container Service (ECS), Jenkins, Azure Kubernetes Service (AKS), Azure Key Vault, Amazon CloudFront CDN, Amazon Simple Queue Service (SQS), Google Kubernetes Engine (GKE), AWS CodeBuild, Git, Amazon Simple Email Service (SES), Amazon ElastiCache, AWS Fargate, Amazon WorkSpaces, Istio, AWS CodeDeploy, VPN, Ansible, GitLab CI/CD, Amazon SageMaker, AWS Service Catalog, AWS Step Functions, Amazon Elastic MapReduce (EMR), CAD, Ansible Tower, IBM MQ, MQTT, Kibana
Languages
Python, Java, SQL, Bash, Go, C++, Python 3
Frameworks
Spring Boot, Ionic 4, Windows PowerShell
Paradigms
Serverless Architecture, DevOps, Agile, Microservices, Azure DevOps, DevSecOps, Continuous Delivery (CD)
Platforms
Kubernetes, AWS Lambda, Amazon EC2, Google Cloud Platform (GCP), Azure, Amazon Web Services (AWS), Docker, Linux, Amazon Lightsail, AWS Elastic Beanstalk, Unix, Apache Flink, Apache Kafka, AWS IoT, Kubeflow, MuleSoft, Mule ESB, IBM WebSphere, WebSphere MQ, Oracle
Storage
Amazon S3 (AWS S3), Datadog, Amazon Aurora, PostgreSQL, Redis, On-premise, Sybase
Industry Expertise
Cybersecurity, Healthcare
Other
Architecture, Argo CD, Software, GitOps, Amazon RDS, AWS DevOps, Identity & Access Management (IAM), Kubernetes Operations (kOps), Documentation, Site Reliability Engineering (SRE), IT Security, CI/CD Pipelines, Application Monitoring, Monitoring, Web Application Firewall (WAF), Azure Virtual Networks, Machine Learning Operations (MLOps), Enterprise Architecture, Karpenter, Cloud Services, Load Balancers, Scalability, Cloud Architecture, Security, Vulnerability Assessment, Hybrid Cloud Infrastructure, Container Orchestration, Infrastructure as Code (IaC), Prometheus, AWS Certified Solution Architect, Networking, WebSockets, AWS VPN, Command-line Interface (CLI), SOC 2, GitHub Actions, Containerization, DevOps Engineer, AWS Certified Developer, API Gateways, AWS NAT Gateway, Configuration Management, Cloud Infrastructure, Containers, Solution Architecture, Amazon MSK, Multitenancy, Authentication, FedRAMP, Certifications, Disaster Recovery Plans (DRP), Disaster Recovery Consulting, Cloudflare, AWS CodePipeline, AWS Auto Scaling, Kueue, Redis Cloud, Full-stack Development, Platform Engineering, Big Data, Proxies, Cloud, Amazon Kinesis, Amazon Neptune, IoT Security, Cloud Security, Infrastructure, Healthcare Services, Machine Learning, Amazon Machine Learning, Forensics & CSI, AWS Control Tower, AWS Landing Zone, AWS Transit Gateway, Data Science, Cordova, SaaS, 3D CAD, Argo Rollouts, Migration, Data Migration, Cloud Migration, User Self-service, Oracle WebLogic Application Server, Mastercard, WebLogic
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring