Ahmed Elgamal, Developer in Cologne, North Rhine-Westphalia, Germany
Ahmed is available for hire
Hire Ahmed

Ahmed Elgamal

Verified Expert  in Engineering

Cloud Architect and Software Developer

Location
Cologne, North Rhine-Westphalia, Germany
Toptal Member Since
January 20, 2023

Ahmed has 14 years of experience working as a cloud architect and consultant with enterprise clients worldwide. Ahmed loves to transform business ideas into products, modernize old products and build cloud architecture for his clients to help them leverage the power and scale of the cloud.

Portfolio

Amazon Web Services (AWS)
Terraform, AWS Lambda, Architecture, Cloud, Kubernetes, Amazon EKS, GitOps...
Accenture
Google Cloud Platform (GCP), Azure, Cloud, Migration, Big Data, Data Migration...
CIT Global
Java, Cloud, Kubernetes, GitLab, GitLab CI/CD...

Experience

Availability

Full-time

Preferred Environment

Amazon Web Services (AWS), Serverless Architecture, Architecture, Kubernetes, Amazon EKS, AWS Lambda, DevOps, Argo CD, Terraform, AWS CloudFormation

The most amazing...

...projects I've created and operated are 100+ production-grade Kubernetes clusters on AWS for BMW, Ford, Audi, Volkswagen, Siemens, Roche, Bayer, and Amazon.

Work Experience

Senior Cloud Architect

2019 - 2022
Amazon Web Services (AWS)
  • Served as a chief cloud architect and program lead for Siemens Teamcenter SaaS on Amazon EKS in a team of 90 consultants for 24 months.
  • Managed eight development teams, each of eight members, to get Teamcenter SaaS with 24% cost reduction, using my experience in AWS, DevOps, Kubernetes, SaaS, Terraform, Ansible, Python, C++, Git, GitLab, Helm, GitOps, ArgoCD, GitLab CI, and CI/CD.
  • Interviewed 150+ developers from two well-known consultancy companies to join the team in building multi-tenant SaaS solutions on top of Teamcenter. It has been quite a journey that cost around $10 million.
  • Used infrastructure as code (IaC) AWS CDK to automate infrastructure provisioning on AWS, including Amazon EKS cluster and Argo CD for GitOps automated deployments, Argo Workflows for CI, and AWS Service Catalog for on-click tenant onboarding.
  • Mentored 12+ new joiners into the team to get them up to speed and helped with scrum ceremonies such as backlog grooming. I was the key person implementing and documenting SOC2 compliance mechanisms.
  • Built advanced multi-tenant architecture based on Amazon EKS for Siemens Simcenter with chargeback mechanisms for large-scale high-performance compute (HPC) clusters scaling from 20–2,000 worker nodes on demand using AWS Karpenter.
  • Used custom ENI configuration for Amazon EKS VPC CNI plugin that allows the pods to run in a separate non-routable IP CIDR. The overall infrastructure is automated using AWS CDK and unit tests to validate the resulting templates.
  • Built MLOps pipelines for healthcare and life science company Roche using the Kubeflow machine learning toolkit on top of Amazon EKS clusters and Rancher Fleet.
  • Architected and implemented Schneider Electric's EcoStruxure for Amazon fulfillment centers on Amazon EKS for monitoring and automatically patching on-premise uninterruptible power supply (UPS) and central air conditioner units.
  • Led the cloud architect community in AWS Germany, including interviewing candidates, mentoring new joiners, building improvement plans, and helping colleagues get promoted. Led office hours to answer ad-hoc questions for consultants and customers.
Technologies: Terraform, AWS Lambda, Architecture, Cloud, Kubernetes, Amazon EKS, GitOps, Argo CD, Amazon Kinesis, Apache Flink, AWS IoT, GitLab, GitLab CI/CD, Amazon Web Services (AWS), Docker, Python, Documentation, Site Reliability Engineering (SRE), Amazon CloudWatch, Grafana, Microservices, GitHub, Amazon Elastic Container Service (Amazon ECS), Jenkins, CI/CD Pipelines, Application Monitoring, Datadog, Monitoring, Web Application Firewall (WAF), Linux, Bash, Machine Learning Operations (MLOps), Amazon CloudFront CDN, Amazon Aurora, Amazon S3 (AWS S3), Helm, Amazon Simple Queue Service (SQS), Enterprise Architecture, AWS CloudFormation, Karpenter, Cloud Services, Load Balancers, Scalability, Cloud Architecture, DevSecOps, Security, Vulnerability Assessment, Hybrid Cloud Infrastructure, Container Orchestration, Infrastructure as Code (IaC), Cybersecurity, Prometheus, AWS Certified Solution Architect, Amazon API, Go, Google Kubernetes Engine (GKE), Networking, Proxies, WebSockets, AWS VPN, Command-line Interface (CLI), Node.js, SOC 2, Healthcare, GitHub Actions, Containerization, AWS CodeBuild, DevOps Engineer, API Gateways, PostgreSQL, AWS NAT Gateway, Git, Cloud Infrastructure, Containers, Solution Architecture, Amazon MSK, Amazon Simple Email Service (SES), Amazon ElastiCache, AWS Fargate, Amazon WorkSpaces, Amazon Lightsail, Istio, Multitenancy, Authentication, FedRAMP, Certifications, Disaster Recovery Plans (DRP), Disaster Recovery Consulting, IT Security

Hybrid Cloud Architect

2018 - 2019
Accenture
  • Built a global data lake on AWS following the FAIR principles—findability, accessibility, interoperability, and reusability.
  • Set standards for data sharing mechanisms for Bayer worldwide.
  • Oversaw the onboarding of 1,000+ datasets globally across US, Canada, EU, and APAC.
Technologies: Google Cloud Platform (GCP), Azure, Cloud, Migration, Big Data, Data Migration, Cloud Migration, User Self-service, Amazon Web Services (AWS), Docker, Python, Documentation, Site Reliability Engineering (SRE), Amazon CloudWatch, Grafana, Microservices, GitHub, Amazon Elastic Container Service (Amazon ECS), Jenkins, CI/CD Pipelines, Windows PowerShell, Azure Kubernetes Service (AKS), Application Monitoring, Kibana, Datadog, Monitoring, Web Application Firewall (WAF), Azure Virtual Networks, Azure Key Vault, Linux, Bash, Machine Learning Operations (MLOps), Amazon CloudFront CDN, Amazon Aurora, Amazon S3 (AWS S3), Amazon RDS, Helm, Amazon Simple Queue Service (SQS), Enterprise Architecture, AWS CloudFormation, Karpenter, Cloud Services, Load Balancers, Scalability, Cloud Architecture, DevSecOps, Security, Vulnerability Assessment, Hybrid Cloud Infrastructure, Container Orchestration, Infrastructure as Code (IaC), Cybersecurity, Prometheus, AWS Certified Solution Architect, Amazon API, Google Kubernetes Engine (GKE), Networking, Proxies, WebSockets, AWS VPN, Command-line Interface (CLI), Node.js, SOC 2, Healthcare, GitHub Actions, Containerization, AWS CodeBuild, DevOps Engineer, API Gateways, PostgreSQL, AWS NAT Gateway, Git, Cloud Infrastructure, Containers, Solution Architecture, Spring Boot, Amazon MSK, Amazon Simple Email Service (SES), Amazon ElastiCache, AWS Fargate, Amazon WorkSpaces, Amazon Lightsail, Istio, Multitenancy, Authentication, FedRAMP, Certifications, Disaster Recovery Plans (DRP), Disaster Recovery Consulting, IT Security

Senior Solutions Architect

2016 - 2018
CIT Global
  • Developed and operated four replicated Kubernetes clusters in Africa across Kenya, Ghana, Nigeria, and Botswana to host highly available mobile banking applications operating in 40+ countries.
  • Built microservices architecture implementing all cloud scaling features on-premises having automated provisioning and deployment for system components to maintain auto-scaling resilient clusters.
  • Led the operation teams and SREs for the system and implemented disaster recovery plans (playbooks) to fail-over among the four clusters.
Technologies: Java, Cloud, Kubernetes, GitLab, GitLab CI/CD, Oracle WebLogic Application Server, NGINX, MuleSoft, Mule ESB, IBM MQ, MQTT, Mastercard, Amazon Web Services (AWS), Docker, Documentation, Site Reliability Engineering (SRE), Amazon CloudWatch, Grafana, Microservices, GitHub, Amazon Elastic Container Service (Amazon ECS), Jenkins, SQL, Azure, CI/CD Pipelines, Azure Kubernetes Service (AKS), Application Monitoring, Kibana, Datadog, Monitoring, Web Application Firewall (WAF), Azure Virtual Networks, Azure Key Vault, Linux, Bash, Google Cloud Platform (GCP), Amazon CloudFront CDN, Amazon Aurora, Amazon S3 (AWS S3), Amazon RDS, Helm, Amazon Simple Queue Service (SQS), Enterprise Architecture, AWS CloudFormation, Cloud Services, Load Balancers, Scalability, Cloud Architecture, DevSecOps, Security, Vulnerability Assessment, Hybrid Cloud Infrastructure, Container Orchestration, Infrastructure as Code (IaC), Cybersecurity, Prometheus, AWS Certified Solution Architect, Amazon API, Google Kubernetes Engine (GKE), Networking, Proxies, WebSockets, AWS VPN, Command-line Interface (CLI), Node.js, SOC 2, Containerization, AWS CodeBuild, DevOps Engineer, API Gateways, PostgreSQL, AWS NAT Gateway, Git, Cloud Infrastructure, Containers, Solution Architecture, Spring Boot, Amazon MSK, Amazon Simple Email Service (SES), AWS Fargate, Amazon Lightsail, Istio, Multitenancy, Authentication, Certifications, Disaster Recovery Plans (DRP), Disaster Recovery Consulting, IT Security

Integration Architect

2011 - 2014
IBM
  • Filed a patent for text analysis in USPTO on partial match derivation using text analysis. More information can be found under patent number US9471627B2.
  • Joined the application innovation team in Toronto to design and develop the text processing and natural language understanding used for IBM's automated help center, IBM Support portal adviser.
  • Contributed to a patent along with the project team in text analysis and partial match extraction.
Technologies: Java, Cloud, IBM MQ, IBM WebSphere, WebSphere MQ, Amazon Web Services (AWS), Docker, Documentation, Amazon CloudWatch, Microservices, Amazon Elastic Container Service (Amazon ECS), SQL, CI/CD Pipelines, Azure Kubernetes Service (AKS), Application Monitoring, Web Application Firewall (WAF), Linux, Amazon CloudFront CDN, Amazon S3 (AWS S3), Amazon Simple Queue Service (SQS), Enterprise Architecture, Cloud Services, Load Balancers, Scalability, Cloud Architecture, Security, Vulnerability Assessment, Hybrid Cloud Infrastructure, Container Orchestration, Infrastructure as Code (IaC), Cybersecurity, Prometheus, AWS Certified Solution Architect, Amazon API, Google Kubernetes Engine (GKE), Networking, Proxies, WebSockets, AWS VPN, Command-line Interface (CLI), Node.js, Containerization, AWS CodeBuild, API Gateways, Git, Cloud Infrastructure, Containers, Solution Architecture, Spring Boot, Authentication, Disaster Recovery Plans (DRP), Disaster Recovery Consulting

Senior Software Developer

2009 - 2011
ITS
  • Designed and implemented middleware integration layer between ETHIX internet banking system and core banking system.
  • Built integration with the SWIFT payment interface for international wire transfers.
  • Sorted out external payment gateway integration and provide an in-house sandbox for testing purposes.
Technologies: Java, WebLogic, Oracle, Sybase, Amazon Web Services (AWS), Documentation, GitHub, SQL, CI/CD Pipelines, Application Monitoring, Web Application Firewall (WAF), Linux, Bash, Amazon CloudFront CDN, Amazon S3 (AWS S3), Amazon Simple Queue Service (SQS), Enterprise Architecture, Cloud Services, Load Balancers, Scalability, Security, Vulnerability Assessment, Container Orchestration, Infrastructure as Code (IaC), Cybersecurity, Prometheus, AWS Certified Solution Architect, Amazon API, Google Kubernetes Engine (GKE), Networking, WebSockets, AWS VPN, Command-line Interface (CLI), Node.js, Containerization, Git, Cloud Infrastructure, Containers, Spring Boot, Authentication, Disaster Recovery Consulting

Siemens Teamcenter SaaS

https://www.plm.automation.siemens.com/global/de/products/collaboration/cloud-plm-pdm.html
Teamcenter has 60 million lines of C++ code and I started with presales activities to get the SoW detailed out, then joined the project as the chief architect from AWS. I interviewed 120+ developers from two well-known consultancy companies to join the team and worked with them closely to build multi-tenant SaaS solutions on top of Teamcenter.

MY ROLE
• Helped build software-as-a-service SaaS from Teamcenter, one of the flagship products from Siemens and leading product lifecycle management (PLM) software worldwide. It has been used for almost all products you have used, starting from kid's shoes to building an airplane.
• Served as a chief cloud architect and program lead in a team of 90 for 24 months.
• Acted as the key architect on the project, having eight development teams working with me to get every single component of Teamcenter containerized.
• Led hackathons to get the team up to speed with new tech and work on solving challenges together. I had to do 150+ technical interviews to build the team.

TECHNOLOGY
Main technologies include AWS, DevOps, Kubernetes, SaaS, Terraform, Ansible, Python, C++, Git, GitLab, Helm, GitOps, Argo CD, GitLab-CI, CI/CD, and operations.

Schneider Electric | EcoStruxure for Amazon

https://www.se.com/de/de/product-range/62111-ecostruxure-building-operation/?selected-node-id=12661185579
Amazon.com fulfillment center is retiring a legacy system for monitoring and automatically patching on-premise UPS and central air conditioner units and EcoStruxure is compatible with Azure Kubernetes Service, and Amazon fulfillment initiated migration to AWS so that they can effectively use it and connect it to Amazon corporate network.

MY ROLE
• Served as a lead cloud and DevOps architect in a team of five consultants for seven months.
• Detailed the architecture and layout for network design in one week involving Schneider Electric and Amazon fulfillment center teams to get ready for InfoSec response. The response includes future requirements for rolling out the solution into four AWS regions that will be interconnected to each other and also to Amazon's corporate network. As a result, InfoSec has approved the corporate connectivity request from the first attempt.
• Dove deep into all architectural details during daily stand-up meetings while keeping Schneider Electric involved in discussing all architectural topics and getting InfoSec requests approved.

Bayer Consumer Health | Global Smart Factory

OVERVIEW
Bayer built a smart factory POC in Grenzach, Germany, during Q4 2020 to take the industrial standards to the next level within the company. Another engagement started in Q1 2021 to go from Grenzach POC to Grenzach production-ready solution for the customer. This engagement is about scaling it to be deployed worldwide in 12 different factories across the globe. Bayer aims to establish the innovative work done in Grenzach by AWS ProServe as the new standard for manufacturing worldwide.

Roche | Enterprise Cloud Analytics Service (ECAS)

https://www.youtube.com/watch?v=OXMqImZ7cBY&themeRefresh=1
• Served as a lead cloud and DevOps architect in a team of seven for eight months with Roche to build automated, disposable AWS accounts that are secure using guardrails enforced by the central cloud competency team while costs should be easy to break down.
• Nominated as the go-to person for all inquiries related to architecture from both Roche and AWS sides, including how the system will be segregated through different business units. ECAS 1.0 was built in 2.5 months and delivered by June 30, 2020. ECAS got GxP qualified by Q1 2021, and a 2-year roadmap was built for use cases to run on top of ECAS core infrastructure, account vending, and data-sharing mechanisms introduced by DataHub.
• Expedited the learning curve for partners to familiarize them with the security standards in ECAS and helped find innovative solutions for every obstacle the partner had in mind.
• Played the leading role in defining customer challenges by earning the trust of ECAS's main stakeholders. I steered requirements definition with Roche while building ECAS, such as how this system should fit into the current Roche organization structure and the separation of concerns and responsibilities.

Roche | ML Orchestration with Kubeflow

https://aws.amazon.com/blogs/opensource/managing-eks-clusters-rancher/
The Roche data science community needed a global, GxP-qualified centrally-managed Amazon EKS cluster to enable data scientists and MLOps engineers to build ML pipelines for deploying models into the dev, QA, and prod stages, and the Roche RS community needed a Kubeflow machine learning toolkit for ML pipelines and model serving. While delivering an easy-to-use solution was the main goal of the engagement, security was still the main priority for Roche. Amazon EKS cluster was built on top of the ECAS 1.0 landing zone. ECAS is now a public reference for MLOps on AWS.

MY ROLE
Served as a lead DevOps consultant in a team of six for eight months.

PROJECT BRIEF
After 2.5 months, the first phase of ECAS 2.0 was delivered in November 2020 and presented to 240+ attendees from Roche US and EU teams. The first version of Kubeflow was deployed, and a sample machine-learning pipeline was running. Models are deployed and served using AWS SageMaker endpoints. After the first demo, the Roche ECAS team received 40+ data science projects as early adopters for ECAS 2.0. Early adopters were scheduled to start in April 2021 to use the system and give feedback on what is important for them to focus on and deliver.

Bayer | FAIR Global Data Lake

OVERVIEW
Bayer's pharmaceuticals division, like units of most big corporations, generates lots of data but, until recently, managed to leverage only a small amount of it. Thanks to a pilot project, part of the company's advancing digital transformation initiative, it's making better use of data, and its plant in Garbagnate, Italy, has become a "lighthouse" factory teaching others how to do the same.

MY ROLE
• Built a global data lake on AWS that follows FAIR principles.
• Worked as an AWS cloud architect in a team of five for nine months.
• Used AWS, DevOps, and Terraform heavily, especially Amazon EMR, Amazon EKS, GitLab, Docker, Packer, and Terraform workspaces to maintain mature production-grade provisioning automation for the data science environment on demand.
• Worked closely with the product owner on backlog grooming, prioritization, and breakdown and supported team members technically.
• Built a multi-tenant solution to provide EMR clusters for data scientists to experiment on their datasets easily. It was challenging because of data governance, GDPR, security, and scalability of 200+ petabytes of data stored worldwide.

Siemens | Simcenter HPC Simulation

https://www.plm.automation.siemens.com/global/en/products/simcenter/
MY ROLE
• Acted as a lead AWS cloud and DevOps architect in a team of seven for 12 months.
• Transformed the Siemens Simcenter simulation cluster to use Amazon EKS on AWS. The software is used to run complex simulations for engines, for example, leveraging the scale of AWS.
• Migrated the software to Kubernetes clusters on AWS and built chargeback mechanisms and disaster recovery strategies.
• Used IaC AWS CDK to automate infrastructure provisioning on AWS, including Amazon EKS cluster and Argo CD for GitOps automated deployments, Service Catalog for on-click tenant onboarding, AWS Secrets Manager, AWS Systems Manager, and AWS SSM Patch Manager for patching the instances.
• Played a key role in implementing and documenting SOC2 compliance mechanisms.
• Introduced advanced multi-tenant architecture based on Amazon EKS-managed Kubernetes clusters with chargeback mechanisms, which was never easy for large-scale HPC clusters. HPC needed excessive scaling from 20–2,000 worker nodes on demand, which was also challenging.
• Implemented an advanced auto-scaler using Karpenter.

UBA Bank Mobile Payment

https://www.ubagroup.com/nigeria/personal-banking/digital-banking/mobile-banking/
As UBA is one of the top five banks operating in Africa, serving mobile banking customers 24/7 in 19 countries and it was especially challenging as while maintaining all data confidentially away from public cloud solutions, having all auto-scaling features implemented on clustered data centers spread across multiple geo-regions. Using state-of-the-art technologies is always a key factor in maintaining high system availability, even in the worst cases of repetitive third-party failures.

MY ROLE
Oversaw the microservice architecture, implementing all cloud scaling features on-premises having automated provisioning and deployment for system components to maintain autoscaling resilient clusters.
2003 - 2008

Bachelor's Degree in Computer Engineering

Mansoura University - Mansoura, Egypt

NOVEMBER 2021 - PRESENT

AWS Certified Security – Speciality

Amazon Web Services

SEPTEMBER 2019 - PRESENT

AWS Certified Solutions Architect

Amazon Web Services

Libraries/APIs

Amazon API, Node.js

Tools

Amazon EKS, Terraform, AWS CloudFormation, GitLab, Amazon Virtual Private Cloud (VPC), AWS IAM, Helm, NGINX, Amazon CloudWatch, Grafana, GitHub, Amazon Elastic Container Service (Amazon ECS), Jenkins, Azure Kubernetes Service (AKS), Azure Key Vault, Amazon CloudFront CDN, Amazon Simple Queue Service (SQS), Google Kubernetes Engine (GKE), AWS CodeBuild, Git, Amazon Simple Email Service (SES), Amazon ElastiCache, AWS Fargate, Amazon WorkSpaces, Istio, VPN, Ansible, GitLab CI/CD, Amazon SageMaker, AWS Service Catalog, AWS Step Functions, Amazon Elastic MapReduce (EMR), CAD, Ansible Tower, IBM MQ, MQTT, Kibana

Frameworks

Spring Boot, Ionic 4, Windows PowerShell

Languages

Python, Java, SQL, Bash, Go, C++, Python 3

Paradigms

Serverless Architecture, DevOps, Agile, Microservices, Azure DevOps, DevSecOps, Continuous Delivery (CD), Data Science

Platforms

Kubernetes, AWS Lambda, Amazon EC2, Google Cloud Platform (GCP), Azure, Amazon Web Services (AWS), Docker, Linux, Amazon Lightsail, Unix, Apache Flink, Apache Kafka, AWS IoT, Kubeflow, MuleSoft, Mule ESB, IBM WebSphere, WebSphere MQ, Oracle

Storage

Amazon S3 (AWS S3), Datadog, Amazon Aurora, PostgreSQL, On-premise, Sybase

Industry Expertise

Cybersecurity, Healthcare

Other

Architecture, Argo CD, Software, GitOps, Amazon RDS, AWS DevOps, Identity & Access Management (IAM), Kubernetes Operations (kOps), Documentation, Site Reliability Engineering (SRE), IT Security, CI/CD Pipelines, Application Monitoring, Monitoring, Web Application Firewall (WAF), Azure Virtual Networks, Machine Learning Operations (MLOps), Enterprise Architecture, Karpenter, Cloud Services, Load Balancers, Scalability, Cloud Architecture, Security, Vulnerability Assessment, Hybrid Cloud Infrastructure, Container Orchestration, Infrastructure as Code (IaC), Prometheus, AWS Certified Solution Architect, Networking, WebSockets, AWS VPN, Command-line Interface (CLI), SOC 2, GitHub Actions, Containerization, DevOps Engineer, AWS Certified Developer, API Gateways, AWS NAT Gateway, Configuration Management, Cloud Infrastructure, Containers, Solution Architecture, Amazon MSK, Multitenancy, Authentication, FedRAMP, Certifications, Disaster Recovery Plans (DRP), Disaster Recovery Consulting, Big Data, Proxies, Cloud, Amazon Kinesis, Amazon Neptune, IoT Security, Cloud Security, Infrastructure, Healthcare Services, Machine Learning, Amazon Machine Learning, Forensics & CSI, AWS Control Tower, AWS Landing Zone, AWS Transit Gateway, Cordova, SaaS, 3D CAD, Argo Rollouts, Migration, Data Migration, Cloud Migration, User Self-service, Oracle WebLogic Application Server, Mastercard, WebLogic

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring