
Alaa Ahmed
Verified Expert in Engineering
Cloud Architect and DevOps Developer
Ramallah, Palestine
Toptal member since February 3, 2021
Ahmed is a highly-skilled cloud, security, and DevOps engineer. He is also a certified network security professional and a talented system and Linux engineer with a solid background in Docker, Docker Compose, Docker Swarm, Kubernetes, and shell scripting. He has the know-how of various cloud service providers, such as Microsoft Azure and AWS. His experiences include implementing vulnerability scanners, DevSecOps tools, enterprise VPN scenarios, and CI/CD pipelines using Azure DevOps and Jenkins.
Portfolio
Experience
- Linux - 10 years
- Azure - 7 years
- DevOps - 7 years
- Amazon Web Services (AWS) - 5 years
- Automation - 5 years
- DevSecOps - 4 years
- Terraform - 2 years
- Azure Kubernetes Service (AKS) - 2 years
Availability
Preferred Environment
Kubernetes, DevOps, DevSecOps, Static Application Security Testing (SAST), OWASP, Amazon Web Services (AWS), Terraform, Azure DevOps, Azure, CI/CD Pipelines
The most amazing...
...project I've worked on is implementing DevSecOps for Woven Azure Pipelines.
Work Experience
Azure DevOps Engineer
RedJade
- Configured and set up GPU-supported node pools, installed the Nvidia support package for K8S, and configured GPU metrics monitoring.
- Built Helm charts to deploy for developed applications deployment.
- Maintained GitHub actions pipeline and optimized performance and automation.
- Installed and configured Kubeflow components and create Kubeflow pipelines to automate MLOps.
Azure DevOps Engineer
Syn Tracts
- Developed and configured Docker images for AI services and deployed them for on-prem environments.
- Deployed AI Docker services on AKS and configured GitHub to automate the building, testing, and deployment phases.
- Configured GPU VMs and a node pool, scaled the deployment on GPUs, and configured required resources and monitoring tools.
Azure DevOps Engineer
Syntracts, Inc.
- Migrated the application to a Dockized version, creating a Docker file and testing it on Azure Virtual Machines.
- Built GitHub Actions to automate the building, testing, and deployment of various application components.
- Provisioned Azure Kubernetes Service and deployed the application for different environments, enabling Horizontal Pod Autoscaling (HPA).
DevOps Developer
GeneDx, LLC c/o Sema4
- Migrated portal services from one Azure tenant to a new one and migrated DB from VM-based to an Azure MySQL flexible server.
- Upgraded the architecture of the portal by migrating running containers to the Azure Kubernetes cluster.
- Configured and implemented Datadog alerts and monitoring rules to follow the application and its resources.
Azure DevOps Engineer
Z-Tech
- Managed Azure DevOps pipelines by creating code, building and pushing Docker, analyzing SCA security, scanning SAST, and deploying to AKS. Handled Azure resources, such as AKS, Azure VMs, Azure Vaults, Azure Functions, and Azure Logic Apps.
- Used Jira Kanban boards to follow tasks and work progress.
- Created and managed Azure DevOps pipelines to deploy application Dockers to AKS and mobile pipelines on Bitrise, code repositories on GitHub, and Terraform scripts for infrastructure automation.
DevSecOps Engineer
Woven Planet Holdings
- Configured DevSecOps tools for secret scanning, software decomposition analysis, static code testing, and dynamic application testing.
- Created GitHub Actions to automate the build and security process and deliver results.
- Created and managed AWS resources, including AWS EC2, AWS VPC, AWS ELB, AWS IAM, AWS S3, AWS RDS, AWS Fargate, CloudWatch, and CloudTrail.
DevOps Engineer
Logicteca Solutions
- Installed various Linux-based applications, including Apache, NGINX, HAproxy, Tomcat, Zimbra, Kurento, Asterisk, and many other applications and services.
- Created and managed AWS resources, including AWS EC2, AWS VPC, AWS ELB, AWS ECR, AWS S3, AWS RDS, security groups, AWS Fargate, CloudWatch, and Cloudtrail.
- Used Bash scripts, Docker, Docker Swarm, Kubernetes, and Ansible.
- Implemented DevSecOps for Azure Pipelines. Used SonarQube, WhiteSource Bolt, OWASP ZAP scanner, and the Glue framework.
- Managed a vulnerability assessment system and Azure and Office 365 advanced threat protection.
Information Security Instructor
University College of Applied Sciences
- Lectured on certified ethical hacking, pen-testing tools, network security, and wireless network security.
- Evaluated and mentored students taking the courses.
- Tested and utilized Kali Linux tools like Metasploit, ZAP, and Burp Suite.
System and Network Administrator
Islamic University of Gaza
- Conducted vulnerability scanning and took care of the application and network security.
- Served as a system and network administrator. My duties included network engineering, routing, switching, VoIP, VLAN, SAN, and network security.
- Performed security administration tasks, such as Windows Server. For virtualization, I used VMware ESXi, vCenter, vSAN, DRM, and vSphere suite.
- Conducted Linux Server administration and hardening using Apache, Tomcat, RADIUS, and Zimbra.
Experience
DevOps and Cloud Architect
• YAML files were prepared to deploy the application using customized PHP images, Nginx, and MySQL database.
• The service has been exposed to the internet using a load balancer.
• Secrets and keys were stored on Azure Key Vault and integrated with AKS.
DevSecOps for Azure Pipelines
• SonarQube was integrated with Azure pipelines to scan for vulnerabilities.
• WhiteSource Bolt has been integrated with Azure CI for the dependency check.
• OWASP ZAP was used to scan for vulnerabilities at the release stage (Azure CD pipeline).
Web Application Firewall
• Configuring and tuning of Cloudflare WAF.
• Implementing access rules based on the threat score.
• Implementing challenging rules for admin pages.
• Mitigating OWASP Top10 vulnerabilities.
• Auditing and troubleshooting of security incidents and false positives.
Education
Master's Degree in Computer Engineering
Islamic University of Gaza - Gaza, Palestine
Certifications
Microsoft Certified: Azure Security Engineer Associate
Microsoft
DevSecOps: Continuous Application Security
DevSecOps: Automated Security Testing
Fortinet Network Security Expert Level 4: Certified Professional
Fortinet
Cisco Networking: On-Premise and Cloud Solutions (OCSE)
Cisco
Certified Linux Administrator (LPIC-1)
Linux Professional Institute, Inc.
Skills
Libraries/APIs
Azure Blob Storage API, Azure API Management
Tools
GitHub, Helm, Docker Compose, Docker Swarm, Jenkins, Azure Kubernetes Service (AKS), Terraform, Azure Key Vault, CodeQL, Git, AWS Fargate, Azure Logic Apps, Azure Web Application Firewall, Amazon Virtual Private Cloud (VPC), CircleCI, AWS CloudFormation, Amazon CloudWatch, Sentry, Logging, Ansible, Ansible Tower, Grafana
Paradigms
DevOps, DevSecOps, Azure DevOps, Automation, Continuous Deployment
Platforms
Amazon Web Services (AWS), Windows Server, Azure, Windows, Linux, Kubernetes, Docker, AWS ALB, Azure Functions, Azure PaaS, Google Cloud Platform (GCP), Kubeflow
Industry Expertise
Network Security, Cybersecurity
Languages
Python, Java, SQL
Storage
Datadog, Azure Blobs, MySQL, Redis
Other
Firewalls, VMware ESXi, Fortinet Firewall Configuration, Vulnerability Identification, CI/CD Pipelines, System Administration, Security, Containerization, Containers, IT Security, DevOps Engineer, Infrastructure Security, Network Architecture, Code Review, Source Code Review, Solution Architecture, Architecture, Cloud Architecture, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Cloud, Application Security, Web Application Firewall (WAF), Office 365 Security, OWASP Top 10, Spam Filtering, Machine Learning, OWASP, Vulnerability Assessment, GitOps, Web Security, Security Audits, Vulnerability Management, GitHub Actions, Cloud Migration, Certified Ethical Hacker (CEH), Cloudflare, Infrastructure as Code (IaC), AWS CodePipeline, AWS Transit Gateway, Secure Access Service Edge (SASE), Monitoring, Machine Learning Operations (MLOps), Prometheus, Site Reliability Engineering (SRE)
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring