Alaa Ahmed, Developer in Ramallah, Palestine
Alaa is available for hire
Hire Alaa

Alaa Ahmed

Verified Expert  in Engineering

Cloud Architect and DevOps Developer

Ramallah, Palestine

Toptal member since February 3, 2021

Bio

Ahmed is a highly-skilled cloud, security, and DevOps engineer. He is also a certified network security professional and a talented system and Linux engineer with a solid background in Docker, Docker Compose, Docker Swarm, Kubernetes, and shell scripting. He has the know-how of various cloud service providers, such as Microsoft Azure and AWS. His experiences include implementing vulnerability scanners, DevSecOps tools, enterprise VPN scenarios, and CI/CD pipelines using Azure DevOps and Jenkins.

Portfolio

RedJade
Kubeflow, Ansible, Azure Kubernetes Service (AKS), Azure, Kubernetes...
Syn Tracts
Azure, DevOps, CI/CD Pipelines, Monitoring, Logging...
Syntracts, Inc.
Azure, DevOps, CI/CD Pipelines, Monitoring, Logging...

Experience

  • Linux - 10 years
  • Azure - 7 years
  • DevOps - 7 years
  • Amazon Web Services (AWS) - 5 years
  • Automation - 5 years
  • DevSecOps - 4 years
  • Terraform - 2 years
  • Azure Kubernetes Service (AKS) - 2 years

Availability

Full-time

Preferred Environment

Kubernetes, DevOps, DevSecOps, Static Application Security Testing (SAST), OWASP, Amazon Web Services (AWS), Terraform, Azure DevOps, Azure, CI/CD Pipelines

The most amazing...

...project I've worked on is implementing DevSecOps for Woven Azure Pipelines.

Work Experience

Azure DevOps Engineer

2024 - 2024
RedJade
  • Configured and set up GPU-supported node pools, installed the Nvidia support package for K8S, and configured GPU metrics monitoring.
  • Built Helm charts to deploy for developed applications deployment.
  • Maintained GitHub actions pipeline and optimized performance and automation.
  • Installed and configured Kubeflow components and create Kubeflow pipelines to automate MLOps.
Technologies: Kubeflow, Ansible, Azure Kubernetes Service (AKS), Azure, Kubernetes, Infrastructure as Code (IaC), Redis, Terraform, Ansible Tower, Helm, Prometheus, Grafana, Site Reliability Engineering (SRE), Solution Architecture, Architecture, Cloud Architecture

Azure DevOps Engineer

2024 - 2024
Syn Tracts
  • Developed and configured Docker images for AI services and deployed them for on-prem environments.
  • Deployed AI Docker services on AKS and configured GitHub to automate the building, testing, and deployment phases.
  • Configured GPU VMs and a node pool, scaled the deployment on GPUs, and configured required resources and monitoring tools.
Technologies: Azure, DevOps, CI/CD Pipelines, Monitoring, Logging, Machine Learning Operations (MLOps), Azure Kubernetes Service (AKS), Docker Compose, Solution Architecture, Architecture, Cloud Architecture

Azure DevOps Engineer

2024 - 2024
Syntracts, Inc.
  • Migrated the application to a Dockized version, creating a Docker file and testing it on Azure Virtual Machines.
  • Built GitHub Actions to automate the building, testing, and deployment of various application components.
  • Provisioned Azure Kubernetes Service and deployed the application for different environments, enabling Horizontal Pod Autoscaling (HPA).
Technologies: Azure, DevOps, CI/CD Pipelines, Monitoring, Logging, Machine Learning Operations (MLOps), Cloud Migration, Solution Architecture, SQL, Architecture, Cloud Architecture

DevOps Developer

2022 - 2023
GeneDx, LLC c/o Sema4
  • Migrated portal services from one Azure tenant to a new one and migrated DB from VM-based to an Azure MySQL flexible server.
  • Upgraded the architecture of the portal by migrating running containers to the Azure Kubernetes cluster.
  • Configured and implemented Datadog alerts and monitoring rules to follow the application and its resources.
Technologies: Amazon Virtual Private Cloud (VPC), Infrastructure as Code (IaC), Terraform, CircleCI, Docker, Amazon Web Services (AWS), Azure, CI/CD Pipelines, AWS CloudFormation, AWS CodePipeline, Kubernetes, Helm, Git, Amazon CloudWatch, Sentry, Datadog, Google Cloud Platform (GCP), Security, MySQL, AWS Transit Gateway, Containerization, Containers, DevOps Engineer, Cloud Migration, Solution Architecture, SQL, Architecture, Cloud Architecture

Azure DevOps Engineer

2021 - 2022
Z-Tech
  • Managed Azure DevOps pipelines by creating code, building and pushing Docker, analyzing SCA security, scanning SAST, and deploying to AKS. Handled Azure resources, such as AKS, Azure VMs, Azure Vaults, Azure Functions, and Azure Logic Apps.
  • Used Jira Kanban boards to follow tasks and work progress.
  • Created and managed Azure DevOps pipelines to deploy application Dockers to AKS and mobile pipelines on Bitrise, code repositories on GitHub, and Terraform scripts for infrastructure automation.
Technologies: Azure DevOps, Azure Key Vault, Azure Kubernetes Service (AKS), Azure Functions, Azure Blob Storage API, Azure API Management, Azure Logic Apps, Azure Web Application Firewall, Terraform, Helm, GitOps, Containerization, Security, Security Audits, DevOps Engineer, Datadog, Solution Architecture, SQL, Cloud Architecture

DevSecOps Engineer

2021 - 2021
Woven Planet Holdings
  • Configured DevSecOps tools for secret scanning, software decomposition analysis, static code testing, and dynamic application testing.
  • Created GitHub Actions to automate the build and security process and deliver results.
  • Created and managed AWS resources, including AWS EC2, AWS VPC, AWS ELB, AWS IAM, AWS S3, AWS RDS, AWS Fargate, CloudWatch, and CloudTrail.
Technologies: AWS ALB, AWS Fargate, CodeQL, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), DevOps, GitHub, Vulnerability Assessment, Helm, IT Security, Web Security, Security, Security Audits, DevOps Engineer, Cybersecurity, Vulnerability Management, GitHub Actions, Code Review, Source Code Review

DevOps Engineer

2018 - 2021
Logicteca Solutions
  • Installed various Linux-based applications, including Apache, NGINX, HAproxy, Tomcat, Zimbra, Kurento, Asterisk, and many other applications and services.
  • Created and managed AWS resources, including AWS EC2, AWS VPC, AWS ELB, AWS ECR, AWS S3, AWS RDS, security groups, AWS Fargate, CloudWatch, and Cloudtrail.
  • Used Bash scripts, Docker, Docker Swarm, Kubernetes, and Ansible.
  • Implemented DevSecOps for Azure Pipelines. Used SonarQube, WhiteSource Bolt, OWASP ZAP scanner, and the Glue framework.
  • Managed a vulnerability assessment system and Azure and Office 365 advanced threat protection.
Technologies: Docker, Docker Compose, Docker Swarm, Amazon Web Services (AWS), Jenkins, Azure Kubernetes Service (AKS), Network Architecture

Information Security Instructor

2017 - 2020
University College of Applied Sciences
  • Lectured on certified ethical hacking, pen-testing tools, network security, and wireless network security.
  • Evaluated and mentored students taking the courses.
  • Tested and utilized Kali Linux tools like Metasploit, ZAP, and Burp Suite.
Technologies: Certified Ethical Hacker (CEH), Network Security, Application Security, Secure Access Service Edge (SASE), IT Security

System and Network Administrator

2006 - 2020
Islamic University of Gaza
  • Conducted vulnerability scanning and took care of the application and network security.
  • Served as a system and network administrator. My duties included network engineering, routing, switching, VoIP, VLAN, SAN, and network security.
  • Performed security administration tasks, such as Windows Server. For virtualization, I used VMware ESXi, vCenter, vSAN, DRM, and vSphere suite.
  • Conducted Linux Server administration and hardening using Apache, Tomcat, RADIUS, and Zimbra.
Technologies: Linux, Windows Server, Firewalls, Application Security, VMware ESXi, System Administration, Infrastructure Security, Network Architecture, Secure Access Service Edge (SASE), IT Security

Experience

DevOps and Cloud Architect

• Deployed Azure Resource Groups and AKS using Terraform scripts.
• YAML files were prepared to deploy the application using customized PHP images, Nginx, and MySQL database.
• The service has been exposed to the internet using a load balancer.
• Secrets and keys were stored on Azure Key Vault and integrated with AKS.

DevSecOps for Azure Pipelines

• Git-secrets has been configured to scan codes before uploading to Azure repo.
• SonarQube was integrated with Azure pipelines to scan for vulnerabilities.
• WhiteSource Bolt has been integrated with Azure CI for the dependency check.
• OWASP ZAP was used to scan for vulnerabilities at the release stage (Azure CD pipeline).

Web Application Firewall

My duties on this project included:
• Configuring and tuning of Cloudflare WAF.
• Implementing access rules based on the threat score.
• Implementing challenging rules for admin pages.
• Mitigating OWASP Top10 vulnerabilities.
• Auditing and troubleshooting of security incidents and false positives.

Education

2011 - 2013

Master's Degree in Computer Engineering

Islamic University of Gaza - Gaza, Palestine

Certifications

FEBRUARY 2023 - FEBRUARY 2024

Microsoft Certified: Azure Security Engineer Associate

Microsoft

JANUARY 2021 - PRESENT

DevSecOps: Continuous Application Security

LinkedIn

JANUARY 2021 - PRESENT

DevSecOps: Automated Security Testing

LinkedIn

DECEMBER 2020 - PRESENT

Fortinet Network Security Expert Level 4: Certified Professional

Fortinet

AUGUST 2018 - PRESENT

Cisco Networking: On-Premise and Cloud Solutions (OCSE)

Cisco

MARCH 2007 - PRESENT

Certified Linux Administrator (LPIC-1)

Linux Professional Institute, Inc.

Skills

Libraries/APIs

Azure Blob Storage API, Azure API Management

Tools

GitHub, Helm, Docker Compose, Docker Swarm, Jenkins, Azure Kubernetes Service (AKS), Terraform, Azure Key Vault, CodeQL, Git, AWS Fargate, Azure Logic Apps, Azure Web Application Firewall, Amazon Virtual Private Cloud (VPC), CircleCI, AWS CloudFormation, Amazon CloudWatch, Sentry, Logging, Ansible, Ansible Tower, Grafana

Paradigms

DevOps, DevSecOps, Azure DevOps, Automation, Continuous Deployment

Platforms

Amazon Web Services (AWS), Windows Server, Azure, Windows, Linux, Kubernetes, Docker, AWS ALB, Azure Functions, Azure PaaS, Google Cloud Platform (GCP), Kubeflow

Industry Expertise

Network Security, Cybersecurity

Languages

Python, Java, SQL

Storage

Datadog, Azure Blobs, MySQL, Redis

Other

Firewalls, VMware ESXi, Fortinet Firewall Configuration, Vulnerability Identification, CI/CD Pipelines, System Administration, Security, Containerization, Containers, IT Security, DevOps Engineer, Infrastructure Security, Network Architecture, Code Review, Source Code Review, Solution Architecture, Architecture, Cloud Architecture, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Cloud, Application Security, Web Application Firewall (WAF), Office 365 Security, OWASP Top 10, Spam Filtering, Machine Learning, OWASP, Vulnerability Assessment, GitOps, Web Security, Security Audits, Vulnerability Management, GitHub Actions, Cloud Migration, Certified Ethical Hacker (CEH), Cloudflare, Infrastructure as Code (IaC), AWS CodePipeline, AWS Transit Gateway, Secure Access Service Edge (SASE), Monitoring, Machine Learning Operations (MLOps), Prometheus, Site Reliability Engineering (SRE)

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring