Alaa Ahmed, Developer in Gaza, Palestine
Alaa is available for hire
Hire Alaa

Alaa Ahmed

Verified Expert  in Engineering

Cloud Architect and DevOps Developer

Location
Gaza, Palestine
Toptal Member Since
February 3, 2021

Ahmed is a highly-skilled cloud, security, and DevOps engineer. He is also a certified network security professional and a talented system and Linux engineer with a solid background in Docker, Docker Compose, Docker Swarm, Kubernetes, and shell scripting. He has the know-how of various cloud service providers, such as Microsoft Azure and AWS. His experiences include implementing vulnerability scanners, DevSecOps tools, enterprise VPN scenarios, and CI/CD pipelines using Azure DevOps and Jenkins.

System AdministrationFirewallsSecurityVMware ESXiFortinet Firewall ConfigurationDevOps EngineerNetwork SecurityWindows ServerDevOpsDevSecOpsHelmCloudApplication SecurityWeb SecurityVulnerability ManagementDocker ComposeInfrastructure Security

Portfolio

Syntracts, Inc.
Azure, DevOps, CI/CD Pipelines, Monitoring, Logging...
GeneDx, LLC c/o Sema4
Amazon Virtual Private Cloud (VPC), Infrastructure as Code (IaC), Terraform...
Z-Tech
Azure DevOps, Azure Key Vault, Azure Kubernetes Service (AKS), Azure Functions...

Experience

Linux - 13 yearsDevOps - 7 yearsAzure - 7 yearsAmazon Web Services (AWS) - 5 yearsAutomation - 5 yearsDevSecOps - 4 yearsTerraform - 2 yearsAzure Kubernetes Service (AKS) - 2 years

Availability

Part-time

Preferred Environment

Kubernetes, DevOps, DevSecOps, Static Application Security Testing (SAST), OWASP, Amazon Web Services (AWS), Terraform, Azure DevOps, Azure, CI/CD Pipelines

The most amazing...

...project I've worked on is implementing DevSecOps for UNRWA Azure Pipelines.

Work Experience

Azure DevOps Engineer for a generative AI tool in the legal space

2024 - 2024
Syntracts, Inc.
  • Migrated the application to a Dockized version, creating Docker file and testing it on Azure Virtual Machines.
  • Built GitHub Actions to automate the building, testing, and deployment of various application components.
  • Provisioned Azure Kubernetes Service and deployed the application for different environments, enabling Horizontal Pod Autoscaling (HPA).
Technologies: Azure, DevOps, CI/CD Pipelines, Monitoring, Logging, Machine Learning Operations (MLOps)

DevOps Developer

2022 - 2023
GeneDx, LLC c/o Sema4
  • Migrated portal services from one Azure tenant to a new one and migrated DB from VM-based to an Azure MySQL flexible server.
  • Upgraded the architecture of the portal by migrating running containers to the Azure Kubernetes cluster.
  • Configured and implemented Datadog alerts and monitoring rules to follow the application and its resources.
Technologies: Amazon Virtual Private Cloud (VPC), Infrastructure as Code (IaC), Terraform, CircleCI, Docker, Amazon Web Services (AWS), Azure, CI/CD Pipelines, AWS CloudFormation, AWS CodePipeline, Kubernetes, Helm, Git, Amazon CloudWatch, Sentry, Datadog, Google Cloud Platform (GCP), Security, MySQL, AWS Transit Gateway, Containerization, Containers, DevOps Engineer

Azure DevOps Engineer

2021 - 2022
Z-Tech
  • Managed Azure DevOps pipelines by creating code, building and pushing Docker, analyzing SCA security, scanning SAST, and deploying to AKS. Handled Azure resources, such as AKS, Azure VMs, Azure Vaults, Azure Functions, and Azure Logic Apps.
  • Used Jira Kanban boards to follow tasks and work progress.
  • Created and managed Azure DevOps pipelines to deploy application Dockers to AKS and mobile pipelines on Bitrise, code repositories on GitHub, and Terraform scripts for infrastructure automation.
Technologies: Azure DevOps, Azure Key Vault, Azure Kubernetes Service (AKS), Azure Functions, Azure Blob Storage API, Azure API Management, Azure Logic Apps, Azure Web Application Firewall, Terraform, Helm, GitOps, Containerization, Security, Security Audits, DevOps Engineer, Datadog

DevSecOps Engineer

2021 - 2021
Woven Planet Holdings
  • Configured DevSecOps tools for secret scanning, software decomposition analysis, static code testing, and dynamic application testing.
  • Created GitHub Actions to automate the build and security process and deliver results.
  • Created and managed AWS resources, including AWS EC2, AWS VPC, AWS ELB, AWS IAM, AWS S3, AWS RDS, AWS Fargate, CloudWatch, and CloudTrail.
Technologies: AWS ALB, AWS Fargate, CodeQL, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), DevOps, GitHub, Vulnerability Assessment, Helm, IT Security, Web Security, Security, Security Audits, DevOps Engineer, Cybersecurity, Vulnerability Management, GitHub Actions

DevOps Engineer

2018 - 2021
Logicteca Solutions
  • Installed various Linux-based applications, including Apache, NGINX, HAproxy, Tomcat, Zimbra, Kurento, Asterisk, and many other applications and services.
  • Created and managed AWS resources, including AWS EC2, AWS VPC, AWS ELB, AWS ECR, AWS S3, AWS RDS, security groups, AWS Fargate, CloudWatch, and Cloudtrail.
  • Used Bash scripts, Docker, Docker Swarm, Kubernetes, and Ansible.
  • Implemented DevSecOps for Azure Pipelines. Used SonarQube, WhiteSource Bolt, OWASP ZAP scanner, and the Glue framework.
  • Managed a vulnerability assessment system and Azure and Office 365 advanced threat protection.
Technologies: Docker, Docker Compose, Docker Swarm, Amazon Web Services (AWS), Jenkins, Azure Kubernetes Service (AKS), Network Architecture

Information Security Instructor

2017 - 2020
University College of Applied Sciences
  • Lectured on certified ethical hacking, pen-testing tools, network security, and wireless network security.
  • Evaluated and mentored students taking the courses.
  • Tested and utilized Kali Linux tools like Metasploit, ZAP, and Burp Suite.
Technologies: Certified Ethical Hacker (CEH), Network Security, Application Security, Secure Access Service Edge (SASE)

System and Network Administrator

2006 - 2020
Islamic University of Gaza
  • Conducted vulnerability scanning and took care of the application and network security.
  • Served as a system and network administrator. My duties included network engineering, routing, switching, VoIP, VLAN, SAN, and network security.
  • Performed security administration tasks, such as Windows Server. For virtualization, I used VMware ESXi, vCenter, vSAN, DRM, and vSphere suite.
  • Conducted Linux Server administration and hardening using Apache, Tomcat, RADIUS, and Zimbra.
Technologies: Linux, Windows Server, Firewalls, Application Security, VMware ESXi, System Administration, Infrastructure Security, Network Architecture, Secure Access Service Edge (SASE)

DevOps and Cloud Architect

• Deployed Azure Resource Groups and AKS using Terraform scripts.
• YAML files were prepared to deploy the application using customized PHP images, Nginx, and MySQL database.
• The service has been exposed to the internet using a load balancer.
• Secrets and keys were stored on Azure Key Vault and integrated with AKS.

DevSecOps for Azure Pipelines

- Git-secrets has been configured to scan codes before uploading to Azure repo.
- SonarQube was integrated with Azure pipelines to scan for vulnerabilities.
- WhiteSource Bolt has been integrated with Azure CI for the dependency check.
- OWASP ZAP was used to scan for vulnerabilities at the release stage (Azure CD pipeline).

Web Application Firewall

My duties on this project included:
- Configuring and tuning of Cloudflare WAF.
- Implementing access rules based on the threat score.
- Implementing challenging rules for admin pages.
- Mitigating OWASP Top10 vulnerabilities.
- Auditing and troubleshooting of security incidents and false positives.
2011 - 2013

Master's Degree in Computer Engineering

Islamic University of Gaza - Gaza, Palestine

FEBRUARY 2023 - PRESENT

Microsoft Certified: Azure Security Engineer Associate

Microsoft

JANUARY 2021 - PRESENT

DevSecOps: Continuous Application Security

LinkedIn

JANUARY 2021 - PRESENT

DevSecOps: Automated Security Testing

LinkedIn

DECEMBER 2020 - PRESENT

Fortinet Network Security Expert Level 4: Certified Professional

Fortinet

AUGUST 2018 - PRESENT

Cisco Networking: On-Premise and Cloud Solutions (OCSE)

Cisco

MARCH 2007 - PRESENT

Certified Linux Administrator (LPIC-1)

Linux Professional Institute, Inc.

Tools

Helm, Docker Compose, Docker Swarm, Jenkins, Azure Kubernetes Service (AKS), Azure Key Vault, Terraform, AWS Fargate, CodeQL, GitHub, Azure Logic Apps, Azure Web Application Firewall, Amazon Virtual Private Cloud (VPC), CircleCI, AWS CloudFormation, Git, Amazon CloudWatch, Sentry, Logging

Paradigms

DevOps, DevSecOps, Automation, Continuous Deployment, Azure DevOps

Platforms

Windows Server, Azure, Linux, Kubernetes, Docker, Amazon Web Services (AWS), AWS ALB, Azure Functions, Azure PaaS, Google Cloud Platform (GCP)

Industry Expertise

Network Security, Cybersecurity

Other

Firewalls, VMware ESXi, Fortinet Firewall Configuration, Vulnerability Identification, CI/CD Pipelines, System Administration, Security, Containerization, Containers, DevOps Engineer, Infrastructure Security, Network Architecture, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Cloud, Application Security, Web Application Firewall (WAF), Office 365 Security, OWASP Top 10, Spam Filtering, Machine Learning, Vulnerability Assessment, GitOps, IT Security, Web Security, Security Audits, Vulnerability Management, GitHub Actions, Certified Ethical Hacker (CEH), OWASP, Cloudflare, Infrastructure as Code (IaC), AWS CodePipeline, AWS Transit Gateway, Secure Access Service Edge (SASE), Monitoring, Machine Learning Operations (MLOps)

Languages

Python, Java

Storage

Datadog, Azure Blobs, MySQL

Libraries/APIs

Azure Blob Storage API, Azure API Management

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

1

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.
2

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.
3

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring