✓
Omar Albalouli
Senior DevOps Engineer · DevSecOps & Cloud Security · main branch · last analysis just now
QUALITY GATE PASSED
Languages & frameworks
KubernetesA
AWSA
TerraformA
LinuxA
PythonA
AzureA
HelmA
TeamCityA
Azure DevOpsA
GitHub ActionsA
HashiCorp VaultA
CloudflareA
SonarQubeA
TrivyA
DevSecOpsA
Penetration TestingA
Vulnerability Research (CVE)A
PrometheusA
GrafanaA
OpenSearchA
New RelicA
AnsibleA
Argo CDA
KafkaA
RabbitMQA
MySQLA
PostgreSQLA
MongoDBA
NetworkingA
Vulnerability ManagementA
SAST / SCA / DASTA
Container SecurityA
Threat ModelingA
Analysis history
January 2025
→ now
Senior DevOps Engineer · CFIPASSED · current
- Lead DevSecOps across the SDLC — threat-modeling services and embedding SAST (SonarQube), SCA, and container image scanning into CI/CD, reducing high/critical vulnerabilities reaching production by 90% and auto-blocking insecure builds.
- Centralized secrets and credentials across all applications with HashiCorp Vault, eliminating hard-coded secrets and enabling short-lived, dynamic credentials.
- Secured internet-facing workloads with Cloudflare (WAF, DDoS protection, DNS, and zero-trust access).
- Operate business-critical, highly available Kubernetes clusters on self-managed AWS EC2, sustaining 99.95% uptime with zero-downtime upgrades.
- Provision cloud and on-prem infrastructure as code with Terraform for repeatable, version-controlled deployments.
- Build and maintain GitHub Actions CI/CD pipelines with automated testing, security gates, and deployment across all services.
- Design, provision, and operate OpenSearch clusters on AWS alongside Prometheus and Grafana for proactive monitoring, alerting, and security visibility.
- Implement New Relic APM to surface latency, errors, and bottlenecks across services.
- Administer and secure on-prem MySQL, PostgreSQL, and MongoDB, plus highly available RabbitMQ and Kafka on Kubernetes, with backup, replication, and HA strategies.
June 2024
→ January 2025
Cloud Engineer · Network InternationalPASSED
- Managed 10+ Kubernetes clusters across Azure, AWS, OCI, and on-premises, ensuring scalability and high availability.
- Architected and deployed high-availability Kubernetes clusters on-premises using Ansible, Kubeadm, MetalLB, and Longhorn.
- Designed and implemented infrastructure as code (IaC) using Terraform.
- Created and maintained CI/CD pipelines using Azure DevOps, TeamCity, Python, and Bash scripting.
- Automated the release process to a single click — Slack notifications and Confluence release notes.
- Integrated SAST and SCA tools (Prisma Cloud, Veracode, SonarQube) into CI/CD to enforce application security and compliance.
March 2023
→ June 2024
DevOps Engineer · Aspire IT Services (Client: Network International)PASSED
- Deployed and managed AWS resources including EC2 and EKS clusters using Terraform.
- Deployed and managed containerized applications using EKS and Helm.
- Designed and implemented CI/CD pipelines using AWS CodePipeline and AWS CodeBuild.
- Partnered with development and QA teams to containerize applications and automate EKS deployment pipelines, reducing release friction and environment drift.
September 2022
→ February 2023
DevOps / Linux System Administrator · Electronic Health Solutions (EHS - Hakeem)PASSED
- Managed critical environments with zero downtime, ensuring continuous availability and reliability.
- Managed on-premises Red Hat Linux servers for optimal performance and security.
- Implemented and maintained CI/CD pipelines using Jenkins.
- Developed and maintained Ansible playbooks for configuration and deployment automation.
- Configured and managed monitoring tools: Nagios, Prometheus, and Grafana.
- Configured and managed high-available load balancers using HAProxy and Keepalived.
Quality profiles / certifications
DevOps on AWS Specialization (AWS · Coursera)✓ PASSED
Education
BSc, Computer and Network Engineering — Al Balqa Applied University, Amman (2022) · GPA 3.55
Security Research
Discovered and responsibly disclosed an authorization bypass in Moodle (open-source LMS) — CVE-2022-40208 (CWE-285): students could circumvent sequential quiz navigation via web services. Performed application and source-code analysis, reported upstream, and coordinated remediation through a responsible-disclosure process.