▸ running processes / skills
KubernetesAWSTerraformLinuxPythonAzureHelmTeamCityAzure DevOpsGitHub ActionsHashiCorp VaultCloudflareSonarQubeTrivyDevSecOpsPenetration TestingVulnerability Research (CVE)PrometheusGrafanaOpenSearchNew RelicAnsibleArgo CDKafkaRabbitMQMySQLPostgreSQLMongoDBNetworkingVulnerability ManagementSAST / SCA / DASTContainer SecurityThreat Modeling
✓ certifications
DevOps on AWS Specialization (AWS · Coursera)VALID
⟳ deployment history / work
January 2025
→ now
Senior DevOps Engineer · CFI v4.0 (current)
- Lead DevSecOps across the SDLC — threat-modeling services and embedding SAST (SonarQube), SCA, and container image scanning into CI/CD, reducing high/critical vulnerabilities reaching production by 90% and auto-blocking insecure builds.
- Centralized secrets and credentials across all applications with HashiCorp Vault, eliminating hard-coded secrets and enabling short-lived, dynamic credentials.
- Secured internet-facing workloads with Cloudflare (WAF, DDoS protection, DNS, and zero-trust access).
- Operate business-critical, highly available Kubernetes clusters on self-managed AWS EC2, sustaining 99.95% uptime with zero-downtime upgrades.
- Provision cloud and on-prem infrastructure as code with Terraform for repeatable, version-controlled deployments.
- Build and maintain GitHub Actions CI/CD pipelines with automated testing, security gates, and deployment across all services.
- Design, provision, and operate OpenSearch clusters on AWS alongside Prometheus and Grafana for proactive monitoring, alerting, and security visibility.
- Implement New Relic APM to surface latency, errors, and bottlenecks across services.
- Administer and secure on-prem MySQL, PostgreSQL, and MongoDB, plus highly available RabbitMQ and Kafka on Kubernetes, with backup, replication, and HA strategies.
June 2024
→ January 2025
Cloud Engineer · Network International v6
- Managed 10+ Kubernetes clusters across Azure, AWS, OCI, and on-premises, ensuring scalability and high availability.
- Architected and deployed high-availability Kubernetes clusters on-premises using Ansible, Kubeadm, MetalLB, and Longhorn.
- Designed and implemented infrastructure as code (IaC) using Terraform.
- Created and maintained CI/CD pipelines using Azure DevOps, TeamCity, Python, and Bash scripting.
- Automated the release process to a single click — Slack notifications and Confluence release notes.
- Integrated SAST and SCA tools (Prisma Cloud, Veracode, SonarQube) into CI/CD to enforce application security and compliance.
March 2023
→ June 2024
DevOps Engineer · Aspire IT Services (Client: Network International) v7
- Deployed and managed AWS resources including EC2 and EKS clusters using Terraform.
- Deployed and managed containerized applications using EKS and Helm.
- Designed and implemented CI/CD pipelines using AWS CodePipeline and AWS CodeBuild.
- Partnered with development and QA teams to containerize applications and automate EKS deployment pipelines, reducing release friction and environment drift.
September 2022
→ February 2023
DevOps / Linux System Administrator · Electronic Health Solutions (EHS - Hakeem) v8
- Managed critical environments with zero downtime, ensuring continuous availability and reliability.
- Managed on-premises Red Hat Linux servers for optimal performance and security.
- Implemented and maintained CI/CD pipelines using Jenkins.
- Developed and maintained Ansible playbooks for configuration and deployment automation.
- Configured and managed monitoring tools: Nagios, Prometheus, and Grafana.
- Configured and managed high-available load balancers using HAProxy and Keepalived.
⚠ Education
BSc, Computer and Network Engineering — Al Balqa Applied University, Amman (2022) · GPA 3.55
⚠ Security Research
Discovered and responsibly disclosed an authorization bypass in Moodle (open-source LMS) — CVE-2022-40208 (CWE-285): students could circumvent sequential quiz navigation via web services. Performed application and source-code analysis, reported upstream, and coordinated remediation through a responsible-disclosure process.