π engineer.tf
# An engineer, declared as code. Idempotent. Production-ready.
resource "devops_engineer" "omar-albalouli" {
name = "Omar Albalouli"
title = "Senior DevOps Engineer Β· DevSecOps & Cloud Security"
email = "[email protected]"
experience_years = 4
status = "available"
summary = <<-EOT
Senior DevOps Engineer and security specialist with 4+ years building and securing highly available cloud and Kubernetes platforms. Specialized in embedding security across the SDLC: integrating SAST, SCA, and container image scanning (SonarQube, Trivy) into CI/CD, centralizing secrets with HashiCorp Vault, and hardening internet-facing workloads with Cloudflare. Proven track record across AWS, Azure, Terraform, Linux, and Python in identifying, triaging, and remediating vulnerabilities and driving DevSecOps practices that bake robust security into every stage of delivery.
EOT
skills = [
"kubernetes","aws","terraform",
"linux","python","azure",
"helm","teamcity","azure devops",
"github actions","hashicorp vault","cloudflare",
"sonarqube","trivy","devsecops",
"penetration testing","vulnerability research (cve)","prometheus",
"grafana","opensearch","new relic",
"ansible","argo cd","kafka",
"rabbitmq","mysql","postgresql",
"mongodb","networking","vulnerability management",
"sast / sca / dast","container security","threat modeling",
]
# work history β newest first
dynamic "role" {
for_each = {
cfi = { title = "Senior DevOps Engineer", period = "2025-now" }
network-internati⦠= { title = "Cloud Engineer", period = "2024-2025" }
aspire-it-service⦠= { title = "DevOps Engineer", period = "2023-2024" }
electronic-health⦠= { title = "DevOps / Linux System Administrator", period = "2022-2023" }
}
}
certifications = ["cka-certified-kubernetes-administrator", "aws-certified-solutions-architect-associate", "google-it-automation-with-python-professional-certificate", "devops-on-aws-specialization-aws-coursera"]
lifecycle {
prevent_destroy = true # keeps shipping
}
}
output "education" {
value = "BSc, Computer and Network Engineering β Al Balqa Applied University, Amman (2022) Β· GPA 3.55 "
}
output "security-research" {
value = "Discovered and responsibly disclosed an authorization bypass in Moodle (open-source LMS) β CVE-2022-40208 (CWE-285): students could circumvent sequential quiz navigation via web services. Performed application and source-code analysis, reported upstream, and coordinated remediation through a responsible-disclosure process. "
}