Sealed (1/1 keys)Unsealed

Omar Albalouli

Senior DevOps Engineer · DevSecOps & Cloud Security
$ vault kv get secret/omar
🔒 This résumé is sealed. Provide the unseal key to reveal the secrets.
secret/data/omar · v4
nameOmar Albalouli roleSenior DevOps Engineer · DevSecOps & Cloud Security email[email protected] ttl4y experience · renewable statusavailable
🔑 secrets engine · kv/skills
Kubernetes ••••••••••✓ enabled
AWS ••••••••••✓ enabled
Terraform ••••••••••✓ enabled
Linux ••••••••••✓ enabled
Python ••••••••••✓ enabled
Azure ••••••••••✓ enabled
Helm ••••••••••✓ enabled
TeamCity ••••••••••✓ enabled
Azure DevOps ••••••••••✓ enabled
GitHub Actions ••••••••••✓ enabled
HashiCorp Vault ••••••••••✓ enabled
Cloudflare ••••••••••✓ enabled
SonarQube ••••••••••✓ enabled
Trivy ••••••••••✓ enabled
DevSecOps ••••••••••✓ enabled
Penetration Testing ••••••••••✓ enabled
Vulnerability Research (CVE) ••••••••••✓ enabled
Prometheus ••••••••••✓ enabled
Grafana ••••••••••✓ enabled
OpenSearch ••••••••••✓ enabled
New Relic ••••••••••✓ enabled
Ansible ••••••••••✓ enabled
Argo CD ••••••••••✓ enabled
Kafka ••••••••••✓ enabled
RabbitMQ ••••••••••✓ enabled
MySQL ••••••••••✓ enabled
PostgreSQL ••••••••••✓ enabled
MongoDB ••••••••••✓ enabled
Networking ••••••••••✓ enabled
Vulnerability Management ••••••••••✓ enabled
SAST / SCA / DAST ••••••••••✓ enabled
Container Security ••••••••••✓ enabled
Threat Modeling ••••••••••✓ enabled
📜 policies · sys/policies
⎘ leases · sys/leases (deployment history)
January 2025
→ active
Senior DevOps Engineer · CFI
  • Lead DevSecOps across the SDLC — threat-modeling services and embedding SAST (SonarQube), SCA, and container image scanning into CI/CD, reducing high/critical vulnerabilities reaching production by 90% and auto-blocking insecure builds.
  • Centralized secrets and credentials across all applications with HashiCorp Vault, eliminating hard-coded secrets and enabling short-lived, dynamic credentials.
  • Secured internet-facing workloads with Cloudflare (WAF, DDoS protection, DNS, and zero-trust access).
  • Operate business-critical, highly available Kubernetes clusters on self-managed AWS EC2, sustaining 99.95% uptime with zero-downtime upgrades.
  • Provision cloud and on-prem infrastructure as code with Terraform for repeatable, version-controlled deployments.
  • Build and maintain GitHub Actions CI/CD pipelines with automated testing, security gates, and deployment across all services.
  • Design, provision, and operate OpenSearch clusters on AWS alongside Prometheus and Grafana for proactive monitoring, alerting, and security visibility.
  • Implement New Relic APM to surface latency, errors, and bottlenecks across services.
  • Administer and secure on-prem MySQL, PostgreSQL, and MongoDB, plus highly available RabbitMQ and Kafka on Kubernetes, with backup, replication, and HA strategies.
June 2024
→ January 2025
Cloud Engineer · Network International
  • Managed 10+ Kubernetes clusters across Azure, AWS, OCI, and on-premises, ensuring scalability and high availability.
  • Architected and deployed high-availability Kubernetes clusters on-premises using Ansible, Kubeadm, MetalLB, and Longhorn.
  • Designed and implemented infrastructure as code (IaC) using Terraform.
  • Created and maintained CI/CD pipelines using Azure DevOps, TeamCity, Python, and Bash scripting.
  • Automated the release process to a single click — Slack notifications and Confluence release notes.
  • Integrated SAST and SCA tools (Prisma Cloud, Veracode, SonarQube) into CI/CD to enforce application security and compliance.
March 2023
→ June 2024
DevOps Engineer · Aspire IT Services (Client: Network International)
  • Deployed and managed AWS resources including EC2 and EKS clusters using Terraform.
  • Deployed and managed containerized applications using EKS and Helm.
  • Designed and implemented CI/CD pipelines using AWS CodePipeline and AWS CodeBuild.
  • Partnered with development and QA teams to containerize applications and automate EKS deployment pipelines, reducing release friction and environment drift.
September 2022
→ February 2023
DevOps / Linux System Administrator · Electronic Health Solutions (EHS - Hakeem)
  • Managed critical environments with zero downtime, ensuring continuous availability and reliability.
  • Managed on-premises Red Hat Linux servers for optimal performance and security.
  • Implemented and maintained CI/CD pipelines using Jenkins.
  • Developed and maintained Ansible playbooks for configuration and deployment automation.
  • Configured and managed monitoring tools: Nagios, Prometheus, and Grafana.
  • Configured and managed high-available load balancers using HAProxy and Keepalived.
secret/education
BSc, Computer and Network Engineering — Al Balqa Applied University, Amman (2022) · GPA 3.55
secret/security-research
Discovered and responsibly disclosed an authorization bypass in Moodle (open-source LMS) — CVE-2022-40208 (CWE-285): students could circumvent sequential quiz navigation via web services. Performed application and source-code analysis, reported upstream, and coordinated remediation through a responsible-disclosure process.
📝 audit log
request: read secret/omar → 200 OK
token: hireable · ttl: ∞ · policies: [available, on-time, reliable]
audit: recruiter accessed résumé — that's you. 👀
🎨 Theme & résumé
Choose a style
⬇ Download / Print 📄 View as plain résumé