Omar Albalouli
Senior DevOps Engineer · DevSecOps & Cloud Security
$ vault kv get secret/omar
▸ secret/data/omar · v4
nameOmar Albalouli
roleSenior DevOps Engineer · DevSecOps & Cloud Security
email[email protected]
ttl4y experience · renewable
statusavailable
🔑 secrets engine · kv/skills
Kubernetes
••••••••••✓ enabled
AWS
••••••••••✓ enabled
Terraform
••••••••••✓ enabled
Linux
••••••••••✓ enabled
Python
••••••••••✓ enabled
Azure
••••••••••✓ enabled
Helm
••••••••••✓ enabled
TeamCity
••••••••••✓ enabled
Azure DevOps
••••••••••✓ enabled
GitHub Actions
••••••••••✓ enabled
HashiCorp Vault
••••••••••✓ enabled
Cloudflare
••••••••••✓ enabled
SonarQube
••••••••••✓ enabled
Trivy
••••••••••✓ enabled
DevSecOps
••••••••••✓ enabled
Penetration Testing
••••••••••✓ enabled
Vulnerability Research (CVE)
••••••••••✓ enabled
Prometheus
••••••••••✓ enabled
Grafana
••••••••••✓ enabled
OpenSearch
••••••••••✓ enabled
New Relic
••••••••••✓ enabled
Ansible
••••••••••✓ enabled
Argo CD
••••••••••✓ enabled
Kafka
••••••••••✓ enabled
RabbitMQ
••••••••••✓ enabled
MySQL
••••••••••✓ enabled
PostgreSQL
••••••••••✓ enabled
MongoDB
••••••••••✓ enabled
Networking
••••••••••✓ enabled
Vulnerability Management
••••••••••✓ enabled
SAST / SCA / DAST
••••••••••✓ enabled
Container Security
••••••••••✓ enabled
Threat Modeling
••••••••••✓ enabled
📜 policies · sys/policies
DevOps on AWS Specialization (AWS · Coursera)GRANTED
⎘ leases · sys/leases (deployment history)
January 2025
→ active
→ active
Senior DevOps Engineer · CFI
- Lead DevSecOps across the SDLC — threat-modeling services and embedding SAST (SonarQube), SCA, and container image scanning into CI/CD, reducing high/critical vulnerabilities reaching production by 90% and auto-blocking insecure builds.
- Centralized secrets and credentials across all applications with HashiCorp Vault, eliminating hard-coded secrets and enabling short-lived, dynamic credentials.
- Secured internet-facing workloads with Cloudflare (WAF, DDoS protection, DNS, and zero-trust access).
- Operate business-critical, highly available Kubernetes clusters on self-managed AWS EC2, sustaining 99.95% uptime with zero-downtime upgrades.
- Provision cloud and on-prem infrastructure as code with Terraform for repeatable, version-controlled deployments.
- Build and maintain GitHub Actions CI/CD pipelines with automated testing, security gates, and deployment across all services.
- Design, provision, and operate OpenSearch clusters on AWS alongside Prometheus and Grafana for proactive monitoring, alerting, and security visibility.
- Implement New Relic APM to surface latency, errors, and bottlenecks across services.
- Administer and secure on-prem MySQL, PostgreSQL, and MongoDB, plus highly available RabbitMQ and Kafka on Kubernetes, with backup, replication, and HA strategies.
June 2024
→ January 2025
→ January 2025
Cloud Engineer · Network International
- Managed 10+ Kubernetes clusters across Azure, AWS, OCI, and on-premises, ensuring scalability and high availability.
- Architected and deployed high-availability Kubernetes clusters on-premises using Ansible, Kubeadm, MetalLB, and Longhorn.
- Designed and implemented infrastructure as code (IaC) using Terraform.
- Created and maintained CI/CD pipelines using Azure DevOps, TeamCity, Python, and Bash scripting.
- Automated the release process to a single click — Slack notifications and Confluence release notes.
- Integrated SAST and SCA tools (Prisma Cloud, Veracode, SonarQube) into CI/CD to enforce application security and compliance.
March 2023
→ June 2024
→ June 2024
DevOps Engineer · Aspire IT Services (Client: Network International)
- Deployed and managed AWS resources including EC2 and EKS clusters using Terraform.
- Deployed and managed containerized applications using EKS and Helm.
- Designed and implemented CI/CD pipelines using AWS CodePipeline and AWS CodeBuild.
- Partnered with development and QA teams to containerize applications and automate EKS deployment pipelines, reducing release friction and environment drift.
September 2022
→ February 2023
→ February 2023
DevOps / Linux System Administrator · Electronic Health Solutions (EHS - Hakeem)
- Managed critical environments with zero downtime, ensuring continuous availability and reliability.
- Managed on-premises Red Hat Linux servers for optimal performance and security.
- Implemented and maintained CI/CD pipelines using Jenkins.
- Developed and maintained Ansible playbooks for configuration and deployment automation.
- Configured and managed monitoring tools: Nagios, Prometheus, and Grafana.
- Configured and managed high-available load balancers using HAProxy and Keepalived.
▸ secret/education
BSc, Computer and Network Engineering — Al Balqa Applied University, Amman (2022) · GPA 3.55
▸ secret/security-research
Discovered and responsibly disclosed an authorization bypass in Moodle (open-source LMS) — CVE-2022-40208 (CWE-285): students could circumvent sequential quiz navigation via web services. Performed application and source-code analysis, reported upstream, and coordinated remediation through a responsible-disclosure process.
📝 audit log
request: read secret/omar → 200 OK
token: hireable · ttl: ∞ · policies: [available, on-time, reliable]
audit: recruiter accessed résumé — that's you. 👀
token: hireable · ttl: ∞ · policies: [available, on-time, reliable]
audit: recruiter accessed résumé — that's you. 👀