Aly is available for hire

Aly Ragab

Verified Expert in Engineering

DevOps Engineer and Developer

Location

Dubai, United Arab Emirates

Toptal Member Since

January 3, 2022

在过去的六年里，Aly一直是DevOps和DevSecOps工程师, specializing in planning, designing, configuring, and implementing a deep level of security. Aly参与了GRC和渗透测试的文化和实施. 在此之前，他担任了三年的Linux和Unix管理员. Aly's areas of expertise include AWS, Kubernetes, MySQL, MongoDB, ELK, Go, HashiCorp Vault, Terraform, and more.

DevOps Engineer Red Hat Linux Docker Kubernetes Microservices DevOps Amazon Web Services (AWS)Terraform DevSecOps PostgreSQL CircleCI Helm Cloudflare Automation Agile Software Development

Portfolio

fintech-galaxy

敏捷软件开发，Amazon EKS, Burp Suite, HashiCorp Vault, Terraform...

Talabat

Kubernetes, Amazon EKS，无服务器框架，Terraform, Helm, Argo CD...

Hala Company

Kubernetes，自管理Kubernetes, MongoDB, Terraform, Oracle Cloud...

Experience

CI/CD Pipelines - 5 years DevOps - 5 years Amazon Elastic Container Service (Amazon ECS) - 3 years PCI DSS - 3 years Helm - 3 years Go - 2 years Serverless Framework - 1 year

Availability

Part-time

Preferred Environment

MacOS, Linux, Visual Studio Code (VS Code)， DevOps, Burp Suite

The most amazing...

...经验正在帮助公司开发和保护他们的数字平台, making them reliable and available at all times.

Work Experience

Lead DevSecOps Engineer

2022 - PRESENT

fintech-galaxy

通过基于GRC (Governance)的非常安全可靠的云原生架构，完成了向AWS EKS的迁移, Risk Management, and Compliance).
Integrated HashiCorp Vault with Kubernetes Microservices.
设置主要策略，以可靠的方式使用IaC和配置管理，为Kubernetes建立一个开放的银行平台.
启动ISO/IEC 27001:2022信息安全领导实施.
为规划业务连续性计划和灾难恢复计划制定策略.
指导我的团队应用和学习有关安全性的最佳实践, reliability, and observability patterns.

Technologies: 敏捷软件开发，Amazon EKS, Burp Suite, HashiCorp Vault, Terraform, Lambda Functions, DevSecOps, DevOps Engineer, Automation, Penetration Testing, Kubernetes, Microservices, Amazon Web Services (AWS), Containerization, HashiCorp, Infrastructure as Code (IaC), CI/CD Pipelines, PostgreSQL

Senior DevOps Archetict

2020 - PRESENT

Talabat

构建和管理满足PCI DSS合规性要求的环境，并使用Go编写内部工具.
使用开放策略代理(OPA)、Conftest和Gatekeeper作为代码实现和管理策略.
使用无服务器框架实现AWS无服务器应用程序，并实现和管理Amazon EKS集群.
迁移和实现集中模板化的Helm Charts，以帮助在不同的AWS EKS集群中部署100多个微服务.
协助公司实施可扩展的系统设计，并实施AWS秘密管理器和保险库以保护机密数据.
使用Argo CD和Argo Rollouts实现渐进式部署，用于蓝绿色和金丝雀部署.
使用GitHub Actions自托管运行器来启用安全和私有的端到端测试.

Technologies: Kubernetes, Amazon EKS，无服务器框架，Terraform, Helm, Argo CD, Argo Rollouts, GitHub Actions, CircleCI, AWS Elastic Beanstalk, Cloudflare, PCI DSS, Amazon Elastic Container Service (Amazon ECS), Organization, AWS Secrets Manager, Vault, AWS Key Management Service (KMS), HashiCorp Vault, CI/CD Pipelines, Docker, Go, Python 3, Python, DevOps, Microservices, Lambda Functions, DevSecOps, DevOps Engineer, Automation, Amazon Web Services (AWS), Containerization, HashiCorp, Infrastructure as Code (IaC), PostgreSQL

Lead DevOps Engineer

2019 - 2020

Hala Company

协助从单片架构迁移到微服务架构.
Implemented and managed PCI DSS compliant infrastructures.
Defined the DevOps-related strategies and tools. 实现了基于Oracle cloud的云环境管理.
Implemented and introduced IaC using Terraform, managed Kubernetes clusters using Kubespray, and deployed microservices using Helm.
Implemented CI/CD pipelines using Jenkins for all microservices; shared knowledge with all engineering teams; and defined the culture for introducing infrastructure features, such as RFC documents and POCs.
管理DevOps团队的四名成员，并指导他们成长、学习和应用最佳实践.

Technologies: Kubernetes，自管理Kubernetes, MongoDB, Terraform, Oracle Cloud, AWS Key Management Service (KMS), PCI DSS, Organization, AWS Secrets Manager, Vault, Helm, HashiCorp Vault, CI/CD Pipelines, Docker, MariaDB, Go, DevOps, Microservices, Microservices Architecture, Infrastructure as Code (IaC), Jenkins, Lambda Functions, DevSecOps, DevOps Engineer, Automation, Containerization, HashiCorp, Amazon Web Services (AWS), PostgreSQL, Elasticsearch, Amazon EKS

Senior DevOps Engineer

2018 - 2019

Fly365

Managed and implemented PCI DSS compliant infrastructures.
Managed AWS infrastructure based on AWS S3, CloudFront, Lambda Functions, CloudWatch, GuardDuty, Elasticache, and RDS.
基于ELK和Prometheus堆栈实现了所有微服务的日志记录和监控.
为50多个微服务建立并帮助团队使用CI/CD管道.
管理一个小型的DevOps团队，使其始终如一地应用最佳实践.

Technologies: Kubernetes, Kubernetes Operations (kOps), MongoDB, ELK (Elastic Stack), CircleCI, Organization, Helm, PCI DSS, Terraform, CI/CD Pipelines, Docker, Go, Microservices, DevOps, Lambda Functions, DevSecOps, DevOps Engineer, Automation, Amazon Web Services (AWS), Containerization, Infrastructure as Code (IaC), PostgreSQL, Elasticsearch

DevOps Engineer

2016 - 2018

Transporter Courier Service

帮助公司设计无状态微服务架构，并为所有微服务实现CI/CD.
协助迁移到AWS，并基于kops工具实现Kubernetes环境.
与ITOps团队合作，使用FreeIPA实现内部LDAP，以便拥有内部, Linux-based LDAP server.
与ITOps合作，基于Asterisk实现可靠的VoIP服务器.

Technologies: MariaDB, Docker, Kubernetes, Kubernetes Operations (kOps), CI/CD Pipelines, VoIP, FreeIPA, DevOps, Microservices Architecture, Microservices, DevOps Engineer, Containerization, Infrastructure as Code (IaC), Amazon Web Services (AWS)

Linux and Unix System Administrator

2015 - 2016

ECC Solutions

Managed and monitored IBM Unix AIX Power Servers.
管理TSM备份系统、IBM V7000后端存储、IBM AIX lpar和LAPAR Mobility.
Provided second-line support for Linux-based applications, 帮助客户修复和排除Linux Red Hat上的问题, CentOS, Ubuntu, and Debian-based distributions.

Technologies: Red Hat Linux, AIX, Unix, IBM Storage, VoIP

Linux System Administrator

2014 - 2015

World'Vest Base (WVB)

管理和实现用于网络和系统配置的Spacewalk服务器.
管理FortiGate防火墙以保护内部网络，并实现隔离的互联网连接和站点到站点VPN.
实现并管理了深层次的安全加固.
管理基于Asterisk的Linux VoIP解决方案，促进三个国家的跨团队通信.

技术:KVM, FortiGate, Zabbix, VoIP，网络安全，VPN

Business Solution Specialist

2010 - 2014

Vodafone Egypt Telecommunications SAE

通过电话与沃达丰企业客户处理所有升级的托管域名问题.
管理和修复微软SharePoint服务器问题，处理企业客户的电子邮件服务.
Conducted technical training for the first-line support.

技术:Microsoft Active Directory (AD)， SharePoint, Microsoft Exchange Server

Experience

AWS IAM Slackbot

http://github.com/AlyRagab/aws-iam-slack-bot

一个通过Slackbot管理AWS身份和访问管理(IAM)的解决方案. 用户可以调用Slack中的bot来添加或删除IAM组中的IAM用户. bot还可以为特定用户添加和撤销全部或部分权限. I wrote the solution in Go, it has a MySQL database as a dependency, and it can be deployed with minimal IAM access.

AWS RDS Alerts to Slack

http://github.com/AlyRagab/LambdaFunc-rds-alert

由SNS和CloudWatch触发的AWS Lambda函数，用于向Slack发送与基于rds的CloudWatch阈值相关的警报. 我帮助增强了作为RDS运行的数据库实例的可观察性.

User API Microservice

http://github.com/AlyRagab/golang-user-registration

一个用Go语言编写的微服务，允许用户使用以下功能注册和登录:
• Based in PostgreSQL as DataStore and GORM library
•哈希密码使用胡椒和盐进入数据库，从不保存密码
• Cookies security with HMAC

Skills

Frameworks

Serverless Framework

Tools

CircleCI, Terraform, AWS Key Management Service (KMS), Amazon EKS, Helm, Vault, Amazon Elastic Container Service (Amazon ECS), HashiCorp, Zabbix, ELK (Elastic Stack), Jenkins, VPN, AWS IAM

Paradigms

DevOps, Microservices, DevSecOps, Agile Software Development, Automation, Microservices Architecture, Penetration Testing

Platforms

Red Hat Linux, Docker, Kubernetes, Amazon Web Services (AWS), AWS Elastic Beanstalk, KVM, AIX, Unix, Burp Suite

Storage

PostgreSQL, MariaDB, Elasticsearch, MongoDB, Oracle Cloud, MySQL

Other

Kubernetes Operations (kOps), CI/CD Pipelines, PCI DSS, GitHub Actions, Infrastructure as Code (IaC), DevOps Engineer, Containerization, Self-managed Kubernetes, HashiCorp Vault, Argo CD, Cloudflare, AWS Secrets Manager, Organization, Lambda Functions, FortiGate, IBM Storage, FreeIPA, Argo Rollouts, VoIP, Slackbot

Languages

Go, Python 3, Python

Industry Expertise

Network Security

Education

2013 - 2015

High Diploma in Software Engineering (College Level)

Cairo University - Egypt, Cairo

2005 - 2009

Bachelor's Degree in Art History

Helwan University - Egypt, Cairo

Certifications

AUGUST 2020 - AUGUST 2022

HashiCorp Certified: Vault Associate

HashiCorp