Bishoy Sefen,阿拉伯联合酋长国迪拜的开发商
Bishoy is available for hire
Hire Bishoy

Bishoy Sefen

Verified Expert  in Engineering

Software Developer

Location
Dubai, United Arab Emirates
Toptal Member Since
January 16, 2020

Bishoy is an innovative DevOps, DevSecOps, 8年以上技术设计经验的软件工程师, implementing, securing, and managing CI/CD workflows, infrastructure, and microservices. He has deep experience with Kubernetes, cloud platforms (AWS), Linux-based systems, and cybersecurity. Bishoy热衷于跟上新技术并构建高效可靠的解决方案.

Cloud SecurityAWS DevOpsAmazon RDSAmazon API GatewayServerlessCloudflareLinuxUnixDockerJenkinsDevOpsHelmKubernetesAmazon Web Services (AWS)TerraformAmazon S3Network Access Control (NAC)AWS CloudfrontJFrog ArtifactorySpinnakerMQTTAmazon EKSAmazon ElastiCache

Portfolio

Freelance Clients
亚马逊网络服务(AWS)、Kubernetes、Cloudflare、Okta、Datadog、Terraform...
KONUX
Helm, Splunk, Bitbucket, Artifactory, Spinnaker, Jenkins, Java, Python, Bash...
ACI Worldwide GmbH
Apache Tomcat, HAProxy, VMware vSphere, Prometheus, RabbitMQ, PostgreSQL, Vault...

Experience

DevOps - 6 yearsCI/CD Pipelines - 6 yearsAmazon Web Services (AWS) - 5 yearsKubernetes - 5 yearsDevSecOps - 4 yearsPython - 4 yearsCloud Security - 4 yearsTerraform - 4 years

Availability

Part-time

Preferred Environment

亚马逊网络服务(AWS)、Kubernetes、DevSecOps、云安全

The most amazing...

...我为运行在AWS/EKS上的物联网数据平台构建了动态/短暂的测试环境, 哪一个加速了开发并减少了发布的bug.

Work Experience

Senior DevSecOps Freelancer

2022 - 2023
Freelance Clients
  • 使用Terraform全面覆盖和管理AWS、Cloudflare、Datadog和Okta的所有资源. 将所有CI/CD工作流从Jenkins迁移并标准化到GitHub工作流.
  • 通过Okta统一访问,并与AWS SSO集成, QuickSight, K8s dashboards, Cloudflare, and GitHub.
  • 设置Cloudflare的零信任网络,以确保员工的互联网访问安全,并授权访问AWS上的vpc.
  • 实现基于角色的访问控制和所有持久化服务的静态加密:ElastiCache/Redis, RDS/Postgres, Elasticsearch, RabbitMQ, and S3.
  • 已配置的AWS安全服务:CloudTrail、GuardDuty、Inspector、WAFV2和Config. 使用SSM授权和审计对EC2的访问.
  • 自动节点旋转,使EKS集群使用最新的ami,同时保证无停机时间. 这样,工作节点就始终具有最新的安全补丁.
  • 利用KEDA自动缩放器根据RabbitMQ指标调整k8部署的大小, including combined queue sizes.
  • 集成反病毒扫描使用ClamAV作为用户发起的文件上传到S3的一部分.
  • Set up monitoring, alerts, 使用CloudWatch和Datadog集中日志(从New Relic迁移过来).
  • 开发工具(Python)来同步配置(秘密/非秘密)到AWS参数存储. 所有的配置都将存储在Git中,KMS将借助SOPS对秘密文件进行加密.
Technologies: 亚马逊网络服务(AWS)、Kubernetes、Cloudflare、Okta、Datadog、Terraform, Bash, GitHub, ClamAV, Python, Amazon EKS, Amazon EC2, Amazon S3 (AWS S3), AWS DevOps, RabbitMQ, Amazon ElastiCache, Amazon RDS, Elasticsearch, Cloud Security, Redis, Networking, Linux, Unix, Karpenter, New Relic, AWS Cloud Architecture, Infrastructure as Code (IaC), CI/CD Pipelines, DevOps, DevSecOps, Monitoring, Vulnerability Management, AWS ALB, Amazon CloudFront CDN, AWS Key Management Service (KMS), Amazon CloudWatch, Cost Reduction & Optimization, OWASP, AWS IAM, Identity & Access Management (IAM)

Senior DevOps Engineer

2020 - 2022
KONUX
  • 使用OWASP Dependency-Track在CI管道中扫描应用程序级依赖和容器操作系统包的嵌入式漏洞.
  • 通过IAM和客户端证书设置AWS IoT MQTT消息代理和身份验证/授权.
  • 在EKS上部署气流,并协助完成Amazon EMR和AWS Glue的设置.
  • 建立AWS RDS (PostgreSQL)和Elasticsearch,控制网络访问和IAM鉴权.
  • 通过API网关公开在EKS上运行的后端微服务, with Amazon Cognito handling the authentication. 另外,使用CloudFront CDN服务存储在S3中的前端.
  • 使用Spinnaker创建按需沙盒环境, Jenkins, and Terraform, 使开发人员和qa能够隔离新功能更改, test them thoroughly, and perform repeatable performance tests.
  • 设置、加固和维护EKS和Kubernetes集群. Managed accesses, resources, autoscaling, and availability of the services running within, all through Terraform.
  • 介绍了使用Terraform的基础设施代码(IaC), 使用它导入和管理现有的基础结构.
  • 使用Jenkins和Spinnaker实现CI/CD管道,包括模块化和自助服务.
Technologies: Helm, Splunk, Bitbucket, Artifactory, Spinnaker, Jenkins, Java, Python, Bash, Terraform, Docker, Kubernetes, Amazon Web Services (AWS), Elasticsearch, DevOps, NGINX, Spring, Apache Airflow, SonarCloud, DevSecOps, OWASP, Amazon Elastic MapReduce (EMR), MQTT, AWS Lambda, Amazon CloudFront CDN, Amazon EC2, Amazon EKS, Amazon RDS, Amazon S3 (AWS S3), AWS ALB, AWS Cloud Architecture, AWS DevOps, CI/CD Pipelines, Infrastructure as Code (IaC), Linux, Monitoring, Networking, Unix, Cost Reduction & 优化,亚马逊CloudWatch,亚马逊API网关,无服务器,AWS IAM,身份 & Access Management (IAM)

DevOps Engineer

2017 - 2020
ACI Worldwide GmbH
  • 使用Kubernetes和Docker设置按需测试环境.
  • 自动生成ModSecurity WAF规则,将所有应用程序的公共端点列入白名单, along with their deployment to Apache.
  • Automated releases with Ansible and Jenkins, where the pipeline would release each project, run the QA jobs, and roll back in case of issues.
  • 稳定Jenkins通过集装箱化构建. Docker Compose用于启动容器构建过程以及所需的服务.
Technologies: Apache Tomcat, HAProxy, VMware vSphere, Prometheus, RabbitMQ, PostgreSQL, Vault, Consul, Gerrit, Artifactory, Jenkins, Bash, Terraform, Ansible, Docker, Kubernetes, DevOps, Java, Gradle, Helm, CI/CD Pipelines, Linux, Networking, Unix

Software Engineer

2015 - 2017
PAY.ON GmbH
  • 改进的CI构建,通过静态代码分析强制执行质量和安全标准, duplication check, and test coverage rules.
  • 通过实现两个独立的微服务,将Ethoca Alerts集成到平台中,并将公共逻辑重构到单独的库中, simplifying the development of new microservices.
  • 为特性提供安全的编码,同时编写自动化测试和对等代码审查.
技术:Gradle, Selenium, SQL, Spring, Java, Jenkins, Software Development, Gerrit

Kubernetes HA PostgreSQL

http://github.com/bishoybassem/k8s-ha-postgres
一个使用Consul、HAProxy和Kubernetes的高可用性PostgreSQL设置的概念证明. Helm用于将解决方案打包并安装到Kubernetes. Moreover, a Travis CI build is set up, which installs Minikube, builds the Docker images, deploys the chart, 最后运行集成测试,模拟不同的故障场景.

AWS Jenkins

http://github.com/bishoybassem/aws-jenkins
This project sets up an auto-scaling, highly available, and secure Jenkins cluster on AWS using Terraform. 这种设置背后的长期特性是根据构建队列大小自动缩放从服务器的EC2实例.

Languages

Java, Python, Bash, SQL

Frameworks

Spring, Selenium

Tools

Helm, Terraform, Jenkins, Gradle, GitHub, Amazon EKS, Amazon ElastiCache, Amazon CloudFront CDN, AWS Key Management Service (KMS), Amazon Elastic MapReduce (EMR), Amazon CloudWatch, Bitbucket, Apache Tomcat, Ansible, Artifactory, RabbitMQ, NGINX, Apache Airflow, ClamAV, MQTT, Splunk, Vault, Gerrit, VMware vSphere, Travis CI, AWS IAM, Amazon Elastic Container Service (Amazon ECS)

Paradigms

DevOps, DevSecOps

Platforms

Spinnaker, Kubernetes, Docker, Amazon Web Services (AWS), Amazon EC2, Linux, Unix, AWS ALB, AWS Lambda, New Relic

Storage

Amazon S3, PostgreSQL, Datadog, Redis, Elasticsearch

Other

Software Development, Cloud Security, Cloudflare, AWS DevOps, Amazon RDS, Karpenter, AWS Cloud Architecture, Infrastructure as Code (IaC), CI/CD Pipelines, Monitoring, Cost Reduction & Optimization, Amazon API Gateway, Serverless, SonarCloud, OWASP, Okta, Networking, Vulnerability Management, Consul, HAProxy, Prometheus, Identity & Access Management (IAM)

Libraries/APIs

Node.js

2009 - 2015

计算机科学与工程硕士学位

German University in Cairo - Cairo, Egypt

AUGUST 2022 - AUGUST 2025

AWS Certified Security — Specialty

Amazon Web Services

JANUARY 2022 - JANUARY 2024

CKS: Certified Kubernetes Security Specialist

The Linux Foundation

NOVEMBER 2021 - PRESENT

Certified DevSecOps Professional (CDP)

Practical DevSecOps

MAY 2021 - PRESENT

VMware Spring Professional 2021

VMware

APRIL 2021 - APRIL 2024

CKA: Certified Kubernetes Administrator

The Linux Foundation

OCTOBER 2020 - OCTOBER 2023

AWS Certified DevOps Engineer – Professional

AWS

SEPTEMBER 2019 - SEPTEMBER 2022

CKAD: Certified Kubernetes Application Developer

The Linux Foundation

Collaboration That Works

How to Work with Toptal

在数小时内,而不是数周或数月,我们的网络将为您直接匹配全球行业专家.

1

Share your needs

在与Toptal领域专家的电话中讨论您的需求并细化您的范围.
2

Choose your talent

在24小时内获得专业匹配人才的简短列表,以进行审查,面试和选择.
3

Start your risk-free talent trial

与你选择的人才一起工作,试用最多两周. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring