Red Hat Certified System Administrator (RHCSA)
RHEL administration - storage, networking, SELinux, systemd
Available for senior DevOps & infrastructure roles
Leading DevOps Initiatives | Infrastructure Automation | Microservices Architecture | Configuration Management | Ensured > 99.99% Uptime for Critical Apps

$ whoami
muhammad-wasim | senior devops & infrastructure engineer
$ ansible all --list-hosts | wc -l
140+ servers managed | 30 in production today
$ cat /etc/redhat-release
RHEL 8/9/10 | Ubuntu | CentOS | Rocky 9 - all under management
$ ls ~/certifications
rhcsa rhce openshift-ex280 aws-saa aws-security-scs
$
Certifications
Formal validation for the platforms I run daily - OpenShift, RHEL, Ansible, and AWS - backed by 140+ servers of real operational history.
RHEL administration - storage, networking, SELinux, systemd
Ansible automation - playbooks, roles, fleet configuration at scale
Cluster operations - operators, RBAC, networking, workloads
Designing resilient, cost-optimized architectures on AWS
IAM, encryption, incident response, and AWS infrastructure security
KubeVirt - running and migrating VMs on OpenShift/Kubernetes
Core Skills Matrix
Four disciplines, one job: infrastructure that stays fast, cheap, and defensible under real traffic and real attackers.
Designing and operating production workloads across AWS and GCP - compute, networking, storage, DNS, CDN, and cost governance.
Building pipelines developers actually trust - from Git push to production, with branch-aware environments and reliable rollbacks.
SIEM deployment, incident response, and compliance mapping - closing the gap between working and defensible.
Scripting away toil and proving capacity with data - distributed load testing, tuning, and self-healing configuration.
Projects Archive
Each project framed the same way I frame the work itself: the problem as it arrived, and the measurable state it left in.
Challenge — A client organization had zero centralized visibility across its workstation and server fleet - CVEs, file integrity, and auth anomalies went unmonitored.
Impact — Deployed a full Wazuh SIEM with fleet-wide agent enrollment, RBAC read-only analyst access, and alerting - CVE triage now runs across every enrolled endpoint.
Challenge — An OTT streaming platform needed proof it could survive launch-day traffic, far beyond what a single load generator could simulate.
Impact — Scaled to 100K concurrent users via wave-based distributed JMeter on GCP, with automated CSV slicing and self-provisioning startup scripts.
Challenge — Five Java microservice repos each carried duplicated per-environment workflow files - drift, broken auth, and inconsistent deploys were routine.
Impact — Consolidated to a single branch-aware deploy.yml per repo on self-hosted runners - one pipeline pattern now ships dev and stage reliably.
Challenge — A publicly exposed Postgres port on a fintech dev VM was exploited to run a cryptominer inside a database container.
Impact — Contained, eradicated, and hardened within the same incident window - closed the exposure at the firewall layer and locked down database roles.
Challenge — A production e-learning platform suffered pipeline failures from orphaned bot credentials and repeated LMS out-of-memory crashes under load.
Impact — Migrated CI credentials across dev/stage/prod, fixed ASG scaling parameters, and stabilized the LMS with Gunicorn worker-recycling and swap tuning.
Challenge — A community organization needed a fast, global website with effectively zero hosting budget and no servers to maintain.
Impact — Shipped an S3 + CloudFront + custom-domain architecture with TLS - pennies per month, cache-invalidated deploys in one command. (This site runs on it too.)
Contact
Open to senior DevOps, platform, and SRE roles — and to hard conversations about broken pipelines, cloud bills, and security posture.