Skip to content

Available for senior DevOps & infrastructure roles

Muhammad WasimSenior DevOps & Infrastructure Engineer

Leading DevOps Initiatives | Infrastructure Automation | Microservices Architecture | Configuration Management | Ensured > 99.99% Uptime for Critical Apps

  • RHEL 8 / 9 / 10
  • Ubuntu
  • CentOS
  • Rocky Linux 9
  • Docker
  • Kubernetes
  • Ansible
  • Terraform
  • AWS
  • GCP
  • Cyber Security
140+
Servers managed
25+
CI/CD pipelines
60+
Containers orchestrated
100K
Concurrent users load-tested
2x
Clouds orchestrated (AWS + GCP)
Portrait of Muhammad Wasim
wasim@prod:~

$ whoami

muhammad-wasim | senior devops & infrastructure engineer

$ ansible all --list-hosts | wc -l

140+ servers managed | 30 in production today

$ cat /etc/redhat-release

RHEL 8/9/10 | Ubuntu | CentOS | Rocky 9 - all under management

$ ls ~/certifications

rhcsa rhce openshift-ex280 aws-saa aws-security-scs

$

Certifications

Red Hat & AWS certified, fleet-proven

Formal validation for the platforms I run daily - OpenShift, RHEL, Ansible, and AWS - backed by 140+ servers of real operational history.

Red Hat logo
Red Hat | EX200Certified

Red Hat Certified System Administrator (RHCSA)

RHEL administration - storage, networking, SELinux, systemd

Red Hat logo
Red Hat | EX294Certified

Red Hat Certified Engineer (RHCE)

Ansible automation - playbooks, roles, fleet configuration at scale

Red Hat logo
Red Hat | EX280Certified

Red Hat Certified Specialist in OpenShift Administration

Cluster operations - operators, RBAC, networking, workloads

AWS logo
AWS | SAACertified

AWS Certified Solutions Architect

Designing resilient, cost-optimized architectures on AWS

AWS logo
AWS | SCSCertified

AWS Certified Security - Specialty

IAM, encryption, incident response, and AWS infrastructure security

Red Hat logo
Red Hat | EX316In progress

Red Hat Certified Specialist in OpenShift Virtualization

KubeVirt - running and migrating VMs on OpenShift/Kubernetes

Core Skills Matrix

What I run in production

Four disciplines, one job: infrastructure that stays fast, cheap, and defensible under real traffic and real attackers.

Cloud Infrastructure

Designing and operating production workloads across AWS and GCP - compute, networking, storage, DNS, CDN, and cost governance.

  • AWS (EC2, S3, CloudFront, Route53, RDS, IAM, ASG)
  • GCP (Compute Engine, IAP, VPC Firewalls, Cloud Billing)
  • Linux fleet administration - 140+ servers (RHEL 8/9/10, Ubuntu, CentOS, Rocky 9)
  • Docker & container orchestration (Kubernetes, OpenShift)
  • CloudFormation & Infrastructure as Code
  • DNS / CDN architecture & TLS
  • Disaster recovery & cross-region failover

CI/CD & Release Engineering

Building pipelines developers actually trust - from Git push to production, with branch-aware environments and reliable rollbacks.

  • GitHub Actions (self-hosted runners)
  • Jenkins pipeline design & credential migration
  • Branch-based multi-environment deploys
  • Maven / Java microservice build systems
  • systemd service orchestration

Security & Hardening

SIEM deployment, incident response, and compliance mapping - closing the gap between working and defensible.

  • Wazuh SIEM deployment & agent fleets
  • CVE triage & vulnerability management
  • Incident response (containment to eradication)
  • Firewall / IAM least-privilege design
  • CST CRF compliance assessments

Automation & Performance

Scripting away toil and proving capacity with data - distributed load testing, tuning, and self-healing configuration.

  • Docker image builds & multi-container deployments
  • Bash / Python automation
  • Ansible configuration management
  • Distributed JMeter load testing at scale
  • Gunicorn / PHP-FPM performance tuning
  • OOM & capacity crisis remediation

Projects Archive

Selected infrastructure work

Each project framed the same way I frame the work itself: the problem as it arrived, and the measurable state it left in.

GCPWazuhSIEMSecurity

Wazuh SIEM Platform on GCP

Challenge — A client organization had zero centralized visibility across its workstation and server fleet - CVEs, file integrity, and auth anomalies went unmonitored.

Impact — Deployed a full Wazuh SIEM with fleet-wide agent enrollment, RBAC read-only analyst access, and alerting - CVE triage now runs across every enrolled endpoint.

GCPJMeterBashPerformance

100K-User Distributed Load Testing Rig

Challenge — An OTT streaming platform needed proof it could survive launch-day traffic, far beyond what a single load generator could simulate.

Impact — Scaled to 100K concurrent users via wave-based distributed JMeter on GCP, with automated CSV slicing and self-provisioning startup scripts.

GitHub ActionsGCPJavasystemd

Multi-Repo CI/CD Consolidation

Challenge — Five Java microservice repos each carried duplicated per-environment workflow files - drift, broken auth, and inconsistent deploys were routine.

Impact — Consolidated to a single branch-aware deploy.yml per repo on self-hosted runners - one pipeline pattern now ships dev and stage reliably.

GCPDockerPostgreSQLIR

Cryptominer Incident Response

Challenge — A publicly exposed Postgres port on a fintech dev VM was exploited to run a cryptominer inside a database container.

Impact — Contained, eradicated, and hardened within the same incident window - closed the exposure at the firewall layer and locked down database roles.

AWSJenkinsCloudFormationOpen edX

Open edX Platform Operations at Scale

Challenge — A production e-learning platform suffered pipeline failures from orphaned bot credentials and repeated LMS out-of-memory crashes under load.

Impact — Migrated CI credentials across dev/stage/prod, fixed ASG scaling parameters, and stabilized the LMS with Gunicorn worker-recycling and swap tuning.

AWSS3CloudFrontRoute53

Serverless Static Hosting Pipeline

Challenge — A community organization needed a fast, global website with effectively zero hosting budget and no servers to maintain.

Impact — Shipped an S3 + CloudFront + custom-domain architecture with TLS - pennies per month, cache-invalidated deploys in one command. (This site runs on it too.)

Contact

Let's talk infrastructure

Open to senior DevOps, platform, and SRE roles — and to hard conversations about broken pipelines, cloud bills, and security posture.