DevOps & Cloud Engineer

Skander Ben Abdallah

AWS · Terraform · Docker · CI/CD · Linux

I build cloud infrastructure that is secure, cost-efficient, and resilient by design. Background in networking and Linux system administration. Currently focused on Kubernetes, GitOps, cloud security hardening, and infrastructure observability.

Available for opportunities
View Projects LinkedIn GitHub
3+ Years in IT
K8s GitOps
AWS EC2 · RDS · ALB · ASG
IaC Everything as Code
Scroll
01

Skills

Cloud Infrastructure
AWS EC2 VPC RDS ALB IAM Secrets Manager Auto Scaling CloudWatch ECR S3
{ }
Infrastructure as Code
Terraform Ansible HCL YAML Launch Templates Modules
Kubernetes & GitOps
k3s ArgoCD Helm Kustomize Namespaces Ingress ConfigMaps
CI/CD & Containers
GitHub Actions Docker Docker Compose ECR Docker Hub Jenkins
🔒
Security & FinOps
Least Privilege IAM Security Groups SSH Hardening UFW / Fail2ban Cost Tagging Cost Explorer
Observability
Prometheus Grafana Loki CloudWatch Node Exporter Alertmanager
Networking & Systems
Linux VPN DNS DHCP Active Directory Routing Firewalls
</>
Languages & APIs
Python Bash TypeScript FastAPI PostgreSQL REST API
What I focus on
$
FinOps
Every infrastructure decision has a cost reason. Right-sized instances, scale-in policies, no idle capacity.
#
Security by design
No secrets in code. Least-privilege IAM. Private subnets. Locked-down security groups.
~
Self-healing infra
Two layers: Docker restarts the container, ASG replaces the instance. Zero manual intervention.
>
Automation first
Nothing configured twice. IaC from day one, CI/CD pipelines, Ansible roles, reproducible environments.
02

Projects

001
AWS · Terraform · DevOps · FinOps
CloudCost — Cost-Optimized Multi-Tier Infrastructure

Production-grade task manager on AWS built to demonstrate cost-aware infrastructure from day one. Auto Scaling Group with scale-out at 70% CPU and scale-in at 30%. Two-layer self-healing: Docker restarts crashed containers in seconds, ASG replaces failed instances in minutes. RDS password lives only in Secrets Manager, fetched at boot via IAM role scoped to that single secret ARN. Full network isolation, GitHub Actions CI/CD, CloudWatch alarms wired to scaling policies.

AWS Terraform Docker GitHub Actions CloudWatch Secrets Manager Auto Scaling Python Flask pytest ECR
View on GitHub → LinkedIn →
002
Kubernetes · GitOps · ArgoCD · Observability
k8s-gitops-platform — GitOps Delivery on Kubernetes

End-to-end GitOps platform running on a local k3s cluster. Declarative multi-environment deployments via ArgoCD with app-of-apps pattern. Helm-packaged services with per-environment value overrides. GitHub Actions CI pipeline builds, tags, and pushes images; ArgoCD handles the rest automatically. Prometheus and Grafana observability stack deployed as a Helm release with custom dashboards. Zero cloud cost.

k3s ArgoCD Helm Kustomize GitHub Actions Prometheus Grafana Loki Docker
View on GitHub → LinkedIn →
Linked Repos
003
FastAPI · Docker · Traefik · Observability
Homelab — App & Observability Stack

Calculator app used as a vehicle for a full production-grade DevOps stack. FastAPI backend, nginx frontend, PostgreSQL — all containerized. Traefik handles TLS termination with automatic Let's Encrypt certs. Prometheus, Loki, Promtail, and Grafana give full metrics and log visibility. Live at homelab.skander.cc and grafana.skander.cc.

FastAPI Docker Compose Traefik nginx Prometheus Grafana Loki PostgreSQL
View on GitHub →
linked
Linked Repos
004
Terraform · Ansible · AWS · Cloudflare
Homelab Infra — Cloud Provisioning & CI/CD

One ./deploy.sh provisions the full AWS stack and leaves it ready to receive deploys. Terraform creates EC2, ECR registries, IAM role, security group, and Cloudflare DNS. Ansible configures Docker, ECR auth, and environment secrets. GitHub Actions builds only changed images, pushes to ECR, and deploys to EC2 via SSH.

Terraform Ansible AWS EC2 ECR GitHub Actions IAM Cloudflare DNS
View on GitHub →
005
Full-Stack · AI · FastAPI · Next.js
ReadyToApply — AI CV Tailoring Tool

Full-stack web app that takes a LinkedIn PDF and job description and outputs a tailored, ATS-clean Word document in under 15 seconds. 4-step AI pipeline via Groq. Stateless by design — no database, no stored data. Rate limiting per IP, bot guard, CORS restricted to production origins. GitHub Actions CI/CD deploys backend to Render and frontend to Vercel on every merge. Live at readytoapply.work.

Next.js FastAPI Python GitHub Actions Vercel Render Groq API
View on GitHub → Live site →
006
EdTech · CTO · Cloud · Team Lead
Prof'ET — CTO & Cloud Engineer

Led all technical operations at a Tunisian EdTech startup as CTO and Cloud Engineer. Managed cloud infrastructure on AWS, built and maintained CI/CD pipelines, integrated payment systems, and automated back-office operations. Led a small engineering team, set architecture decisions, and kept the platform running in production. End-to-end ownership from infra to delivery.

AWS CI/CD Docker Automation Payments Team Lead EdTech
007
Linux · Ansible · Networking · Security
Linux Production Infrastructure

4-server Linux environment built from a single golden image template. All configuration managed through Ansible playbooks and roles — nothing configured manually twice. System hardening across all servers: SSH key-only auth, UFW firewall rules, Fail2ban. 3-tier application stack where each tier only accepts connections from the previous tier. Node exporter on all servers for centralized metrics collection via Prometheus and Grafana.

Linux Mint 22 Ansible VirtualBox Prometheus Grafana UFW Fail2ban Nginx PostgreSQL
View on GitHub → LinkedIn →
03

Experience

Aug 2025 — Jan 2026 Remote · Contract
DuraClim
DevOps Engineer · Quebec, Canada
  • Architected and deployed infrastructure automation pipelines using Bash, Python, and n8n, reducing manual provisioning time and establishing repeatable deployment patterns across Linux server environments
  • Containerized internal tooling and automation workflows using Docker, enabling consistent execution across development and production environments and eliminating environment-specific failures
  • Managed cloud and on-premise infrastructure configuration through scripted provisioning, moving the team toward a reproducible, version-controlled infrastructure model
  • Built monitoring and alerting scripts targeting server health, network connectivity, and application availability, feeding structured logs into centralized dashboards for proactive incident detection
  • Automated CI-adjacent workflows integrating version control hooks, deployment triggers, and API-based notifications, shortening the feedback loop between code changes and running environments
May 2023 — Aug 2025 On-site
Consup ON
System Network Administrator N2 · La Marsa, Tunisia
  • L2 technical support on Windows Server environments: incident management, VPN/DNS/DHCP configuration, Active Directory administration
  • Worked with the Kony mobile application platform, supporting deployments, configurations, and integrations within the enterprise environment
  • Technical point of contact for French-speaking clients and partners in a B2B international context
  • Documented procedures and configurations to improve team knowledge sharing and reduce resolution time
Mar 2023 — May 2023 Internship
Wifirst
Network Administrator Intern · Paris, France
  • Supported network configuration including VPN, DNS, and routing in a French telecom environment
  • Wrote technical documentation and incident resolution procedures
Jun 2022 — Aug 2022 Internship
ArabSoft
Software Engineer Intern · Tunis, Tunisia
  • Assisted in development of software applications using Java and JavaScript across backend and frontend
  • Worked with Docker to containerize applications for consistent development environments
  • Gained hands-on exposure to AWS for basic cloud deployment and services
  • Collaborated using Git and agile practices in a team environment
04

Contact

Let's build
something right

Open to DevOps, cloud infrastructure, and SRE roles. Available for full-time opportunities and freelance projects worldwide.

@
Email [email protected]
in
LinkedIn linkedin.com/in/skanderbena5
GH
GitHub github.com/Skanderba8
Tel
Phone +216 58 777 770

Currently available for

Full-time DevOps / Cloud Engineer roles
SRE positions
Infrastructure consulting
Freelance automation projects
Remote worldwide