Portfolio & Showcase

Hi, I'm Mohammad Abu Mattar

AWS-Certified DevOps Engineer with 7+ years specializing in high-scale cloud automation and fintech infrastructure. Expert in governing multi-account AWS environments, orchestrating production microservices, and implementing Infrastructure as Code with a focus on PCI-DSS compliance, security, and operational excellence.

banner
About Me

About Me

About Me

AWS-Certified Senior DevOps Engineer with proven expertise in managing 15+ AWS accounts and 20+ production microservices in regulated fintech environments. Specialized in implementing GitOps practices, Infrastructure as Code, and achieving 96% security posture through comprehensive compliance controls. Passionate about building robust, secure cloud solutions using Terraform, Docker, Kubernetes, and modern CI/CD practices.

Career

Work Experience

Cloud & DevOps Manager

Motory · Full-timeMar 2026 - PresentAl Hamra, Jeddah · Amman, Jordan

I run the cloud strategy and platform engineering for Motory, a large automotive marketplace. I manage a multi-cloud environment across AWS, Huawei Cloud, and Hetzner, staying about 70% hands-on with the architecture and code. I lead a DevOps team responsible for the reliability, scalability, and security of our production microservices serving 1M+ active users. I also drive our CI/CD practices, cost optimization efforts, and compliance initiatives in a high-availability, multi-region setup.

Contributions & Responsibilities

  • Infrastructure as Code: Moved everything from manual console clicks to 100% Terraform. I set up GitOps using ArgoCD and Helm to keep our deployments consistent and auditable.
  • Modernization: Led the shift from a monolith to microservices for 1M+ users. I wrote a multi-runtime Helm chart that standardized how we handle scaling, probes, and networking across all services.
  • Custom Tooling: Built a custom Kubernetes operator in Go to solve a specific provisioning problem that standard controllers couldn't handle. This operator is fully integrated into our Helm and ArgoCD delivery flow, ensuring seamless deployments and management of our Kubernetes resources.
  • CI/CD & Delivery: Built pipelines using Jenkins and ArgoCD that improved deployment speed by 60%. This includes a private OCI registry and a Kong API gateway. I also implemented multi-arch builds and automated chart publishing to streamline our release process.
  • Reliability & SRE: We hit 99.999% uptime. I automated cross-region disaster recovery between the Middle East and China using Ansible and the Huawei SDK, and I run our observability stack (Prometheus/Grafana/Loki). On-call runbooks and regular DR drills are part of our routine.
  • Cost & Security: Cut infra costs by 20% while tightening security to meet PCI-DSS and SOC2 standards. This involved identity-as-code via Keycloak and hardening our WAF and VPN. We also use KMS/CSMS for secrets management to ensure our sensitive data is protected.
  • Team Leadership: I lead the DevOps team, focusing on the platform roadmap and internal training for our developers on K8s and Docker. I also handle vendor relationships and ensure our cloud strategy aligns with our business goals.

Assistant Manager DevOps Engineer

Jordan Ahli Bank · Full-timeOct 2024 - Feb 2026Amman, Jordan

Serving as Platform Owner for the bank's cloud ecosystem, managing 15+ AWS accounts and 20+ production microservices with a focus on high availability, disaster recovery, and fintech workload optimization in a regulated financial environment. Leading security and compliance efforts with 96% security posture achievement while orchestrating GitOps practices and Infrastructure as Code implementations.

Contributions & Responsibilities

  • Platform Governance & Reliability: Managing 15+ AWS accounts and 20+ production microservices focusing on high availability, disaster recovery, and fintech workload optimization in regulated environments.
  • Infrastructure as Code & GitOps: Standardized cloud deployments using Terraform, implementing GitOps practices with ArgoCD via Atlantis for consistent, repeatable releases. Managed autoscaling and resource optimization for production workloads.
  • Security & Compliance Leadership: Achieved 96% security posture across all AWS accounts implementing IAM Identity Center, AWS Organizations, and strict PCI-DSS compliance controls with CloudTrail, AWS Config, and Security Hub.
  • Automated CI/CD: Orchestrated end-to-end delivery pipelines using AWS CodePipeline and GitHub Actions, streamlining banking workloads from development to production with automated testing and security scanning.
  • Release Engineering: Leading weekly releases and hotfix strategies, ensuring zero-downtime deployments through robust rollback and go/no-go decision frameworks across dev, QA, and production.
  • Production Support & Monitoring: Supporting production microservices through centralized monitoring (Prometheus, Grafana, CloudWatch), incident response workflows, and long-term platform roadmap planning.

DevOps Engineer

cirrusgo (AWS Partner) · Full-timeMar 2023 - Sep 2024Amman, Jordan

cirrusgo is an AWS partner delivering cloud solutions to businesses in the MENA region.

Architected and delivered AWS hybrid and on-premises solutions for 8+ enterprise clients including fintech organizations. Designed end-to-end solution architectures balancing cloud-native AWS services with on-premises infrastructure, achieving 25-40% cost optimization while meeting regulatory requirements.

Contributions & Responsibilities

  • Solution Architecture: Architected AWS hybrid and on-premises solutions for 8+ enterprise clients including fintech organizations. Designed end-to-end architectures (microservices, event-driven, serverless) and optimized cloud costs by 25-40% through right-sizing, reserved instances, and architecture refinements.
  • IaC Foundation & DevOps Standards: Built foundational Infrastructure as Code using Terraform/Terragrunt patterns and established comprehensive DevOps documentation standards. Implemented multi-account, multi-environment infrastructures using AWS Organizations.
  • Container Platforms & Deployment: Managed containerized workloads across AWS container services (ECS, Fargate, EKS) spanning 3 environments (dev, UAT, prod). Deployed production applications using GitOps practices and hardened container images.
  • CI/CD & Automation: Implemented secure CI/CD pipelines using GitHub Actions, AWS CodePipeline/CodeBuild with canary deployments, automated testing, manual approvals, and environment promotion (dev → UAT → prod).
  • Security & Compliance: Ensured security, access control, and compliance across multi-region cloud deployments (Middle East, US East, Europe) and on-premises environments with automated security scanning and monitoring.
Education

Education & Certifications

AWS Certified Developer – Associate

Amazon Web Services (AWS)Issued Feb 2024 · Expires Feb 2027

Validated expertise in developing and maintaining AWS-based applications, including proficiency in core AWS services, application lifecycle management, and deployment best practices.

AWS Certified Cloud Practitioner

Amazon Web Services (AWS)Issued Oct 2023 · Expires Feb 2027

Demonstrated foundational knowledge of AWS Cloud concepts, services, pricing, security, and architecture ideal for technical and non-technical roles.

AWS Academy Graduate - AWS Academy Cloud Foundations

Amazon Web Services (AWS)Issued Nov 2022

Completed a comprehensive introduction to AWS Cloud, covering compute, networking, databases, and storage, aligned with industry-recognized certifications.

Showcase

Projects & Tools

Beyond enterprise cloud architecture and DevOps consulting, I build open-source tools that solve real developer problems. These projects showcase my expertise in automation, developer experience, and creating production-ready solutions with modern technologies.

QuenchWorks — 0-CVE Hardened Images & Helm Charts

A from-scratch, security-first replacement for the Bitnami catalog: container images and Helm charts built entirely from source on Wolfi, hardened under a strict 0-CVE build gate, cryptographically signed, and pinned by digest. Free, independent, and fully self-hostable.

apko melange Wolfi Helm +6

Mathematics - Formula Reference

A clean, searchable web reference for mathematical formulas across algebra, geometry, trigonometry, and calculus. It cuts the clutter most references bury you in, rendering formulas with server-side KaTeX on focused topic pages with no accounts, tracking, or ads.

AstroJS TypeScript Tailwind CSS React +2

NetCalc Pro

NetCalc Pro Cloud Engineering Suite is a comprehensive web application designed to simplify and enhance the process of subnetting, CIDR calculations, and VLSM. It features a Zero Trust, no-backend architecture with a Terminal Brutalist UX, allowing network engineers to seamlessly manage infrastructure, share state via Base64 URLs, and utilize a powerful set of tools without requiring a backend server.

AstroJS TypeScript Tailwind CSS Nanostores
Expertise

My DevOps Expertise

Specialized in enterprise-grade cloud infrastructure, security automation, and regulated environment deployments with proven expertise in multi-account governance and production microservices orchestration.

Cloud & Infrastructure

Expert in AWS (EC2, EKS, ECS, Fargate, S3, RDS, IAM, VPC, Organizations, IAM Identity Center, Lambda, CloudFormation, CloudWatch). Proficient in AWS Well-Architected Framework with focus on security, reliability, and cost optimization. Working knowledge of Azure and OCI.

Containers & Orchestration

Proficient with AWS container services (ECS, Fargate, EKS), Docker containerization, and ArgoCD for GitOps deployments. Expert in multi-environment workload management, scaling configurations, and container optimization for production.

CI/CD & Automation

Extensive experience with GitHub Actions, AWS CodePipeline/CodeBuild, Jenkins, and GitLab CI. Design smart deployment strategies (blue-green, canary), automated testing, security scanning, and multi-environment promotion workflows. Proficient in Python, Bash, PowerShell, JavaScript, and TypeScript.

Security & DevSecOps

Experience aligning infrastructure with PCI-DSS, CIS Benchmark, and NIST frameworks. Implement security automation with Trivy, Vault, IAM least privilege, Secrets Manager, CloudTrail, AWS Config, and Security Hub. Achieved 96% security posture across production environments.

Monitoring & Observability

Proficient with Prometheus, Grafana, CloudWatch, and ELK Stack. Design real-time monitoring dashboards, centralized logging, alerting, and incident response workflows for production microservices.

Databases & Development

Optimize PostgreSQL, MySQL, MongoDB, DynamoDB, and S3 for data management across microservices. Experience with Spring Boot, Node.js, React for full-stack development and fintech applications.

Services

What I Offer

End-to-end DevOps & cloud engineering solutions for modern teams

01 Cloud & DevOps Consulting

Cloud & DevOps Consulting

I architect and deliver enterprise-grade AWS solutions for fintech and regulated environments. Specializing in multi-account governance, hybrid cloud architectures, and achieving 25-40% cost optimization while maintaining security compliance.

  • Multi-account AWS governance with Organizations & IAM Identity Center
  • Infrastructure as Code with Terraform & CloudFormation
  • PCI-DSS compliance and security automation (96% posture achievement)
  • Kubernetes and Docker orchestration for production workloads
  • Cloud cost optimization and architecture refinements
Let’s Talk
02 Custom CI/CD Pipelines

Custom CI/CD Pipelines

I design and implement secure CI/CD pipelines for regulated environments with automated testing, security scanning, and zero-downtime deployment strategies. Expert in orchestrating production releases with robust rollback and go/no-go frameworks.

  • GitOps practices with ArgoCD and automated deployment tools
  • Smart deployment strategies (blue-green, canary) with rollback capabilities
  • Integration with AWS CodePipeline, GitHub Actions & Jenkins
  • Automated security scanning and compliance checks
  • Multi-environment promotion workflows (dev → UAT → prod)
Let’s Talk
03 Infrastructure as Code (IaC)

Infrastructure as Code (IaC)

I build foundational IaC frameworks using Terraform/Terragrunt patterns for multi-account, multi-environment infrastructures. Creating reusable modules, comprehensive DevOps documentation standards, and automation libraries for consistent cloud deployments.

  • Terraform & Terragrunt automation with Atlantis for GitOps
  • Multi-account AWS Organizations architecture
  • Reusable modules and Python/JavaScript automation libraries
  • Automated provisioning with autoscaling configurations
  • Security and compliance automation (PCI-DSS, CIS Benchmark)
Let’s Talk
cta-image

Ready to Scale Your Cloud Infrastructure with Expert DevOps Solutions?

Partner with an AWS-Certified Senior DevOps Engineer who has successfully managed 15+ AWS accounts and 20+ production microservices in regulated fintech environments. I specialize in multi-account governance, Infrastructure as Code, PCI-DSS compliance, and achieving 96% security posture. Whether you need secure CI/CD pipelines, cloud cost optimization (25-40% savings), or zero-downtime deployment strategies, I deliver enterprise-grade solutions that ensure reliability, security, and operational excellence.

Let's Work Together
Latest Resources

Latest Content & Resources

Explore my latest blog posts, cheatsheets, code snippets, DevTips, flashcards, glossary entries, quizzes, and roadmaps. Real-world insights from production environments and battle-tested practices.

QuenchWorks: A Zero-CVE, Built-From-Source Replacement for the Bitnami Catalog

QuenchWorks: A Zero-CVE, Built-From-Source Replacement for the Bitnami Catalog

If you run anything on Kubernetes, there's a good chance you were pulling Bitnami images without even thinking about it. bitnami/postgresql, bitnami/redis, bitnami/nginx, the whole Helm charts l

GitHub Actions Reusable Workflows: Build a Shared CI Library Across All Your Repos

GitHub Actions Reusable Workflows: Build a Shared CI Library Across All Your Repos

Centralizing CI/CD Automation across Repositories Why does the duplication of workflow configurations across multiple git repositories create operational risks for engineering organizations?

Kubernetes Networking Demystified: CNI Plugins, Network Policies, and Pod-to-Pod Communication

Kubernetes Networking Demystified: CNI Plugins, Network Policies, and Pod-to-Pod Communication

If you've spent any time with Kubernetes, you know that networking is often the part that makes people's heads spin. It feels like magic until something breaks, and then you're staring at a maze of vi

Node.js Environment Variable Validation with Zod at Startup

Node.js Environment Variable Validation with Zod at Startup

Most Node.js apps treat process.env like a trusted friend. You reach into it whenever you need a value, assume the key is there, assume it's spelled right, and assume the string is actually the type

AWS EC2 Instance Management with Boto3: Start, Stop, and Query Instances

AWS EC2 Instance Management with Boto3: Start, Stop, and Query Instances

If you've ever spent 20 minutes clicking through the AWS Console just to stop a handful of dev instances, you already know the pain. It's tedious, it doesn't scale, and one wrong click can ruin your a

Redis Caching Patterns: Cache-Aside, Write-Through & Cache Invalidation

Redis Caching Patterns: Cache-Aside, Write-Through & Cache Invalidation

Need to scale your backend without throwing money at servers? Redis caching patterns are your answer. Most databases can handle hundreds of queries per second, but thousands? Your app slows to a

Kubernetes Namespaces: Organize, Isolate, and Secure Multi-Team Clusters

Kubernetes Namespaces: Organize, Isolate, and Secure Multi-Team Clusters

Why Cluster Isolation Matters The Multi-Tenant Reality Hey, want to share a single Kubernetes cluster across multiple teams without all the chaos? If you're running separate clusters for

Helm Charts: Templating & Multi-Environment Kubernetes Deployments

Helm Charts: Templating & Multi-Environment Kubernetes Deployments

Why Helm Matters The Kubernetes Manifest Problem Managing Kubernetes manifests at scale becomes a nightmare. You have a deployment for dev, staging, and production. Each one is 90% ident

Structured Logging & Log Aggregation with ELK Stack

Structured Logging & Log Aggregation with ELK Stack

Why Centralized Logging Matters The Logging Crisis When services fail, where do you look first? With distributed systems, logs scatter across servers, containers, and cloud regions. A si

LPIC-2 Linux Engineer Flashcards

Full exam coverage for the LPIC-2 Linux Engineer certification (Exam 201 & 202) using spaced repetition. Covers kernel, boot, storage, networking, security, DNS, web, email, and more.

AWS Certified Developer Associate Flashcards (DVA-C02)

Full exam coverage for the AWS Certified Developer – Associate (DVA-C02) exam using spaced repetition. Covers Development, Security, Deployment, Troubleshooting, and AWS SDK/CLI/APIs.

Networking Fundamentals

Networking Fundamentals This glossary covers the core networking concepts every developer, DevOps engineer, and system administrator should know, from how data is layered and addressed to how it ge

Linux Server Administration

This glossary covers essential Linux server administration concepts, from system architecture and user management to networking, storage, process management, performance tuning, and security hardening

Containers & Kubernetes

This glossary covers essential terms for working with containers and Kubernetes, from building Docker images to managing workloads, networking, storage, scaling, and security in a Kubernetes cluster.

Rust: Ownership, Borrowing & Memory Safety

Rust: Ownership, Borrowing & Memory Safety

Rust: Ownership, Borrowing & Memory Safety This quiz tests your grip on the parts of Rust that trip up newcomers and pay off later: ownership and moves, borrowing and lifetimes, traits and generics

System Design & Architecture: Scalability & Resilience

System Design & Architecture: Scalability & Resilience

Welcome to the System Design & Architecture quiz! Test your knowledge on scalability, reliability, performance, trade-offs, distributed systems patterns, and architectural decisions for production sys

Testing Strategies: Unit, Integration, E2E

Testing Strategies: Unit, Integration, E2E

Welcome to the comprehensive quiz on testing strategies! This quiz covers unit testing, integration testing, end-to-end testing, mocking, fixtures, code coverage, and more. Test your knowledge and und

Frontend Developer Beginner to Expert

Frontend Developer Beginner to Expert This roadmap walks you from absolute beginner to a strong, hireable frontend engineer. Work through the stages in order: the early ones build the mental model

Release Engineer Beginner to Expert

This roadmap takes you from release engineering principles and version control mastery through to advanced GitOps patterns and multi-account AWS delivery at scale. Each stage builds on the last treat

Site Reliability Engineer Beginner to Expert

This roadmap takes you from the fundamentals of Linux and systems thinking through to advanced observability, chaos engineering, and SRE organisational culture. Each stage builds on the last master re