Portfolio & Showcase

Hi, I'm Mohammad Abu Mattar

AWS-Certified DevOps Engineer with 7+ years specializing in high-scale cloud automation and fintech infrastructure. Expert in governing multi-account AWS environments, orchestrating production microservices, and implementing Infrastructure as Code with a focus on PCI-DSS compliance, security, and operational excellence.

See My Resume
banner
About Me

About Me

About Me

AWS-Certified Senior DevOps Engineer with proven expertise in managing 15+ AWS accounts and 20+ production microservices in regulated fintech environments. Specialized in implementing GitOps practices, Infrastructure as Code, and achieving 96% security posture through comprehensive compliance controls. Passionate about building robust, secure cloud solutions using Terraform, Docker, Kubernetes, and modern CI/CD practices.

Career

Work Experience

Cloud & DevOps Manager

Motory · Full-timeMar 2025 - PresentAl Hamra, Jeddah · Amman, Jordan

I run the cloud strategy and platform engineering for Motory, a large automotive marketplace. I manage a multi-cloud environment across AWS, Huawei Cloud, and Hetzner, staying about 70% hands-on with the architecture and code. I lead a DevOps team responsible for the reliability, scalability, and security of our production microservices serving 1M+ active users. I also drive our CI/CD practices, cost optimization efforts, and compliance initiatives in a high-availability, multi-region setup.

Contributions & Responsibilities

  • Infrastructure as Code: Moved everything from manual console clicks to 100% Terraform. I set up GitOps using ArgoCD and Helm to keep our deployments consistent and auditable.
  • Modernization: Led the shift from a monolith to microservices for 1M+ users. I wrote a multi-runtime Helm chart that standardized how we handle scaling, probes, and networking across all services.
  • Custom Tooling: Built a custom Kubernetes operator in Go to solve a specific provisioning problem that standard controllers couldn't handle. This operator is fully integrated into our Helm and ArgoCD delivery flow, ensuring seamless deployments and management of our Kubernetes resources.
  • CI/CD & Delivery: Built pipelines using Jenkins and ArgoCD that improved deployment speed by 60%. This includes a private OCI registry and a Kong API gateway. I also implemented multi-arch builds and automated chart publishing to streamline our release process.
  • Reliability & SRE: We hit 99.999% uptime. I automated cross-region disaster recovery between the Middle East and China using Ansible and the Huawei SDK, and I run our observability stack (Prometheus/Grafana/Loki). On-call runbooks and regular DR drills are part of our routine.
  • Cost & Security: Cut infra costs by 20% while tightening security to meet PCI-DSS and SOC2 standards. This involved identity-as-code via Keycloak and hardening our WAF and VPN. We also use KMS/CSMS for secrets management to ensure our sensitive data is protected.
  • Team Leadership: I lead the DevOps team, focusing on the platform roadmap and internal training for our developers on K8s and Docker. I also handle vendor relationships and ensure our cloud strategy aligns with our business goals.

Assistant Manager DevOps Engineer

Jordan Ahli Bank · Full-timeOct 2024 - Feb 2025Amman, Jordan

Serving as Platform Owner for the bank's cloud ecosystem, managing 15+ AWS accounts and 20+ production microservices with a focus on high availability, disaster recovery, and fintech workload optimization in a regulated financial environment. Leading security and compliance efforts with 96% security posture achievement while orchestrating GitOps practices and Infrastructure as Code implementations.

Contributions & Responsibilities

  • Platform Governance & Reliability: Managing 15+ AWS accounts and 20+ production microservices focusing on high availability, disaster recovery, and fintech workload optimization in regulated environments.
  • Infrastructure as Code & GitOps: Standardized cloud deployments using Terraform, implementing GitOps practices with ArgoCD via Atlantis for consistent, repeatable releases. Managed autoscaling and resource optimization for production workloads.
  • Security & Compliance Leadership: Achieved 96% security posture across all AWS accounts implementing IAM Identity Center, AWS Organizations, and strict PCI-DSS compliance controls with CloudTrail, AWS Config, and Security Hub.
  • Automated CI/CD: Orchestrated end-to-end delivery pipelines using AWS CodePipeline and GitHub Actions, streamlining banking workloads from development to production with automated testing and security scanning.
  • Release Engineering: Leading weekly releases and hotfix strategies, ensuring zero-downtime deployments through robust rollback and go/no-go decision frameworks across dev, QA, and production.
  • Production Support & Monitoring: Supporting production microservices through centralized monitoring (Prometheus, Grafana, CloudWatch), incident response workflows, and long-term platform roadmap planning.

DevOps Engineer

cirrusgo (AWS Partner) · Full-timeMar 2023 - Sep 2024Amman, Jordan

cirrusgo is an AWS partner delivering cloud solutions to businesses in the MENA region.

Architected and delivered AWS hybrid and on-premises solutions for 8+ enterprise clients including fintech organizations. Designed end-to-end solution architectures balancing cloud-native AWS services with on-premises infrastructure, achieving 25-40% cost optimization while meeting regulatory requirements.

Contributions & Responsibilities

  • Solution Architecture: Architected AWS hybrid and on-premises solutions for 8+ enterprise clients including fintech organizations. Designed end-to-end architectures (microservices, event-driven, serverless) and optimized cloud costs by 25-40% through right-sizing, reserved instances, and architecture refinements.
  • IaC Foundation & DevOps Standards: Built foundational Infrastructure as Code using Terraform/Terragrunt patterns and established comprehensive DevOps documentation standards. Implemented multi-account, multi-environment infrastructures using AWS Organizations.
  • Container Platforms & Deployment: Managed containerized workloads across AWS container services (ECS, Fargate, EKS) spanning 3 environments (dev, UAT, prod). Deployed production applications using GitOps practices and hardened container images.
  • CI/CD & Automation: Implemented secure CI/CD pipelines using GitHub Actions, AWS CodePipeline/CodeBuild with canary deployments, automated testing, manual approvals, and environment promotion (dev → UAT → prod).
  • Security & Compliance: Ensured security, access control, and compliance across multi-region cloud deployments (Middle East, US East, Europe) and on-premises environments with automated security scanning and monitoring.
View Full Career
Education

Education & Certifications

AWS Certified Developer – Associate

Amazon Web Services (AWS)Issued Feb 2024 · Expires Feb 2027

Validated expertise in developing and maintaining AWS-based applications, including proficiency in core AWS services, application lifecycle management, and deployment best practices.

AWS Certified Cloud Practitioner

Amazon Web Services (AWS)Issued Oct 2023 · Expires Feb 2027

Demonstrated foundational knowledge of AWS Cloud concepts, services, pricing, security, and architecture ideal for technical and non-technical roles.

AWS Academy Graduate - AWS Academy Cloud Foundations

Amazon Web Services (AWS)Issued Nov 2022

Completed a comprehensive introduction to AWS Cloud, covering compute, networking, databases, and storage, aligned with industry-recognized certifications.

View All Credentials
Showcase

Projects & Tools

Beyond enterprise cloud architecture and DevOps consulting, I build open-source tools that solve real developer problems. These projects showcase my expertise in automation, developer experience, and creating production-ready solutions with modern technologies.

NetCalc Pro

NetCalc Pro Cloud Engineering Suite is a comprehensive web application designed to simplify and enhance the process of subnetting, CIDR calculations, and VLSM. It features a Zero Trust, no-backend architecture with a Terminal Brutalist UX, allowing network engineers to seamlessly manage infrastructure, share state via Base64 URLs, and utilize a powerful set of tools without requiring a backend server.

AstroJS TypeScript Tailwind CSS Nanostores

Rawi - AI CLI Documentation Tool

An intelligent CLI tool that generates comprehensive documentation for command-line applications using AI. Rawi analyzes your CLI commands and creates detailed, structured documentation automatically.

TypeScript Node.js AI/ML CLI +1

AWS Icons - SVG Icon Library

A comprehensive, free SVG icon library of all AWS services. Constantly updated with new services and available via CDN or NPM for seamless integration. Perfect for any web project needing AWS service icons.

SVG CDN NPM Web
View All Projects
Expertise

My DevOps Expertise

Specialized in enterprise-grade cloud infrastructure, security automation, and regulated environment deployments with proven expertise in multi-account governance and production microservices orchestration.

Cloud & Infrastructure

Expert in AWS (EC2, EKS, ECS, Fargate, S3, RDS, IAM, VPC, Organizations, IAM Identity Center, Lambda, CloudFormation, CloudWatch). Proficient in AWS Well-Architected Framework with focus on security, reliability, and cost optimization. Working knowledge of Azure and OCI.

Containers & Orchestration

Proficient with AWS container services (ECS, Fargate, EKS), Docker containerization, and ArgoCD for GitOps deployments. Expert in multi-environment workload management, scaling configurations, and container optimization for production.

CI/CD & Automation

Extensive experience with GitHub Actions, AWS CodePipeline/CodeBuild, Jenkins, and GitLab CI. Design smart deployment strategies (blue-green, canary), automated testing, security scanning, and multi-environment promotion workflows. Proficient in Python, Bash, PowerShell, JavaScript, and TypeScript.

Security & DevSecOps

Experience aligning infrastructure with PCI-DSS, CIS Benchmark, and NIST frameworks. Implement security automation with Trivy, Vault, IAM least privilege, Secrets Manager, CloudTrail, AWS Config, and Security Hub. Achieved 96% security posture across production environments.

Monitoring & Observability

Proficient with Prometheus, Grafana, CloudWatch, and ELK Stack. Design real-time monitoring dashboards, centralized logging, alerting, and incident response workflows for production microservices.

Databases & Development

Optimize PostgreSQL, MySQL, MongoDB, DynamoDB, and S3 for data management across microservices. Experience with Spring Boot, Node.js, React for full-stack development and fintech applications.

Services

What I Offer

End-to-end DevOps & cloud engineering solutions for modern teams

01 Cloud & DevOps Consulting

Cloud & DevOps Consulting

I architect and deliver enterprise-grade AWS solutions for fintech and regulated environments. Specializing in multi-account governance, hybrid cloud architectures, and achieving 25-40% cost optimization while maintaining security compliance.

  • Multi-account AWS governance with Organizations & IAM Identity Center
  • Infrastructure as Code with Terraform & CloudFormation
  • PCI-DSS compliance and security automation (96% posture achievement)
  • Kubernetes and Docker orchestration for production workloads
  • Cloud cost optimization and architecture refinements
Let’s Talk
02 Custom CI/CD Pipelines

Custom CI/CD Pipelines

I design and implement secure CI/CD pipelines for regulated environments with automated testing, security scanning, and zero-downtime deployment strategies. Expert in orchestrating production releases with robust rollback and go/no-go frameworks.

  • GitOps practices with ArgoCD and automated deployment tools
  • Smart deployment strategies (blue-green, canary) with rollback capabilities
  • Integration with AWS CodePipeline, GitHub Actions & Jenkins
  • Automated security scanning and compliance checks
  • Multi-environment promotion workflows (dev → UAT → prod)
Let’s Talk
03 Infrastructure as Code (IaC)

Infrastructure as Code (IaC)

I build foundational IaC frameworks using Terraform/Terragrunt patterns for multi-account, multi-environment infrastructures. Creating reusable modules, comprehensive DevOps documentation standards, and automation libraries for consistent cloud deployments.

  • Terraform & Terragrunt automation with Atlantis for GitOps
  • Multi-account AWS Organizations architecture
  • Reusable modules and Python/JavaScript automation libraries
  • Automated provisioning with autoscaling configurations
  • Security and compliance automation (PCI-DSS, CIS Benchmark)
Let’s Talk
cta-image

Ready to Scale Your Cloud Infrastructure with Expert DevOps Solutions?

Partner with an AWS-Certified Senior DevOps Engineer who has successfully managed 15+ AWS accounts and 20+ production microservices in regulated fintech environments. I specialize in multi-account governance, Infrastructure as Code, PCI-DSS compliance, and achieving 96% security posture. Whether you need secure CI/CD pipelines, cloud cost optimization (25-40% savings), or zero-downtime deployment strategies, I deliver enterprise-grade solutions that ensure reliability, security, and operational excellence.

Let's Work Together
Latest Resources

Latest Content & Resources

Explore my latest blog posts, cheatsheets, code snippets, DevTips, flashcards, glossary entries, quizzes, and roadmaps. Real-world insights from production environments and battle-tested practices.

Latest Blog Posts

103
View All
Kubernetes Networking Demystified: CNI Plugins, Network Policies, and Pod-to-Pod Communication

Kubernetes Networking Demystified: CNI Plugins, Network Policies, and Pod-to-Pod Communication

If you've spent any time with Kubernetes, you know that networking is often the part that makes people's heads spin. It feels like magic until something breaks, and then you're staring at a maze of vi

#CNI #Calico #Cilium +7 tags
read more
Service Mesh Deep Dive: Istio vs. Linkerd

Service Mesh Deep Dive: Istio vs. Linkerd

So, you're diving into the world of cloud-native stuff, huh? Managing all those microservices can get pretty tricky. As you break your apps into smaller, independent pieces, making sure they talk

#Istio #Linkerd #Service Mesh +7 tags
read more
GitOps vs. Traditional IaC for Kubernetes: A Comparative Analysis

GitOps vs. Traditional IaC for Kubernetes: A Comparative Analysis

If you're managing modern cloud-native applications, especially with Kubernetes, you know it can be a real puzzle. Getting containers to work together, handling all those configurations, and scaling t

#GitOps #Infrastructure as Code #IaC +9 tags
read more

Quick Reference Cheatsheets

36
View All
Terraform Cheatsheet Infrastructure as Code
Docker Swarm DevOps & Tools
Chef DevOps & Tools
Docker Compose DevOps & Tools
Dockerfile DevOps & Tools
PostgreSQL Database

Code Snippets & Examples

13
View All
AWS EC2 Instance Management with Boto3: Start, Stop, and Query Instances

AWS EC2 Instance Management with Boto3: Start, Stop, and Query Instances

If you've ever spent 20 minutes clicking through the AWS Console just to stop a handful of dev instances, you already know the pain. It's tedious, it doesn't scale, and one wrong click can ruin your a

#AWS #EC2 #Boto3 +6 tags
Python
View Code
Redis Caching Patterns: Cache-Aside, Write-Through & Cache Invalidation

Redis Caching Patterns: Cache-Aside, Write-Through & Cache Invalidation

Need to scale your backend without throwing money at servers? Redis caching patterns are your answer. Most databases can handle hundreds of queries per second, but thousands? Your app slows to a

#Redis #Caching #Performance +6 tags
Python, Node.js and Go
View Code
PostgreSQL Query Optimization: Indexes, EXPLAIN ANALYZE & Execution Plans

PostgreSQL Query Optimization: Indexes, EXPLAIN ANALYZE & Execution Plans

Need to optimize slow PostgreSQL queries? Here's how with EXPLAIN ANALYZE and strategic indexing. Slow database queries kill application performance. But most developers don't know where the actu

#PostgreSQL #QueryOptimization #Indexes +4 tags
SQL and Python
View Code

DevTips & Tricks

13
View All
Helm Charts: Templating & Multi-Environment Kubernetes Deployments

Helm Charts: Templating & Multi-Environment Kubernetes Deployments

Why Helm Matters The Kubernetes Manifest Problem Managing Kubernetes manifests at scale becomes a nightmare. You have a deployment for dev, staging, and production. Each one is 90% ident

#Helm #Kubernetes #Deployment +4 tags
Read More
Structured Logging & Log Aggregation with ELK Stack

Structured Logging & Log Aggregation with ELK Stack

Why Centralized Logging Matters The Logging Crisis When services fail, where do you look first? With distributed systems, logs scatter across servers, containers, and cloud regions. A si

#Logging #ELK Stack #Elasticsearch +4 tags
Read More
Container Image Vulnerability Scanning in CI/CD with Trivy

Container Image Vulnerability Scanning in CI/CD with Trivy

Why Container Security Matters The Vulnerability Problem Container images are a critical attack surface in modern deployments. Every time you build a container image, it includes the bas

#Container Security #Vulnerability Scanning #Trivy +4 tags
Read More

Flashcards & Decks

7
View All

LPIC-2 Linux Engineer Flashcards

Full exam coverage for the LPIC-2 Linux Engineer certification (Exam 201 & 202) using spaced repetition. Covers kernel, boot, storage, networking, security, DNS, web, email, and more.

#Lpic 2 #Linux #Engineer +1 tags
View Deck

AWS Certified Developer Associate Flashcards (DVA-C02)

Full exam coverage for the AWS Certified Developer – Associate (DVA-C02) exam using spaced repetition. Covers Development, Security, Deployment, Troubleshooting, and AWS SDK/CLI/APIs.

#Aws #Developer #Dva c02 +1 tags
View Deck

Red Hat System Administration I Flashcards (RH124)

Full course coverage for Red Hat System Administration I (RH124-9.0) using spaced repetition. Covers CLI, files, users, processes, networking, storage, DNF, systemd, logging, and shell scripting.

#Rhel #Rh124 #Linux +2 tags
View Deck

Glossary & Terms

3
View All

Linux Server Administration

This glossary covers essential Linux server administration concepts, from system architecture and user management to networking, storage, process management, performance tuning, and security hardening

#Linux #Server #Administration +1 tags
View Glossary

Containers & Kubernetes

This glossary covers essential terms for working with containers and Kubernetes, from building Docker images to managing workloads, networking, storage, scaling, and security in a Kubernetes cluster.

#Containers #Docker #Kubernetes +1 tags
View Glossary

DevOps Basics

This glossary covers foundational terms used in DevOps and cloud engineering, spanning containerization, orchestration, infrastructure as code, CI/CD pipelines, observability, and deployment strategie

#Basics #Ci cd #Kubernetes +2 tags
View Glossary

Interactive Quizzes & Assessments

59
View All
System Design & Architecture: Scalability & Resilience

System Design & Architecture: Scalability & Resilience

Welcome to the System Design & Architecture quiz! Test your knowledge on scalability, reliability, performance, trade-offs, distributed systems patterns, and architectural decisions for production sys

#Architecture #System Design #Scalability
Take Quiz
Testing Strategies: Unit, Integration, E2E

Testing Strategies: Unit, Integration, E2E

Welcome to the comprehensive quiz on testing strategies! This quiz covers unit testing, integration testing, end-to-end testing, mocking, fixtures, code coverage, and more. Test your knowledge and und

#Testing #Quality #DevOps
Take Quiz
TypeScript Advanced: Types, Generics, Utility Types

TypeScript Advanced: Types, Generics, Utility Types

Welcome to the TypeScript Advanced Quiz! Test your knowledge on advanced types, generics, utility types, and more. Each question has a hint and explanations for all options. Good luck!

#TypeScript #Types #Advanced
Take Quiz

Roadmaps & Learning Paths

5
View All

Release Engineer Beginner to Expert

This roadmap takes you from release engineering principles and version control mastery through to advanced GitOps patterns and multi-account AWS delivery at scale. Each stage builds on the last treat

#Aws #Ci cd #Terraform +4 tags
View Roadmap

Site Reliability Engineer Beginner to Expert

This roadmap takes you from the fundamentals of Linux and systems thinking through to advanced observability, chaos engineering, and SRE organisational culture. Each stage builds on the last master re

#Sre #Aws #Observability +3 tags
View Roadmap

Solutions Architect Beginner to Expert

This roadmap guides you from cloud fundamentals through to professional-level AWS solutions architecture. Each stage builds on the last master the foundations before tackling advanced networking, secu

#Aws #Solutions architect #Cloud +3 tags
View Roadmap