Joseph Ali
Dallas,TX
Work Preference
Summary
Joseph Ali is a Sr. DevOps Engineer with eight (8) years of experience designing, automating, and managing scalable, secure cloud infrastructure with a major focus on AWS. He has proven expertise in Infrastructure as Code (Terraform and CloudFormation), container orchestration (Kubernetes and Docker), and CI/CD automation (Jenkins, GitHub Actions, and CodePipeline). In addition, he is skilled in implementing DevSecOps practices, optimizing pipelines, and integrating monitoring and observability tools to enhance reliability and compliance.
Overview
8
8
years of professional experience
5
5
Certification
Work History
Senior DevOps Engineer
CAPCO
11.2024 - 10.2025
- Spearheaded transition to Zero Trust architecture within AWS infrastructure by refining IAM roles, implementing RBAC for EKS, and defining NACLs/Security Groups through Terraform modules
- Architected secure and scalable infrastructure-as-code using Terraform for high-sensitivity banking systems, reducing provisioning errors by 45%
- Modernized architecture from monolith to containerized microservices using ECS and EKS, improving security posture with namespace-level policies and runtime monitoring
- Designed and maintained reusable Helm charts for microservice deployments across multiple Kubernetes environments (SIT, Stage, and Prod)
- Parameterized Helm values files for environment-specific configurations (replica count, resource limits, ingress rules, and image tags)
- Designed and implemented GitOps-based deployment pipelines using Argo CD, improving release consistency and reducing deployment time by 60 percent
- Integrated Argo CD with Terraform and Kubernetes for end-to-end automated infrastructure and application delivery across multiple environments
- Managed multi-cluster Argo CD deployments with role-based access control and environment-specific configuration management
- Deployed hardened Kubernetes clusters using CIS benchmarks and Aqua Security, and integrated with central logging systems for audit compliance
- Implemented centralized secret management using AWS Secrets Manager for database credentials and API keys
- Automated secret injection into Kubernetes workloads using IRSA (IAM Roles for Service Accounts)
- Implemented security observability with Prometheus, ELK Stack, and AWS Security Hub, enabling real-time threat insights and reducing MTTD (mean time to detect) by 40%
- Built encrypted serverless workflows (AWS SAM, Python) with strict IAM scoping and integrated VPC endpoints, reducing data exposure vectors
- Defined and enforced cloud governance policies via AWS Config rules, Service Control Policies (SCPs), and tagging strategies to meet internal audit compliance
- Conducted internal architecture reviews and participated in decision-making for AWS well-architected framework compliance
- Client: Comerica Bank
Platform Engineer/DevOps Engineer
DesaTech Consulting
05.2021 - 10.2024
- Architected cloud-native solutions on AWS using Terraform, Kubernetes, and Go, supporting scalable learning applications for over 30,000 students with built-in high availability, observability, and access controls
- Designed a secure-by-default CI/CD pipeline (Jenkins, Octopus Deploy, Terraform, Ansible), integrating container scanning, secrets management (AWS Secrets Manager), and IaC scanning, reducing release-related vulnerabilities by 55%
- Managed AWS multi-account architecture using IAM roles and cross-account access policies
- Designed account segmentation strategy (Dev, Stage, Prod, Sandbox) following AWS best practices
- Led GitOps implementation for infrastructure and app deployment, improving auditability and rollback reliability
- Built custom CI/CD tooling in Go to orchestrate microservices deployment, cutting build times by 40% and adding resilience via health checks and circuit breakers
- Integrated DevSecOps practices across all delivery pipelines, incorporating tools like KICS, Trivy, and Checkov, and enforcing policy-as-code using OPA and Sentinel
- Conducted threat modelling sessions and security architecture reviews for high-traffic services, directly reducing risk exposure
- Designed production-grade Dockerfiles optimized for minimal image size and faster build times
- Implemented multi-stage Docker builds to reduce runtime attack surface
- Led a hybrid AI/ML architecture deployment using SageMaker, Bedrock, Lambda, and AWS Glue for predictive maintenance, improving inference throughput by 60%
- Managed Kubernetes clusters using Rancher for centralized cluster operations
- Configured RBAC policies and project-level access controls within Rancher
- Designed and deployed an Internal Developer Platform (IDP) using Port, enabling the successful migration of 50+ teams from legacy CI/CD pipelines. This led to a 40% increase in developer velocity and a 60% reduction in DevOps-related incidents
- Mentored junior engineers and participated in the security champions guild to standardize secure development practices across teams
- Client: Amazon
Intern
Texas A&M University
08.2020 - 04.2021
- Assisted with the deployment of AWS infrastructure and applications, including setting up virtual servers and storage solutions
- Collaborated with the development team to troubleshoot and resolve cloud-related issues
DevOps/Backend Engineer
DesaTech Consulting
03.2018 - 05.2020
- Deployed various AWS services with Infrastructure as Code (IaC) and wrote cloud automation scripts and code with tools such as Ansible, Terraform, and AWS CloudFormation
- Managed the deployment and scaling of Docker containers using Kubernetes as an orchestration tool
- Enhanced cloud security infrastructure for our customers, achieving a 30% decrease in security incidents and elevating compliance with industry standards by 25%
- Deep understanding of Agile processes (planning/stand-ups/retros) and interaction with cross-functional teams in Development, Infrastructure, Security, Performance Engineering, and QA
- Led comprehensive security assessments and vulnerability scans, meticulously pinpointing and mitigating critical vulnerabilities within the cloud architecture, leading to a 40% reduction in potential security threats
- Partnered closely with development teams to embed robust, secure coding practices, resulting in a 50% reduction in security vulnerabilities within code, fortifying our cloud infrastructure against current and emerging threats
- Client: Wesco
Education
Master of Science - Systems Design
Texas A&M
04.2021
Bachelor - Computer Science
Federal University of Technology, Bauchi
Skills
- AWS
- Azure
- GCP
- Terraform
- CloudFormation
- CDK
- Python
- Bash
- Kubernetes
- Docker
- Helm
- GitHub Actions
- Jenkins
- GitLab CI
- ArgoCD
- Octopus Deploy
- CircleCI
- Prometheus
- ELK Stack
- Splunk
- AppDynamics
- IAM governance
- Encryption
- ZeroTrust
- FedRAMP-aligned controls
- OSI model
- VPC design
- Load balancing
- DNS
- Go
- SageMaker
- Port
- Rancher
- Aqua Security
- CIS Benchmarks
- KICS
- Trivy
- Checkov
- OPA
- Sentinel
- AWS Secrets Manager
- IRSA (IAM Roles for Service Accounts)
- S3
Websites
Certification
- Certified Cloud Practitioner, Amazon Web Services (AWS)
- Certified Solutions Architect - Associate, Amazon Web Services (AWS)
- Certified Developer - Professional, Amazon Web Services (AWS)
- Certified Security Speciality, Amazon Web Services (AWS)
- Certified Solutions Architect - Professional (In Progress), Amazon Web Services (AWS)
- Professional DevOps Engineer (GCP Certified), Google Cloud
- Certified Kubernetes Administrator, Certified Kubernetes Administrator (CKA)
- Security+ CE Certification, CompTIA
- Certified: Azure Fundamentals, Microsoft
- Certified: Terraform Associate, HashiCorp
Timeline
Senior DevOps Engineer
CAPCO
11.2024 - 10.2025
Platform Engineer/DevOps Engineer
DesaTech Consulting
05.2021 - 10.2024
Intern
Texas A&M University
08.2020 - 04.2021
DevOps/Backend Engineer
DesaTech Consulting
03.2018 - 05.2020
Master of Science - Systems Design
Texas A&M
Bachelor - Computer Science
Federal University of Technology, Bauchi