Hi, I'm Abdelilah đź‘‹
DevOps / DevSecOps Engineer
AE

About

. Intern Research Engineer at INRIA Rennes. . Passionate about building and deploying scalable, secure systems. . Always exploring new ways to make systems smarter, more efficient, and resilient. . Currently seeking opportunities to Contribute, Learn, and Grow.

Work Experience

I

INRIA

April 2026 - Present
Research Engineer - DevSecOps | Rennes, France (On-site)
Automated the detection of security and privacy inconsistencies between REST APIs and OpenAPI specifications within CI/CD pipelines to prevent gaps before deployment. Blocked deployments automatically upon detecting unauthorized exposure of personal data to enforce strict GDPR compliance. Secured, administered, and optimized DevSecOps pipelines to automate security controls and ensure reliable production deployments.
T

TronivaSolutions

August 2024 - September 2025
Consultant IT | Remote (Part-time)
Designed tailored e-commerce websites and optimized client infrastructures to reduce hosting costs by 15–20% while aligning solutions closely with business needs. Enhanced production environments by deploying Prometheus and Grafana monitoring stacks for proactive anomaly detection, while simultaneously applying DevSecOps best practices and conducting rigorous vulnerability assessments to secure web applications prior to deployment.
D

Digital Daba

April 2024 - June 2024
DevOps Intern | Agadir, Morocco (Hybrid)
Designed and efficiently managed CI/CD pipelines using Jenkins to automate software delivery processes. Orchestrated and deployed applications with Docker and Kubernetes, ensuring reliable operation and scalability. Performed vulnerability analysis and integrated automated security scans into pipelines to improve code safety, following a DevSecOps mindset. Executed integration tests and enforced code quality checks with SonarQube, ensuring robust and maintainable software development.
A

Anjou Web

April 2024 - June 2024
Web App Security Intern | Montreuil-Bellay, France (Remote)
My role was to ensure Web Application Security by performing penetration testing to identify vulnerabilities and misconfigurations. I found a directory traversal vulnerability that exposed a repository of logs which an attacker could potentially exploit. I recommended safe path handling and strict input validation to mitigate this risk. I also identified Unsafe File Uploads (.php, .js ...) that could be executed on the server and suggested secure upload policies, including server-side scanning, input validation, storing files outside the webroot, and serving them through a secure proxy.
M

Ministry of the Interior

March 2023 - March 2023
IT Help Desk Intern | Tiznit, Morocco (Onsite)
Experienced in computer and network diagnostics, identifying and resolving system issues to ensure smooth operation.

Education

M

Mohammed V University – Rabat

2024 - 2026
Master’s in Computer Engineering and Systems Security
C

Chouaib Doukkali University - EST Sidi Bennour

2023 - 2024
Bachelor’s Degree in Cybersecurity and Cloud Technologies
A

Applied Technology Specialized Institute – Tiznit

2021 - 2023
Specialized Technician Diploma in Networks and Systems

Skills

Jenkins
Docker
Terraform
Grafana
Linux
Kubernetes
Java
JavaScript
Python
Mysql
Mongodb
WordPress
Reactjs
My Projects

Check out my latest work

DevSecOps & GitOps Pipeline for Microservices on Azure Infrastructure

DevSecOps & GitOps Pipeline for Microservices on Azure Infrastructure

A production-ready DevSecOps and GitOps ecosystem for EasyBus, a bus ticket management platform. The setup automates the secure delivery of Java Spring Boot microservices and a React frontend to a self-managed Kubernetes cluster deployed across Azure Virtual Machines. It features a robust Jenkins CI/CD pipeline integrated with deep security auditing, leveraging SonarQube for SAST and code quality alongside Trivy for container image scanning. Continuous delivery is managed declaratively via Argo CD and Argo CD Image Updater, ensuring immediate, automated synchronization between Git repositories and the infrastructure provisioned via Terraform.

Jenkins
Docker
Terraform
Kubernetes
Azure
Argo CD
GitOps
Source
Automated CI/CD Pipeline for Spring Boot on AWS EC2

Automated CI/CD Pipeline for Spring Boot on AWS EC2

A CI/CD pipeline using Jenkins automates building, testing, and deploying a Spring Boot app on AWS EC2. It integrates with GitHub for continuous integration, uses Maven for packaging, Trivy and SonarQube for security and code quality, Nexus for artifact storage, Docker and Kubernetes for deployment, and Prometheus–Grafana for monitoring with email alerts for updates.

Jenkins
Docker
AWS
Kubernetes
Prometheuse
Grafana
Linux
Source
Deploy 11 E-Commerce Microservices on AWS EKS with Automated CI/CD

Deploy 11 E-Commerce Microservices on AWS EKS with Automated CI/CD

A production-grade CI/CD pipeline using Jenkins automates the entire deployment of 11 independent microservices onto AWS EKS. It integrates with GitHub Webhooks for continuous integration, uses Docker for containerization, and leverages Kubernetes for orchestration and service discovery. AWS ELB provides load balancing, and the entire setup utilizes AWS IAM for secure access, resulting in a fully automated, scalable e-commerce platform.

AWS EKS
Jenkins
Docker & Docker Hub
Git
Linux
Source
Geo Distributed System Monitoring

Geo Distributed System Monitoring

An observability and monitoring setup was designed and deployed to track file data popularity, cache efficiency, request latency, and infrastructure resource usage across Geo-distributed regions. It uses AWS S3 for global data storage and Redis for regional caching to optimize performance. Prometheus collects metrics such as file access frequency, cache hits and misses, and server utilization, while Grafana dashboards provide clear insights into system behavior and performance trends. Tracked files are displayed through a simple Public Health & Wellness Resources web interface, combining backend monitoring with user-friendly data visualization.

Aws
Docker
Prometheus
Grafana
Nodejs
Redis
Linux
Source
Articles

Things I write about

I share insights on DevOps, CI/CD security, and cloud computing. Writing helps me reflect on real projects and share practical knowledge with others in the tech community.

  • S

    Stop the Breach: How to Bulletproof Your CI/CD Pipeline and Sleep Better at Night

    Learn how to secure your CI/CD pipeline from source code to deployment, protect secrets, and automate vulnerability scans…
    Read More
Contact

Get in Touch

Feel free to message me directly on LinkedIn and I'll respond as soon as I can.

LinkedIn