Simon Wubshet Bekele
DevSecOps & Cloud Engineer | Security Analyst
I safeguard and scale cloud-native infrastructure — hardening pipelines, automating delivery, and locking down systems from commit to production.
helpSkills Matrix
DevOps & Cyber convergence grid — where automation meets defense.
Cloud & Infrastructure
- AWS
- Azure
- Terraform
- Ansible
- API Gateway
CI/CD & GitOps
- GitHub Actions / Jenkins
- ArgoCD
- Git / GitHub
- Automation
Containers & Orchestration
- Docker
- Kubernetes
- Helm
- Linux
Security & Monitoring
- Nessus
- Burp Suite
- Prometheus / Grafana
Languages & Scripting
- Python
- JavaScript
- Node.js
- Bash
Backend & Frameworks
- Laravel / PHP
- Django
- REST & GraphQL APIs
- OAuth2 / JWT
Experience & Mentorship
A track record of shipping secure infrastructure and lifting others up.
DevSecOps Engineer
Full-TimeOrigin Tech · Addis Ababa, Ethiopia
- Design, secure, and operate scalable, highly available AWS infrastructure across Dev, Staging, and Production using modular Terraform and Ansible.
- Integrate automated security scanning (SAST/DAST, dependency checks, container vulnerability audits) directly into GitHub Actions and Jenkins CI/CD pipelines.
- Enforce strict environment parity and eliminate configuration drift through automated compliance checks and GitOps best practices.
- Drive cloud cost-optimization with resource tagging, Reserved Instances, and automated lifecycle policies to maximize budget efficiency.
- Implement robust data protection: automated multi-region backup vaults, point-in-time recovery, and verified disaster recovery plans.
DevOps Engineer
Full-TimeSustainable Healthcare Solutions for Africa (SHS) · Addis Ababa, Ethiopia
- Designed multi-account, multi-region AWS infrastructure with Terraform and CloudFormation, using immutable pipelines and drift detection to guarantee Prod/Staging/Dev parity.
- Managed end-to-end CI/CD with GitHub Actions and Jenkins, introducing blue/green and canary release strategies for microservices.
- Architected container orchestration on AWS ECS with custom task placement and service mesh policies for fine-grained traffic control.
- Built advanced observability: Prometheus anomaly detection, custom Grafana playbooks, and ELK-driven forensic dashboards for fast root-cause analysis.
- Led cloud security hardening — least-privilege IAM, automated KMS key rotation, S3 encryption, and VPC flow-log audits to pass external compliance assessments.
- Orchestrated disaster-recovery and chaos-engineering drills, including region-failover simulations and Lambda-driven AWS Backup Vault restores.
Cloud Solutions Engineer
Full-TimeNana Digital · Addis Ababa, Ethiopia
- Designed and deployed fully automated, secure AWS environments with Terraform and CloudFormation — VPCs, subnets, Security Groups, EC2, RDS, S3, ELB, Lambda, IAM, and KMS.
- Developed advanced ETL workflows with AWS Glue, Lambda, and custom Python to sync and transform data between legacy on-prem systems and cloud databases under heavy throughput.
- Built resilient backup and recovery solutions with automated RDS snapshots, cross-region replication, and simulated failover drills.
- Collaborated with InfoSec and compliance teams on least-privilege IAM, vulnerability assessments, patch automation, and audit-ready environments.
- Mentored junior cloud engineers via architecture reviews, IaC pair-programming, and AWS best-practice knowledge-sharing sessions.
Backend Developer
InternshipMinistry of Innovation and Technology (MinT) · Internship
- Architected and maintained backend services with Laravel, CodeIgniter, and Symfony — implementing MVC, dependency injection, and middleware for clean, extensible code.
- Built RESTful APIs and background jobs with Django and Flask, integrating them with PHP services for cross-platform data workflows.
- Designed, documented (OpenAPI/Swagger), and consumed REST and GraphQL endpoints with OAuth2/JWT auth, rate limiting, and API versioning.
Technical Mentor for AWS Students
VolunteerALX Alumni Program · Volunteer
- Mentor AWS students through hands-on cloud curriculums and certification prep.
- Conduct architecture reviews and share DevOps & security best practices.
Showcase Projects
Open-source infrastructure, GitOps, and DevSecOps work — click any card to view the repository.
kdoctor
Kubernetes Health Diagnostics CLI
A DevOps terminal utility built in Python to scan active Kubernetes cluster nodes, run health diagnostics, and output structured node status tables.
eks-gitops-infra
EKS Cluster Infrastructure
Terraform infrastructure-as-code provisioning a production-grade Amazon EKS cluster with VPC networking, IAM/OIDC, and multi-AZ node groups.
eks-gitops-manifests
Multi-Environment GitOps Delivery
ArgoCD-driven GitOps manifests orchestrating Dev, Staging, and Prod environments with Helm charts and Bitnami Sealed Secrets for safe in-repo credential storage.
terraform-aws-secure-fargate
Hardened Fargate Module
A reusable Terraform module deploying secure AWS Fargate workloads with least-privilege IAM, private networking, and hardened task definitions.
devsecops-secure-pipeline
Secure CI/CD Pipeline
An end-to-end DevSecOps pipeline embedding container image scanning, SAST, and policy gates into a Docker-based build and deployment workflow.
Teleradiology
DICOM Diagnostic Web App
A lightweight teleradiology web app for receiving DICOM ZIPs, assigning them to radiologists, and delivering diagnostic reports. Built with Laravel, Blade, and Tailwind CSS.
Verification Hub
22 verified credentials across cloud, security, and development — click any badge to verify it on Credly.