I didn't start in software — I started in structural engineering, calculating load paths and safety factors for concrete and steel. In 2023 I pivoted into full-stack development and DevOps, and I never stopped noticing the parallel: a distributed system and a bridge fail for the same reason — a bad assumption nobody stress-tested.
Today I design and ship secure, multi-tenant SaaS platforms, and I live at the intersection of application code and the infrastructure it runs on — using Go, Java, and Python to automate CI/CD and GitOps lifecycles end to end.
- 🇹🇳 Based in Nabeul, Tunisia — open to remote roles across Europe (France, Belgium, Switzerland) and MENA
- 🗣️ Trilingual: English · Français · العربية
- 🏗️ Ex-civil engineer → now a Kubernetes / Terraform / DevSecOps generalist
- Working as a Cloud & DevOps Engineer @ Future Eagle IoT, building CI/CD pipelines, multi-cloud IaC, and production Kubernetes platforms.
- Taking on select Production-Readiness Audits (Spring Boot · PostgreSQL · DevSecOps) for teams shipping to AWS.
- Writing long-form technical content across DevOps, DevSecOps, Cloud, MLOps, and AIOps on my blog.
- Always happy to talk about Kubernetes admission controllers, multi-tenant Row-Level Security, or migrating legacy Java to cloud-native.
Cloud & Infrastructure
Containers & Orchestration
CI/CD & GitOps
DevSecOps & Security
Observability & SRE
Languages
Backend & Frontend
Databases & Messaging
| Project | Stack | What it does |
|---|---|---|
| Future Eagle Fleet | Spring Boot · PostgreSQL RLS · Angular · Keycloak · Docker | Multi-tenant B2B fleet SaaS with row-level tenant isolation, SECURITY DEFINER triggers, and real-time vehicle telemetry over WebSocket/STOMP. |
| Eagle IoT | FastAPI · TimescaleDB · React · MQTT · ESP32 | Industrial IoT platform: PLC → ESP32 → Modbus ingestion into TimescaleDB hypertables, mTLS-secured transport, predictive maintenance alerts. |
| AgentWarden | Go · Kubernetes · Docker · React | Validating/mutating admission webhook that sandboxes autonomous AI coding agents in GitOps workflows, shipped as a signed, distroless image. |
| FlexTier | Java · AWS EKS · K3s · Terraform · ArgoCD | Migrated a legacy Java WAR into two containerized paths (cost-optimized K3s + managed EKS) with FinOps tagging and rightsizing. |
| Three-Tier DevSecOps on EKS | Terraform · AWS EKS · ArgoCD · Prometheus · SonarQube · Trivy | End-to-end reference pipeline from code commit to production rollout, with shift-left scanning and SLO-based monitoring. |
| Metric | Result |
|---|---|
| Deployment time | ↓ 40% across 8+ microservices |
| New environment onboarding | 2 days → under 30 minutes |
| Production uptime | 99.9%, zero-downtime rolling releases |
| Mean time to detect (MTTD) | ↓ 65% via SLO-driven alerting |
| Client infrastructure cost | ↓ 35%+ vs. prior VM-based deployments |
| Login latency after Keycloak/OAuth2 migration | ↓ 40% |
- 📘 Engineering AI, Volume I — mapping a Spring Boot / cloud-native stack to LLM integration, AI agents, RAG pipelines, and production AI security.
- 🎫 TicketForge — a build-in-public series on a high-concurrency ticketing SaaS (Java 21, Kafka, Redis, AWS, DevSecOps).
- 📗 DevSecOps & Cloud By Hand — a full lifecycle walkthrough: Spring Boot/Angular/PostgreSQL app → CI/CD → AWS lift-and-shift → FinOps → AI agent integration.
All of it lives on my blog, organized across five tracks: DevOps, DevSecOps, Cloud, MLOps, and AIOps.
- Full-Stack & DevOps Intensive Program — 2i Formation
- Applied Bachelor's Degree (Honors), Civil Engineering — ISET Nabeul
- LFS158 (Kubernetes) · LFS169 (GitOps) · LFEL1014 (KEDA) — The Linux Foundation
💼 I'm open to remote DevOps / Cloud Engineer roles across Europe 🇫🇷🇧🇪🇨🇭 and MENA, and I take on select Production-Readiness Audits (Spring Boot · PostgreSQL · DevSecOps) for teams shipping to AWS.


