Mohammed BOUFENCHOUCHE

DevOps Engineer

Nice, Provence-Alpes-Côte d'Azur, France3 yrs 10 mos experience

Most Likely To Switch

Key Highlights

Expert in Kubernetes governance and cost optimization.
Led FinOps strategy for a fintech company.
Designed comprehensive monitoring solutions using ELK stack.

Stackforce AI infers this person is a Fintech Infrastructure Engineer with strong DevOps and cloud optimization skills.

Contact

Skills

Core Skills

AwsKubernetesFinopsMonitoringCi/cdDevopsSoftware DevelopmentProject Management

Other Skills

TerraformAnsibleKarpenterKyvernoIstioCiliumDockerHelmfilesJenkinsPrometheusGrafanaELKKeycloakVaultTeleport

About

Infrastructure optimization enthusiast with a strong background in DevOps and cloud engineering. Specialized in Kubernetes, AWS EKS, Karpenter, and FinOps best practices — turning over-provisioned clusters into lean, cost-efficient platforms. Deep expertise in Kubernetes governance with Kyverno, workload security, and cluster best practices. Passionate about observability through Prometheus, Grafana, ELK and proactive security monitoring with CrowdSec. Experienced across the full DevOps stack: Terraform, Vault, Kong, Okta SSO/ Keycloak, CI/CD pipelines using GitLab CI/CD or Jenkins, ArgoCD and more. Engineer's degree in Electronics & Computer Engineering from 3IL 🔥

Experience

3 yrs 10 mos

Total Experience

1 yr 11 mos

Average Tenure

2 yrs 10 mos

Current Experience

Linxo

2 roles

Cloud Engineer Senior

Promoted

Jan 2026 – Present · 4 mos

Platform/Cloud Engineer owning the full cloud infrastructure for a fintech company handling sensitive banking data. AWS Solutions Architect certified during this role.
FinOps & Cost Optimization
Led the company's FinOps strategy end-to-end: built Cost Explorer dashboards, presented monthly cost reviews to stakeholders justifying all cost variations and savings achieved
Migrated Cluster Autoscaler to Karpenter for smarter node provisioning and reduced compute spend
Deployed AWS Instance Scheduler to shut down idle RDS/EC2 during nights and weekends
Optimized Kubernetes costs through bin packing, Gateway Endpoints, resource tagging, unused resource cleanup and custom FinOps dashboards
Kubernetes & Infrastructure
Maintained and upgraded production/staging EKS clusters with Istio, Cilium and CoreDNS
Enforced deployment governance and compliance with Kyverno on EKS
Managed full AWS infrastructure via Terraform across 20+ services (RDS, CloudFront, S3, Redis/Valkey, EC2, ECR, Pull-Through Cache, Resilience Hub, IAM, Route 53, CloudWatch, VPC, ACM, Lambda, EKS)
Automated operations with Rundeck
Security & Access
Maintained WAF, GuardDuty and Inspector on AWS
Managed secrets (Vault), SSO (Keycloak) and server/database access (Teleport)
Enforced change management with client sync before production deployments
Observability
Built full monitoring stack: Prometheus, Grafana, ELK
Handled incident response and infrastructure troubleshooting
Collaboration & CI/CD
Worked with dev, architecture and SecOps teams on platform reliability
Maintained CI/CD pipelines (Jenkins, Git, Maven) and deployments (Docker, Kubernetes, Helmfiles)
Agile methodology
Stack: AWS · Terraform · Ansible · Kubernetes · Karpenter · Kyverno · Istio · Cilium · Docker · Helmfiles · Jenkins · Prometheus · Grafana · ELK · Keycloak · Vault · Teleport · Rundeck

AWSTerraformAnsibleKubernetesKarpenterKyverno+12

Cloud Engineer

Jul 2023 – Mar 2026 · 2 yrs 8 mos

Platform/Cloud Engineer owning the full cloud infrastructure for a fintech company handling sensitive banking data. AWS Solutions Architect certified during this role.
Kubernetes & Infrastructure
Maintained and upgraded production/staging EKS clusters with Istio, Cilium and CoreDNS
Enforced deployment governance and compliance with Kyverno on EKS
Managed full AWS infrastructure via Terraform across 20+ services (RDS, CloudFront, S3, Redis/Valkey, EC2, ECR, Pull-Through Cache, Resilience Hub, IAM, Route 53, CloudWatch, VPC, ACM, Lambda, EKS)
Automated operations with Rundeck
Security & Access
Maintained WAF, GuardDuty and Inspector on AWS
Managed secrets (Vault), SSO (Keycloak) and server/database access (Teleport)
Enforced change management with client sync before production deployments
Observability
Built full monitoring stack: Prometheus, Grafana, ELK
Handled incident response and infrastructure troubleshooting
Collaboration & CI/CD
Worked with dev, architecture and SecOps teams on platform reliability
Maintained CI/CD pipelines (Jenkins, Git, Maven) and deployments (Docker, Kubernetes, Helmfiles)
Agile methodology
Stack: AWS · Terraform · Ansible · Kubernetes · Karpenter · Kyverno · Istio · Cilium · Docker · Helmfiles · Jenkins · Prometheus · Grafana · ELK · Keycloak · Vault · Teleport · Rundeck

AWSTerraformAnsibleKubernetesKarpenterKyverno+12

Santiane

Site Reliability Engineer / DevOps

Dec 2020 – Jun 2023 · 2 yrs 6 mos · Nizza

Automated build and deployment pipelines for software products across production and staging environments, ensuring reliability, scalability and velocity for development teams.
Key achievements:
Designed and deployed the full ELK monitoring stack (Elasticsearch, Logstash, Kibana, Metricbeat, Auditbeat, Heartbeat) providing end-to-end observability across all services
Built and maintained CI/CD pipelines with GitLab CI and Rancher for seamless application delivery
Implemented ArgoCD with Kubernetes for GitOps-based continuous deployment
Migrated security infrastructure from Fail2ban to CrowdSec for improved threat detection and response
Managed AWS infrastructure (EC2, RDS PostgreSQL, ElastiCache, EKS, S3, Route53, NLB) using Terraform as IaC
Configured Cloudflare WAF, Okta SSO and Vault for security hardening and secrets management
Ensured maximum independence and ownership for development teams by maintaining self-service production environments
Stack: AWS · Terraform · Kubernetes · EKS · Rancher · ArgoCD · Docker · GitLab CI · ELK Stack · CrowdSec · Cloudflare · Okta SSO · Vault · Apache · PHP 8 · Teleport

AWSTerraformKubernetesEKSRancherArgoCD+7

Amadeus

Software Development Engineer DevOps

Feb 2020 – Aug 2020 · 6 mos · biot

In the CSS BUILD INFRASTRUCTURE department, responsible for the development and maintenance of Jenkins pipeline libraries based on Groovy and Java, these libraries (also called Software Workbench Solutions) are used by customers and Amadeus developers in their build processes.

JenkinsGroovyJavaDevOps

Orange business services

Software Development Engineer

Sep 2018 – Sep 2019 · 1 yr · Valbonne, Provence-Alpes-Côte d’Azur, France

Built an internal staffing tool enabling managers to allocate engineers based on their availability, skills, holidays and sick leave. The application provided a real-time view of resource utilization rates to optimize project planning.
Team: 6 developers, Product Manager, Project Director, Architect, Product Owner, Scrum Master, DevOps
Stack: Angular 8 · Laravel 5.7 · Node.js · LoopBack 3.0 · MySQL · MariaDB · Docker · Kubernetes · Kong API Gateway · Git · Jira
Methodology: Scrum

AngularLaravelNode.jsMySQLDockerKubernetes+2