DevOps & Cloud Engineer

Faraaz Mohammed

$ building cloud infrastructure & CI/CD pipelines_

Chemistry graduate from King's College London transitioning into DevOps. Built production-style cloud infrastructure projects using AWS, Docker, Kubernetes and GitHub Actions — with hands-on debugging of networking, CI/CD, and container orchestration issues.

View Projects GitHub LinkedIn
faraaz@devops-machine:~
cat profile.yaml name: "Faraaz Mohammed" role: "DevOps Engineer" cloud: ["AWS", "Docker", "Kubernetes"] education: "BSc Chemistry, KCL" status: learning_in_public current_focus: - "AWS infrastructure" - "Docker + Kubernetes" - "CI/CD pipelines" - "Terraform (learning)"
# open to DevOps roles ▸_
01 — Who I Am

About Me

I'm a graduate DevOps engineer with a Chemistry degree from King's College London. I build and operate cloud infrastructure on AWS. I treat infrastructure as code: version-controlled, reproducible, and deployed through automation.

I've built and debugged real systems. That includes container networking failures, Route53 DNS misconfiguration, security group blocks, and non-deterministic CI pipeline outputs. I know what broken looks like and how to trace it.

My projects cover AWS static hosting with S3, CloudFront, and Route53, a containerised FastAPI service deployed via Kubernetes and GitHub Actions, and EC2 web infrastructure with NGINX and VPC networking. I'm currently building depth in Terraform and observability tooling.

4
Cloud projects shipped
6+
Infra bugs root-caused
5
AWS services operated
3
CI/CD pipelines built
🎓 Education

BSc Chemistry

King's College London

Chemistry instilled rigorous analytical thinking and a precision-first approach to problem solving. Debugging infrastructure requires the same mindset as debugging an experiment: isolate variables, form a hypothesis, test systematically, document results.

// Career Transition
Applying scientific problem-solving to cloud infrastructure. Currently building hands-on DevOps projects and documenting debugging workflows publicly on GitHub.
02 — Technical Skills

Technical Stack

Cloud & AWS
EC2S3 CloudFrontRoute53 IAMVPC Security GroupsALB
🐳
Containers & Orchestration
Docker Kubernetes (Deployments, Services, Pod lifecycle) Docker Hub Layer caching Container networking
CI/CD & Automation
GitHub ActionsGit Pipeline YAML Docker image push Automated builds
🐧
Linux & Networking
Linux (Ubuntu)Bash scripting NGINXdig / nslookup curl / netstatSSH TCP/IP
🐍
Programming
PythonFastAPI pandas / NumPySQL JSON SchemaYAML
🔧
Tools & Practices
Git branching & rebase Reflog recovery Conflict resolution Reproducible builds Output validation
03 — Work History

Experience

YCX
Oct 2025 – Feb 2026
AI & Data Science Intern
  • Worked on Decklan, an AI-powered system converting unstructured input into structured, investor-ready pitch deck content.
  • Implemented JSON schema validation to enforce consistent output structures across the pipeline.
  • Built validation logic to detect malformed and non-deterministic AI outputs, reducing manual QA overhead.
  • Diagnosed and resolved CI pipeline failures caused by inconsistent AI model outputs using reproducible fix strategies.
SPREADCO
May 2023 – Jul 2023
Market & Research Analyst Intern
  • Standardised large financial datasets using Python (pandas, NumPy) to ensure data integrity.
  • Automated recurring reporting workflows, eliminating manual steps and reducing turnaround time.
  • Built structured tracking models to detect data inconsistencies across financial records.
  • Performed exploratory data analysis using Python and SQL to surface actionable insights.
04 — What I've Built

Key Projects

// PROJECT 01
Containerised RAG API with CI/CD and Kubernetes Deployment

A FastAPI-based Retrieval-Augmented Generation service built end-to-end: containerised, published, and deployed via an automated pipeline.

  • Built a FastAPI RAG API and containerised it with Docker for reproducible environments
  • Pushed images to Docker Hub and validated reproducible builds across clean environments
  • Diagnosed container networking failures and optimised Docker layer caching
  • Deployed using Kubernetes Deployments and Services
  • Automated builds and deploys with GitHub Actions CI/CD pipeline

// WHY
Chose Kubernetes over plain Docker to surface real orchestration concerns — readiness probes, service discovery, and replica management. Kept app logic minimal deliberately to focus on infrastructure behaviour.

FastAPIDocker KubernetesGitHub Actions Linux
→ github.com/23faraaz
// PROJECT 02
AWS EC2 Web Infrastructure with NGINX and DNS Configuration

Hands-on AWS infrastructure: EC2 provisioning, NGINX web server setup, VPC networking, and systematic DNS and connectivity debugging.

  • Provisioned EC2 instances and configured NGINX as a production web server
  • Set up security groups applying least-privilege inbound/outbound rules
  • Debugged DNS routing failures between Route53 and EC2 using dig and nslookup
  • Diagnosed HTTP connectivity blocked by missing security group rules

// WHY
Built on EC2 rather than a managed service to force direct engagement with networking primitives: security groups, VPC routing, and DNS resolution. Understanding these layers is essential before abstracting them away.

AWS EC2NGINX VPCRoute53 Security Groups
→ github.com/23faraaz
// PROJECT 03
Multi-Container Flask + Redis System (Docker Compose + NGINX)

A multi-container system built to surface real Docker failure modes: container networking, state persistence, configuration drift, and horizontal scaling with a reverse proxy.

  • Diagnosed Flask-to-Redis connection failure — traced root cause to containers not sharing localhost; fixed by using Compose service DNS
  • Implemented named Docker volume for Redis /data to persist visit counter across container restarts
  • Injected REDIS_HOST and REDIS_PORT via Compose environment variables — decoupled config from image
  • Hit host port conflicts scaling with --scale web=3; resolved by switching Flask to expose and routing traffic through NGINX
  • Debugged container state using docker logs, docker exec, and docker volume inspect

// WHY
Used Compose over Kubernetes to keep complexity proportional to scope. Chose Redis as a stateful dependency deliberately — it surfaces persistence, networking, and ephemerality issues early. NGINX was introduced only after scaling exposed real port-binding limitations, not pre-emptively.

DockerDocker Compose FlaskRedis NGINX
→ github.com/23faraaz
// PROJECT 04
AWS Static Website Hosting — S3 + CloudFront + Route53

Designed and deployed a full AWS static hosting stack. Configured CDN, custom domain, HTTPS termination, and cache management. Debugged real infrastructure issues from stale cache to DNS propagation failures.

  • Configured S3 bucket for static website hosting with correct public-access policies and bucket policy scoped to CloudFront OAC principal only
  • Created a CloudFront distribution with HTTPS-only viewer protocol and edge caching across AWS PoPs
  • Configured Route53 hosted zone with an A record alias pointing to the CloudFront distribution
  • Provisioned an ACM TLS certificate with DNS validation via Route53 CNAME records and attached it to CloudFront
  • Implemented cache invalidation (/*) via AWS CLI post-deploy to flush stale edge-cached content
  • Debugged CloudFront serving stale index.html after redeployment — root cause was 24hr default TTL; resolved with a targeted invalidation
  • Traced DNS propagation delay of ~15 minutes after Route53 record creation using dig +trace
  • Resolved S3 bucket policy blocking CloudFront origin requests — fixed by scoping the policy to the correct OAC principal

// WHY
Chose S3 + CloudFront over EC2 hosting because the site is static — no reason to manage a server. Using CloudFront in front of S3 enforces HTTPS, adds edge caching, and keeps the S3 bucket private. Route53 was used to own the full DNS stack end-to-end.

AWS S3CloudFront Route53ACM IAMAWS CLI
→ github.com/23faraaz
05 — Real Debugging Experience

Engineering Lessons

🌐
DNS Routing Failure

Debugged DNS routing issues between Route53 and an EC2 instance. Used dig and nslookup to trace propagation delays and an A record pointing to a stale IP after an instance restart.

dignslookup Route53EC2
🐳
Container Networking Failure

Diagnosed container networking failures during Docker builds where services couldn't communicate. Traced the issue to a missing network bridge configuration and incorrect port binding between containers.

Dockerdocker logs netstatcurl
Non-Deterministic CI Failures

Handled CI pipeline failures caused by inconsistent AI model outputs at YCX. Implemented JSON schema validation and output sanity checks to make the pipeline predictable and stable.

GitHub ActionsJSON Schema Python
📦
Non-Reproducible Docker Builds

Investigated builds that succeeded locally but failed in CI due to unpinned base image tags and floating dependency versions. Fixed by pinning exact versions and validating across fresh CI environments.

DockerDockerfile Docker Hub
🔒
Security Group Blocking HTTP

Troubleshot an EC2 web server unreachable from the internet despite NGINX running correctly. Root cause: missing inbound rule on port 80 in the security group. Traced using curl and EC2 Instance Connect.

AWS EC2Security Groups NGINXcurl
🔄
Lost Commit Recovery

Recovered commits lost after an accidental hard reset by using git reflog to identify the correct commit hash and restore the branch — without losing any work.

git refloggit reset git cherry-pick
06 — How I Debug

Debugging Workflow

A consistent, layer-by-layer debugging process is how infrastructure failures get diagnosed accurately and fixed permanently. This is the framework I apply to every infrastructure problem.

01
Identify Failing Layer
  • DNS / networking
  • Application layer
  • Container
  • CI pipeline
  • Cloud config
02
Validate Connectivity
  • dig
  • nslookup
  • curl -v
  • netstat -tulnp
  • ping
03
Inspect Logs
  • docker logs
  • journalctl
  • CI pipeline output
  • nginx error.log
  • AWS CloudWatch
04
Isolate Variables
  • Recreate w/ Docker
  • Test individually
  • Compare envs
  • Minimal repro
  • Pin dependencies
05
Apply & Validate Fix
  • Update config
  • Commit to version control
  • Run through CI
  • Validate end-to-end
  • Document root cause
07 — Growth Trajectory

Currently Learning

One active focus. Not four things labelled "in progress" with nothing to show.

🏗
Terraform — AWS Infrastructure as Code

Provisioning AWS infrastructure declaratively using Terraform. Moving beyond console-click infrastructure toward version-controlled, reproducible resource definitions. Currently managing VPCs, EC2 instances, S3 buckets, and IAM roles via terraform apply.

In progress
→ View repo on GitHub
08 — System Design

Infrastructure I've Designed

Portfolio Deployment
👤 User Browser
🌐 Route 53 DNS
CloudFront CDN
HTTPS · Edge Cache
🗄 S3 Static Hosting
HTML · CSS · JS · Assets
Containerised API Deployment
👨‍💻 Developer
🐙 GitHub Repository
GitHub Actions
🐳 Docker Build
Kubernetes Deployment
AWS Web Infrastructure
🌍 Internet
Application Load Balancer
🖥 EC2 #1
🖥 EC2 #2
🔒 Private Network
Security Groups VPC · Subnets
09 — Get In Touch

Open to DevOps & Cloud Infrastructure Roles

I'm actively seeking DevOps, Cloud Infrastructure, and Platform Engineering opportunities where I can contribute and grow.

Currently building production-style cloud infrastructure projects and documenting debugging workflows on GitHub.

$ echo "Available for full-time DevOps / Cloud Engineering roles"
Open to DevOps roles
AWS · Docker · K8s · Terraform
v2.0.0 · London, UK