Cloud Security · Architecture · Reliability
I help teams modernize and secure their infrastructure: defining cloud architectures, implementing security controls and guardrails, building CI/CD pipelines, and automating operations to reduce toil and improve reliability. My work spans IAM, network design, compliance (SOC 2-aware), observability, and internal tooling—including AI-powered assistants.
Secure cloud architecture, platform engineering, and automation.
Design and review AWS and Azure architectures with security, reliability, and privacy in mind: IAM guardrails, network segmentation, encryption, logging, and compliance-aligned controls.
Build reproducible cloud foundations using Terraform and CloudFormation, with CI/CD pipelines (CodePipeline, CodeBuild, Jenkins) to keep infrastructure changes controlled and auditable.
Implement observability and ChatOps, and build internal tools and services (including a virus scanning API and AI assistants) to monitor, secure, and operate cloud environments at scale.
Projects that highlight my approach to secure cloud architecture and reliability.
A web-based AI assistant that answers cloud, security, and infrastructure questions using LLMs and curated best practices—built to help teams reason about architecture decisions, trade-offs, and migration strategies faster.
Migrated and refactored infrastructure across AWS accounts during an acquisition, rebuilding manually deployed workloads as Infrastructure as Code and enforcing consistent security controls (IAM, networking, encryption, logging, and cost guardrails).
Designed centralized event and security signal routing across multiple AWS accounts into a single monitoring account and chat channels, using AWS Config rules and automated checks to support quarterly security posture reviews aligned with SOC 2 requirements.
Python-based API that accepts files, scans them with an AV engine, and returns a verdict—designed to slot into existing application flows as a security control and generate auditable logs.
High-level views of secure cloud architectures, from multi-account setups to observability and ChatOps. (Replace placeholders with your actual diagrams for portfolio use.)
Shows Organizations, shared services, security accounts, cross-account IAM roles, centralized logging, and CI/CD pipelines—designed to separate duties while keeping security and operations manageable.
[Diagram placeholder – secure-multi-account-aws-architecture.png]
Illustrates how CloudWatch, New Relic, Prometheus/Grafana, and custom scripts feed into Slack/ChatOps, enabling early detection, faster triage, and better post-incident visibility.
[Diagram placeholder – observability-chatops-pipeline.png]
Where I’ve applied cloud security and architecture in practice.
Modernizing infrastructure tooling, designing secure AWS environments, building CI/CD pipelines, optimizing cost and resource usage, and running quarterly infrastructure security posture audits using AWS Config rules and automated checks.
Designed CI/CD frameworks and observability patterns to support infrastructure as code, integrating APM and telemetry to improve performance visibility and reliability for internal platforms. Deploy new infrastructure on aws and integrate newrelic observability services.
Led infrastructure modernization and AWS migration, designed network solutions, implemented HA and DR strategies, and managed RDS (Postgres/MySQL) for highly available services.
Automated deployments (Jenkins, CodePipeline/CodeBuild), integrated monitoring with AWS Chatbot and Slack, and implemented Ansible-driven configuration to stabilize environments and reduce manual operations.
Security, cloud, and reliability credentials.
Cloud architect and reliability engineer with over two decades of building secure, scalable systems.
I'm a Cloud Security & Infrastructure Architect and Site Reliability Engineer with 20+ years of experience building and operating large-scale, distributed systems. My background spans cloud platforms and infrastructure at companies like Amazon, New Relic, and Infotech.