Principal Engineer β Cloud Infrastructure, DevOps & Security
Building resilient, secure platforms and using AI to move engineering 10Γ faster.
I'm a Principal Engineer with 25+ years of experience across cloud, infrastructure, automation, and security. I enjoy big-picture architecture just as much as hands-on implementation, and I put a lot of care into building systems that are resilient, observable, and maintainable.
- Cloud & platforms: Designing and operating multi-cloud and hybrid environments with a strong focus on reliability and cost-awareness.
- Automation & DevOps: Turning tribal knowledge into codeβCI/CD, infrastructure as code, and robust release pipelines.
- Security & governance: Baking security into platforms and workflows instead of bolting it on at the end.
- AI-augmented engineering: Integrating LLMs and agentic systems into day-to-day workflows in IP-safe, security-conscious ways.
- Platform & SRE practices: Standardizing golden paths, improving observability, and reducing toil for engineering teams.
- Secure-by-default infrastructure: Using automation to enforce policy, detect drift, and keep systems hardened at scale.
I'm particularly excited about the rapidly evolving field of AI, LLMs, and agentic systems. I've integrated AI into my workflows to dramatically reduce completion times while respecting security boundaries and IP constraints, using it to architect and build everything from small utilities to complex multi-component solutions.
Important
This intersection of AI with traditional infrastructure is a fascinating frontier for automation, analysis, and decision supportβand a major leverage point for high-performing engineering teams.
I contribute to open source when I can, especially where reliability, automation, or user experience can be improved.
| Project | Contribution | Language |
|---|---|---|
| GpgFrontend | Added Linux dark mode detection for Fusion theme in Qt6, enabling the application to automatically adapt to system theme changes on Linux desktop environments. | C++ |
| Pangolin | Implemented sticky sessions functionality for backend resources, allowing session persistence when multiple targets existβessential for stateful applications like VNC console sessions to Proxmox. | TypeScript |
- Languages & development: Bash, Python, Go
- DevOps & automation: Terraform, Ansible, Puppet, GitHub Actions, ArgoCD
- Containers & orchestration: Docker, Kubernetes, Firecracker, AWS Fargate
- Observability & SRE: Prometheus, VictoriaMetrics, Grafana, Loki, Datadog, New Relic, BetterStack, Opsgenie
- Data & storage: PostgreSQL, MongoDB, DynamoDB
- Security & DevSecOps: Snyk, SonarCloud, OWASP ZAP, Veracode, GitGuardian, Nessus, Codacy
- Platforms & virtualization: Linux, Windows Server, Proxmox, VMware
- Cloud & edge: AWS, Cloudflare, Azure, GCP, Vultr, Linode, Fly.io, Hetzner, OVH
Full skill matrix (realistic 1β5 β scale β click to expand)
I use a realistic proficiency scale where very few people in the world would truly merit a 5βstar rating in any technology.
[!TIP]
A 2βstar rating represents average proficiency, 3βstars indicates solid professional competence, 4βstars represents significant expertise, and 5βstars is reserved for worldβclass mastery.
Building tools and automation frameworks is my passion. I leverage my programming skills to create efficient solutions.
| Technology | Proficiency | Experience |
|---|---|---|
| Bash | β β β | Extensive shell scripting for automation and system management |
| Python | β β | Building automation tools, APIs, and data processing pipelines |
| Go | β | Developing microservices and CLI tools for cloud environments |
I believe in infrastructure as code and automation to enable reliable, repeatable deployments.
| Technology | Proficiency | Experience |
|---|---|---|
| Terraform | β β β | Managing cloud infrastructure across multiple providers |
| Ansible | β β | Configuration management and application deployment automation |
| Puppet | β β β β | Large-scale system configuration and policy enforcement |
| GitHub Actions | β β β | CI/CD pipeline automation and software delivery |
Ensuring systems are reliable, scalable, and maintainable is core to my approach.
| Technology | Proficiency | Experience |
|---|---|---|
| PromQL | β β β | Creating advanced monitoring queries and alerting rules |
| Groovy | β β β | Jenkins pipeline automation and scripting |
| Grafana | β β β | Building comprehensive monitoring dashboards and visualizations |
| Prometheus | β β β | Implementing metrics collection and alerting systems |
| Victoria Metrics | β β β | High-performance time series database management |
| Loki | β β β | Log aggregation and analysis at scale |
| InfluxDB | β β | Time-series data storage and querying |
| Datadog | β β β | Cloud-scale monitoring and observability platform |
| New Relic | β β β | Application performance monitoring and diagnostics |
| Betterstack | β β β | Uptime monitoring and incident management |
| Opsgenie | β β | Alert management and on-call scheduling |
I work with various database solutions to ensure data persistence, performance, and reliability.
| Technology | Proficiency | Experience |
|---|---|---|
| PostgreSQL | β β β | High-performance relational database management |
| MongoDB | β β β | Document-based NoSQL data storage and retrieval |
| DynamoDB | β β β | Serverless NoSQL database operations on AWS |
Containerization forms the foundation of my modern application deployment strategy.
| Technology | Proficiency | Experience |
|---|---|---|
| Docker | β β β β | Building optimized container images and deployment workflows |
| Firecracker | β β β | Lightweight virtualization for serverless containers |
| Kubernetes | β β β | Large-scale container orchestration and management |
| ArgoCD | β β β | GitOps-based continuous delivery for Kubernetes |
| AWS Fargate | β β β | Serverless container execution without managing infrastructure |
Security is integrated into every stage of my development and operations workflow.
| Technology | Proficiency | Experience |
|---|---|---|
| Snyk | β β β | Dependency scanning and vulnerability management |
| Codacy | β β β | Automated code reviews and static analysis |
| SonarCloud | β β β | Continuous inspection of code quality and security |
| OWASP ZAP | β β β | Dynamic application security testing |
| Veracode | β β β | Static analysis security testing for applications |
| GitGuardian | β β β | Secret detection and remediation in code repositories |
| Nessus | β β β | Vulnerability scanning and security auditing |
I work across various operating systems and virtualization platforms to build robust infrastructure.
| Technology | Proficiency | Experience |
|---|---|---|
| Linux | β β β β | Deep expertise in RedHat and Ubuntu-based distributions |
| Windows Server | β β β β | Enterprise Windows infrastructure management |
| Proxmox | β β β β | Open-source virtualization platform administration |
| VMware | β β β β | Enterprise virtualization infrastructure design and management |
Multi-cloud expertise allows me to design and implement solutions across various platforms.
| Technology | Proficiency | Experience |
|---|---|---|
| AWS | β β β β | Comprehensive Amazon Web Services ecosystem expertise |
| Cloudflare | β β β β | Edge network services for content delivery, DDoS protection, and zero-trust security |
| Azure | β β | Microsoft Azure cloud platform for enterprise solutions |
| GCP | β β | Google Cloud Platform services and infrastructure |
| Vultr | β β β β | High-performance cloud computing deployment |
| Linode | β β β | Linux server infrastructure in the cloud |
| Fly.io | β β β | Deploying applications globally close to users |
| Hetzner | β β β | Dedicated server and cloud infrastructure management |
| OVH | β β β | European-based cloud and dedicated hosting solutions |
I maintain industry-recognized certifications to validate my expertise in cloud architecture and security.
| Certification | Issuing Organization | Description |
|---|---|---|
| Amazon Web Services | AWS Certified Solutions Architect - Associate Validates expertise in designing distributed systems on AWS. Demonstrates knowledge of AWS services, security best practices, and cost optimization. |
|
| (ISC)Β² | Certified Information Systems Security Professional (CISSP) Demonstrates expertise across eight domains of information security, including security operations, asset security, and security architecture. |
I'm always open to interesting conversations, hard problems, and collaboration opportunities.
βοΈ From x86txt