Portfolio

Projects

From large-scale cloud infrastructure to experimental AI tooling.

Case Study

Creating Capacity, So My SOC Team Can Keep Us Off the Front Page

I had been with the organization for years when we faced a critical handoff. I inherited a working system that needed transformation. We had a critical gap: our forensic capability was at severe risk. A functioning system existed, but it was fragile.

The Reality

  • Legacy on-prem architecture
  • Custom implementation voided vendor support
  • Manual 3-month deployment cycles
  • Zero resiliency, single points of failure everywhere
  • Inconsistent governance

Our Security Operations Center needed a forensic tool that could be updated reliably. Forensic readiness isn't about tools, it's about being prepared to answer questions you can't predict.

Why This Was Actually Hard

Political friction. Cultural inertia. Governance gaps. Process limitations. Technical fragility. Potential legal exposure.

I had to take ownership, understand my new stakeholders, and transform our forensic capability into a reliable platform so my SOC team could keep us off the front page.

What I Specifically Built

As lead architect with 100% ownership:

  • Eliminated single points of failure across compute, storage, and network
  • Active-active multi-region
  • Route 53 failover
  • S3 cross-region replication
  • Automated bootstrap
  • 1-day turnaround for operational support onboarding
  • One-click recovery
  • Vendor supported pipeline
  • Zero-touch audit readiness
  • Code-centric governance

Metrics That Matter

4 hrs Deployment time
down from 3+ months
99.99% SLA Forensic system
uptime
8 Releases per year
in 6 months
200+ hours Eliminated per release
in 6 months

Why This Matters to Your Organization

This isn't just about faster deployments or shinier architecture.

We gained a reliable forensic capability that will keep pace with today's threat landscape.

  • A foundation that can evolve
  • Operational resilience when things go wrong
  • Governance that can withstand audit scrutiny

The Ownership Lesson

The right architecture can eliminate the "fight over who controls the capability" that so many organizations experience.

Ownership isn't about claiming credit, it's about understanding who depends on the outcome more than you do.

★ Star Projects

E2E Infrastructure Modernization

Multi-Region Cloud Forensics

Problem:

• Legacy on-premises architecture with custom implementation lacking vendor support

• Manual 3-month deployment cycles

• Lacking resiliency and inconsistent governance

Solution:

• Production-grade active-active multi-region architecture with Route 53 failover

• S3 cross-region replication for automated bootstrapping

• Vendor-compliant CI/CD pipeline with "blessed" bootstrap integration

Impact:

• 99.99% uptime SLA (critical for forensic readiness)

• Deployment time reduced to 4 hours from 3+ months manual work

• Code-centric governance eliminating direct code modification

Multi-Region Resilience 99.99% Uptime SLA Vendor Compliance CI/CD Transformation

Role: Lead Architect · 100% ownership · Vendor Collaboration · Governance Modernization

DevOps

Automated CI/CD Pipeline

Problem: Manual deployments with 23% failure rate causing rollbacks, reliability issues, developer time consumption, and operational risk.
Solution: IaC one-click pipeline using GitHub Actions blue/green ECS, audit chain, and lifecycle testing gates.
Impact: 4-hour release cycle with enhanced resilience and audit readiness.

Terraform GitHub Actions Docker AWS ECS 168X faster (99.4%) 92.6% CFR down

Role: Lead Engineer · 100%

Compliance & Governance

Enterprise Security Automation

Problem: BOY application teams responsible for remediating open security risks.
Solution: Built automation to remediate security risks, harden configurations, and automate approvals across 10,000+ endpoints.
Impact: Reduced manual remediation time by 80%, eliminated backlog of 5,000+ unique open findings.

Python REST APIs Bash AWS Systems Manager SSM Docs ↓ 5,000 Unique Findings 5X Faster

Role: Lead Developer · 75%%

Global Opperations

Global Mission Security

Problem: Fragmented interfaces, tool sprawl, and redundant capabilities causing lack of correlated threat intelligence and budget overages
Solution: Modernized host-based security across 80+ global missions, FedRAMP-aligned controls.
Impact: Unified seven security platforms into one coherent single pane of glass. Eliminated $2.1M in contract costs

McAfee ePO VSE HIPS DLP FIM PA Recoverd $2.1M in Spend ↓ 6 Fewer Tools

Role: Lead Engineer · 80%

Supporting Projects

Zero-Trust

Network Security Architecture

Problem: Inadequate network segmentation and access controls leaving sensitive financial data exposed.
Solution: Implemented VPC microsegmentation, granular IAM least-privilege policies, and centralized security monitoring through AWS Security Hub.
Impact: Increased operational velocity by 50% for security team.

VPC Elastic Network Interfaces AWS IAM Security Hub SOC 2 ✓

Role: Security Engineer · 50%

Full Stack

Global Mission Security

Problem: Limited self-service access to critical operational intelligence for security architects, engineers, and operations.
Solution: Devloped a dynamic, centralized, collaborative knowledge repository to streamline workflows, onboard new hires, and document technical procedures. A single source of truth for code, infrastructure details, incident management, and historical RCAs.
Impact: Increased release train velocity by 50% for 10+ security team.

JavaScript APIs Python SQL Beautiful Soup ↑ 50% velocity

Role: Full Stack Engineer · 100%

🔬 Experimental

In Progress

AI-Powered Realtime WAF Rules Engine

A distributed, auto-scaling system leveraging ensemble models for real-time traffic analysis, continuously updating detection rules through online learning, anomaly detection via drift prediction, and contextual threat scoring across thousands of request properties per millisecond.

Kubernetes AWS ECS/EKS TensorFlow Redis Prototype
🤖

Completed

Automated Crypto Trading Bot

A Python-based automated crypto trading platform leveraging WebSockets for real-time market data, executing custom quantitative strategies while continuously monitoring and adjusting positions based on dynamic risk parameters. The system integrates advanced order management with sophisticated protective mechanisms, including intelligent fill handling, adaptive stop-losses, and real-time exposure controls to optimize trade execution and minimize potential losses.

Python Technical Indicators Bitcoin Etherium Complete system
🤖

Completed

Local AI Chatbot

Developed a local AI chatbot using open-source LLM models and Docker containers. Fully air-gapped, no data leaves the machine.

Docker Ollama Python Air-gapped
💬🤖

Completed

pfSense Home Firewall

Designed and implemented a pfSense firewall for home network security, including VPN access, intrusion detection, and traffic monitoring.

pfSense VPN IDS/IPS Production
🔥🧱