• Versatile Infrastructure Architect with 10+ years of experience architecting and scaling mission-critical infrastructure for research, education, and enterprise environments. Expert in leading organization-wide technical transformations from manual processes to automated zero-trust architectures while driving adoption through cross-functional influence and stakeholder alignment.
• Proven track record of making high-impact architectural decisions that enable business outcomes: architected identity management frameworks serving 400+ researchers, and built collaboration infrastructure supporting platforms with 1M+ monthly users. Specialized in solving ambiguous, complex problems at the intersection of infrastructure, security, and developer experience.
• Deep technical expertise in cloud architecture (AWS/GCP), identity management, IaC, CI/CD, and full-stack development. Known for translating business needs into scalable technical solutions and mentoring engineers on architecture and best practices.

• Led enterprise-wide identity transformation from a checklist on a piece of paper to Okta, architecting zero-trust identity framework for multinational workforce with ~20 employee types. Orchestrated cross-functional initiative across HR, Legal, and Operations to establish a unified role-based access-control framework. Designed Okta-centric architecture with secure identity data handling, developed Python migration tooling ensuring data integrity through production cutovers, and implemented SCIM/SAML/OAuth/OIDC integrations across all enterprise systems. Reduced identity management overhead by ~100% while strengthening security posture.
• Transformed GPU AI research server fleet from manual configuration handled by researchers to centralized Infrastructure-as-Code with Ansible and Jenkins, eliminating configuration drift across hybrid on-prem/cloud environments. Coordinated with five diverse research teams to gather requirements, architected a role-based sudo solution, and drove adoption through cross-functional stakeholder alignment and demonstrating value.
• Solved a critical collaboration bottleneck, enabling developers to share test instances of an AI-driven research platform with 1M+ monthly users. Reverse-engineered complex, legacy, undocumented build system, then designed and implemented new CI/CD pipeline using AWS infrastructure to deploy unique, isolated versions from GitHub branches. Improved efficiency, ability to maintain the platform, and developer performance.
• Architected and delivered full-stack SSH key management platform (ReactJS/OAuth frontend, Python API, distributed bash automation), enabling researcher self-service. Hands-on development across the full stack while also designing the architecture. Reduced SSH support tickets by 98% while improving security posture through centralized and automated key management.

Senior Infrastructure Engineer

at the world's only non-profit, open-source AI research lab
Jan 2019 - June 2025

• Built and managed mission-critical AI research infrastructure serving 400+ researchers across hybrid on-prem/AWS/GCP environments, achieving 99% uptime. Balanced performance, cost, security, and researcher autonomy while partnering with engineering and research teams to assess technical challenges, advise on infrastructure design, and deliver custom tooling that was previously out of reach.
• Architected a high-impact collaboration tool for developers of an AI-driven platform with 1M+ monthly users. Reverse-engineered the complex, legacy, undocumented platform build system, then built and integrated a new pipeline to deploy unique, ephemeral versions of the platform from GitHub branches, all with zero impact to production.
• Led organizational strategy for Okta, identity lifecycle, and IT security, partnering with research and engineering leaders to modernize identity workflows, automate onboarding pipelines, and drive enterprise‑wide integration into Okta.
• Mentored junior engineers on architectural thinking, automation patterns, and security best practices.Led cross - functional technical initiatives coordinating researchers, engineers, and administrators.
• Established data governance framework spanning distributed identity systems (Okta, AWS IAM, Google Admin, Active Directory, OpenLDAP). Implemented automated provisioning pipelines and SCIM/OAuth/OIDC/SAML integrations across all enterprise systems, eliminating manual processes and closing security gaps.
• Architected and delivered full-stack solutions (Python APIs, ReactJS frontends, GoLang services) to solve complex infrastructure challenges. Automated multi-account AWS infrastructure with Terraform including VPC peering, tunneling, and cross-cloud networking.
• Implemented Jamf MDM for macOS fleet, establishing configuration management and Apple Business Manager integration.

System administrator

at the fifth most diverse college in the country
2013 - December 2018

• Architected and deployed enterprise macOS management platform, automating image deployment and configuration serving 13,000+ students and staff. Saved $10K+ annually in licensing costs and reduced macOS tickets to 0.32% of total tickets through effective automation and documentation.
• Automated Windows deployment pipeline by developing hardware-independent imaging workflow using vSphere, sysprep, and Group Policy, and worked around limitations in commercial tooling to deliver a scalable solution.
• Administered enterprise Active Directory (1,000+ users across multiple domains), maintained 99%+ uptime for student-facing systems, and ensured FERPA compliance. Collaborated with faculty to balance user needs with institutional security and compliance requirements.
• Built zero-budget 24/7 underwater live-stream system for Marine Science Center using repurposed hardware and custom automation, showcasing creative problem-solving under resource constraints.

Field Systems Engineer (Contractor)

with an event registration technology provider for some of the world's largest tech conferences
2012 - 2013

• Provided nationwide, SLA-driven on-site infrastructure for high-profile tech conferences (Salesforce, Amazon, VMWare), coordinating with union workers, event managers and venue management to ensure compliant, on-time installation and configuration.

IT Support Specialist

work study while attending college
2007 - 2011

• Provided technical support to faculty, students, and staff for the complete video game development technology stack, including software (Maya, Unreal Engine, Unity, Photoshop, ZBrush, Mudbox), GPU and Wacom workstations, render farm, and audio/video equipment.

Infrastructure & DevOps

• System administration (Linux, Windows, macOS)
• CI/CD (GitHub Actions, Jenkins, TeamCity, AWS Amplify)
• IaC (Ansible, Terraform, AWS CloudFormation)
• Cloud orchestration (AWS/GCP)
• Virtualization (vSphere, LXC, Docker, Kubernetes)
• SaaS (Microsoft Office365, Google Workspace)
• Networking (subnet design, VLANs, DHCP, DNS, Wake-on-LAN, Cisco IOS)

Identity & Security

• Okta
• AWS IAM/Identity Center
• Google Admin
• LDAP
• role-based access control
• SCIM
• SAML
• OAuth/OIDC
• Zero-Trust architecture

Collaboration & Leadership

• Technical leadership
• Cross-functional coordination
• Mentoring
• Agile/Scrum
• Stakeholder communication
• Post-incident reviews
• Change management
• Design and code reviews

Compliance & Regulation

• Export Administration Regulations
• Family Educational Rights and Privacy Act

Programming & Development

• Python
• Git
• ReactJS
• Bash
• Full-stack web development
• API development
• Mobile app development (Dart/Flutter)
• Software development lifecycle