One senior engineer. Twenty years across cloud, DevOps, custom software, and ai-native delivery. I draw the load paths, specify the materials, sign the drawings — then build it, often in a fraction of the time a team would take.
NOTE 02 ↗
You hire me when the on-call pager has become the org chart. When the MVP can't take its first big customer. When you'd rather have one principal than five juniors and a deck.
aws sa pro · sysops│practicing since 2005│healthcare · fintech · regulated│dfw · remote · async-first│ndas before disclosure│
aws sa pro · sysops│practicing since 2005│healthcare · fintech · regulated│dfw · remote · async-first│ndas before disclosure│
next slot · q3 2026
A.01—04capability stack — fig. 1
four disciplines. one engineer.one signature.
A.01aws · gcp · azure · oracleFIG · 1.01
cloud architecture
Multi-cloud infrastructure designed for scale, security, and operational clarity. Network design, HA patterns, disaster recovery, security hardening, and FinOps — engineered to survive the next ten years, not the next demo.
VPC + transit gateway design
IAM + KMS hardening
DR runbooks (RTO/RPO defined)
FinOps · cost attribution
A.02terraform · k8s · gitopsFIG · 1.02
devops & automation
CI/CD pipelines, infrastructure as code, and container orchestration that let engineering teams ship without fear. GitOps workflows, observability, secrets management, policy-as-code — every change auditable, every rollback boring.
Terraform modules · CDK
EKS · ECS · GKE
GitHub Actions · GitLab CI
OPA · policy-as-code
A.03ts · python · go · .netFIG · 1.03
custom software
Full-stack systems built for integration, not isolation. Production-grade TypeScript, Python, Go, and .NET delivery with rigorous API, database, and event-driven architecture. The kind of code that's still readable on year five.
Federated GraphQL
Event-driven (Kafka · MSK)
Postgres · DynamoDB · Aurora
Type-safe end-to-end
A.04orchestration · evals · leverageFIG · 1.04
ai-native delivery
AI as a delivery multiplier, not a demo button. LLM orchestration, retrieval, agentic systems, structured outputs, and rubric-driven evaluation — used to ship what would have taken a team months in weeks instead. Not faster slop. Faster work, with the runbook to prove it.
model orchestration
eval harnesses · rubrics
rag + structured outputs
bedrock · openai · anthropic
A.00the leverage thesis
ai is the force multiplier. not the product.
One senior engineer with the right model harness, eval discipline, and decision-provenance system now ships in weeks what used to need a three-to-five-person team for months. That's not a productivity claim — it's a structural one.
Pointing a chatbot at your repo gets you maybe 20–30% faster. What I do is different in kind: tiered context engineered for agent consumption, explicit routing and load discipline, and a versioned decision log treated as first-class infrastructure. Coordination cost collapses. The discipline doesn't.
M.01
tiered context
A 5k-token foundation every agent reads on every task. A 40k-token reference layer agents pull from selectively. A sequestered future-scope layer that stays out of the way until its phase.
M.02
explicit routing
A routing table tells agents which files to load for which kind of work. Every load traceable. No "give the AI your repo and pray."
M.03
decision provenance
Versioned changelog of one-line constraints. Long-form ADR history with the reasoning behind every call. If code contradicts the log, it's a bug — not a debate.
M.04
archive vs. distillation
Founder communication preserved verbatim. Curated agent briefing packet derived from it, kept current. Two folders, never confused.
↳ this is what mature agentic development actually looks like. it's not a productivity tool — it's a methodology. and it's why a 12-week solo build holds up to scrutiny on a project a team would scope for nine months.
L.00why most ai content fails
most ai output is bad on purpose. three reasons why.
A skilled reader spots ai-generated content within a paragraph or two of most consumer-tool output. That's not because ai writing is broken — it's because the workflows producing it almost guarantee disappointing results.
The three failure modes below recur across nearly every consumer ai tool. Each is fixable. None of them are fixed by accident.
F.01 · failure mode
the model is below tier
Frontier-tier models — Claude Opus, GPT-5, Gemini 2.5 Pro — are a small set. Below them sits a much larger "good enough for most things" tier, then commodity-tier, then depreciated. Consumer wrappers route most requests downward. The capability gap is real: reasoning, instruction-following, voice consistency, and the ability to avoid generic patterns all degrade visibly tier by tier.
↳ frontier-tier or it doesn't count
F.02 · failure mode
the context is too thin
Token windows range from 4K (older or smaller models) to 200K (mainstream frontier) to 1M+ (the largest current). A meaningful work segment — a service hub, a coordinated rebuild decision — needs 20K to 100K+ tokens of grounding: voice, prior work, customer specifics, the rubric, examples. Smaller windows drop earlier context as new context flows in. Coherence collapses at scale.
↳ context is the work
F.03 · failure mode
no editorial discipline
First draft, lightly edited, published. No evaluator agent. No rubric. No second pass. No structural rewrite. The first draft from any model — however capable — misses operational specifics and voice consistency. The standard here: 40%+ of prose differs from the AI draft after editing, or the piece doesn't ship.
↳ rubric · regenerate · rewrite
what i do instead →
Frontier models on production work. Iterative context construction — voice references, prior work, customer specifics, quality rubric, examples of acceptable and unacceptable output. A 7-dimension rubric applied by an evaluator agent on every piece. Regeneration on weak dimensions. Substantive human editing required, not optional — the standard is 40%+ of prose differs from the ai draft.
O.00the operating model
agentic where it earns it. human where it matters.
Three components, in coordination. Agentic pipelines for execution-heavy work that runs as infrastructure. Human judgment for decisions that actually matter. Structural quality discipline that runs in both. None of the three is sufficient alone. The combination is what produces traditional-team output at fraction-of-the-cost economics.
The boundary isn't fuzzy. If it's repeatable, scoring-based, or pattern-driven, it runs on a pipeline. If it requires context, relationship awareness, or strategic judgment, it's human work. If it's about whether the work meets standard, it's quality discipline.
O.01
agentic pipelines
execution as infrastructure
P.1
content discovery
Topic candidates surface continuously from search performance, competitor moves, content gaps, seasonality. Queue stays full enough that production never stalls waiting for a brainstorm.
P.2
rubric evaluation
Every piece passes a 7-dimension evaluator-agent score before publication. Pieces below threshold return for revision. The bar is enforced as infrastructure, not as a memory.
P.3
refresh detection
Existing content monitored continuously for performance decline, competitor moves on the same topics, factual updates needed. Pages flag back into the queue with refresh-specific guidance.
P.4
measurement reporting
Monthly summaries draft from live analytics rather than manual data pulls. Standard charts, definitions, trend analysis run as automation. Humans interpret.
P.5
technical health monitoring
Core Web Vitals, index coverage, redirect health, schema validation — monitored continuously with alerting on drift. No surprises at the quarterly review.
O.02
human judgment
five things that don't automate
J.1
strategic decisions
Architecture, sequencing, course corrections, response to surprising findings. Pipelines surface signals; humans choose what gets done.
J.2
what gets produced from the queue
Discovery surfaces candidates. Some scoring well aren't worth producing. Some scoring lower are. The selection is judgment.
J.3
editorial review of every piece
Even pieces passing the rubric get a human pass before publication. Tone calibration, context-sensitive references, what's right for the moment.
J.4
how findings get framed
The same finding lands well or poorly depending on framing. Synthesis and the cadence of disclosure are deliberately judgment work.
J.5
the client relationship itself
Direct conversations, response to questions, the texture of the working relationship. Nothing automated. Relationships run the way relationships run.
"Qualified inquiry" has a documented definition that survives across reporting periods. "Conversion" maps to specific events. No loose language.
Q.3
pre-publication deployment gates
Core Web Vitals at or above baseline. Accessibility checks. Cross-browser validation. Schema validation. Automated step in the pipeline, not manual review.
Q.4
calibration against actual hours
Traditional-equivalent estimates get calibrated against this practice's actual delivered hours over time. The leverage claim is verifiable, not asserted.
O.04compounding
the context library is itself an asset.
Voice references, prior work, customer specifics, the rubric, examples of acceptable and unacceptable output. Building this is upfront work that pays back across every piece produced afterwards. The library refines based on what worked. Over time it becomes a substantial asset that no consumer tool's templated approach can match. Every engagement makes the next one sharper. The maintenance bar going forward is the bar of this operating model, not the bar of traditional retainer work.
↳ what this isn't
not "ai does everything."Strategy, editorial judgment, and relationship work are human work. Pipelines handle execution.
not universally faster.The model is suited to pattern-driven, signal-responsive work. Different work warrants different models.
not magic.Current models have specific failures. The rubric and human review catch them. The model doesn't depend on AI being good at everything.
not a one-time advantage.The library, the rubric, and the pipelines themselves refine as work runs. An artifact that compounds.
B.01—03engagement modes — fig. 2
three ways to work. all of them documented.
B.01mode~2 days/wk · monthly
fractional cto
WHO
Series A/B founders. First technical hire was wrong. Or never made.
Won't take work I can't finish — better to refer than rush.
B.03mode20—40 hrs/mo · ongoing
retainer
WHO
Established team. Need senior judgment on tap, without the full-time line item.
DOES
On-call architecture review, code review for the hard PRs, incident postmortems, AI eval design.
WON'T
Won't be your only engineer long-term — bus factor of one is a smell, not a service.
C.00recent work — anonymized
six runbooks shipped this year.
RB-014
fintech · series B 11 weeks mode · fixed-scope
eu-region carve-out for ledger system
PROBLEM
Single-region AWS deployment. New EU customer required GDPR data residency in 90 days. Existing team had never run multi-region.
RESULT
Active/active across us-east-1 and eu-west-2. Zero customer-visible downtime. RPO < 30s, RTO < 5min, documented and drilled.
STACK
terraformaurora-globalroute53-policieskms-mrk
RB-015
global fintech · public · cloudops embedded · 18+ months mode · retainer
azure platform engineering at banking scale
PROBLEM
Embedded on the cloudops team owning Azure infrastructure for a public-market multi-tenant SaaS platform at banking scale, serving thousands of tenants. Three product surfaces — a shared control plane for tenant configuration, per-tenant isolated stacks, and a Kubernetes-based core delivery platform. ~75 terraform/terragrunt repos. Three Azure regions, four environment tiers (dev/cert/qa/prod), all coordinated from one workspace.
RESULT
Trunk-based IaC contract enforced via PR-description JSON: pre-commit checks → terraform plan → wiz scan → environment approval → apply, with the wiz-scanned plan being exactly what ships. One module per PR, serialized. Blue/green VMSS rollouts via AGW backend pool swap (zero downtime). Self-hosted ADO agent VMSS pools elastically scaled per PR wave. Custom Terraform provider extending HashiCorp's azurerm for tenant-specific behaviors. ~25 reusable module repos and ~10 live-state repos held in version sync.
Solo founder with deep methodology, no engineering team. Needed a working 18-step LLM-orchestrated decision engine for design-partner review — and a v1 schema that wouldn't become a six-figure v2 migration.
RESULT
Lead engineer end-to-end. ~55–70 model calls/session across three model tiers, parallel evaluation, streaming. Tiered agent context, versioned decision log, ADR history. 12-week reviewable POC on a project a traditional 3–5 person team would scope for 6–9 months.
Three sibling brands competing with each other for the same queries. A 2024–25 agency rebuild left identity drift, broken sub-pages, and a GA4 setup counting page-loads as conversions — ~99% of "key events" were inflated. Paid search CPA quadrupled. Site stack on aging WordPress + plugin layer with monthly fire drills.
RESULT
Brand portfolio rebuilt: a primary brand and two adjacent specialty brands, with cross-routing and transparent parent attribution. ~76 pages produced through a 7-dimension content rubric (40%+ human-edit floor). Static-site rebuild on Cloudflare Pages, first-party form handler, conversion tracking re-grounded on real submit events. Slack-agent maintenance workflow replaces the WordPress dashboard — every change ships through a preview link before going live.
feature delivery on a graph-backed ops intelligence platform
PROBLEM
Internal operations intelligence platform replacing a fragmented tool landscape across multiple refinery and pipeline sites. Six operational personas, each with a tailored view of the same underlying graph and per-mode access boundaries. Embedded on the engineering team for full-stack feature work and cross-cutting bug resolution.
RESULT
Shipped a related-documents drawer on the project page surfacing all engineering documents linked to a capital project (new API + cypher query work). Separated master vs. project engineering-document endpoints so project-scoped documents flowed into the right view. Enabled full project-page rendering from global search in non-project modes — mode-specific config plus backend access enforcement so non-project users get the full experience without seeing sensitive fields. Ongoing bug resolution across multiple persona modes and shared document workflows.
STACK
reacttypescriptnodeneo4jcypheraws-sstazure-devops
↳ identifying details obscured per nda · numbers verified by client
Not an exhaustive historical inventory. This is the current active rotation. These are the technologies I've put into production, been paged on, and relied upon when systems fail at 3 AM. If a tool isn't listed here, it's either legacy or hasn't earned its place in a modern baseline.
E.00process — fig. 5
five phases. one signed drawing per phase.
P.01
intake
1—2 days
You write to me. I read it. We do a 45-minute call. If we're not a fit, I tell you who is.
P.02
survey
1—2 weeks
I read your code, your IaC, your alerts, your runbooks. I write a memo. The memo is the deliverable, signed.
P.03
plan
1 week
A scoped SOW with milestones, exit criteria, and what I won't do. Fixed-fee where possible.
P.04
build
weeks—months
I do the work. You see daily commits, weekly memos, monthly demos. No mystery, no theater.
P.05
handoff
1—2 weeks
Documentation, runbooks, and a 30-day support window. Your team owns it on day 31.
E.50principal + bench — fig. 5b
how the work actually gets done.
Most engagements are me, end to end. Strategy, architecture, the memos you sign off on, the runbook itself — that work is mine, every time.
For specialist execution work — security audits, heavy data migrations, niche cloud certifications — I bring in a small bench of trusted collaborators I've worked with for years. Costs are transparent in the SOW. There's no markup game. You always know who's touching what.
The signature on the drawing is mine. The buck stops here.
who does what
intake & scopingme
architecture & designme
signed memos & runbooksme
day-to-day implementationme, primarily
security auditsvetted specialist
heavy migrationsme + 1 collaborator
compliance attestationlicensed partner
handoff & supportme
F.00frequent questions
questions i get before the first call.
On strategy, architecture, and the runbook itself — yes. That's the product. For specialist execution work (security audits, heavy migrations, niche cloud certifications) I bring in a small bench of trusted collaborators I've worked with for years. You always know who's touching what. The signature on the drawing is mine.
Two answers. One: every engagement ships with a written runbook your team can execute without me — that's the literal deliverable. Two: retainers cap at ~40 hrs/mo on purpose. My job is to leave a team that doesn't need me.
Selectively, for scoped specialist work, with collaborators I trust and have worked with before. No markup games — costs are transparent in the SOW. I don't resell other people's labor as my own, and the principal work (design, architecture, the memos you sign off on) is always me.
Retainer rate, billed monthly. Most engagements land between $14k and $28k/mo. Fixed-scope projects are quoted per SOW. I don't list rates because the work doesn't.
Yes — before any technical disclosure. Standard mutual NDA, or I'll sign yours.
Rarely. Cash invoiced monthly is the default — I want to be the engineer you can fire when you don't need me anymore, and equity makes that conversation harder. Open to a small equity component alongside cash for the right early-stage engagement: founder I trust, work I'd want to be tied to, terms that don't pretend equity is liquid.
A 4-hour architecture review (~$2k). Useful when you have one specific decision and want a senior second opinion before committing to it.
Both. Greenfield is more fun. Rescue is more common.
I'll tell you in the first call and refer you to someone better suited. I keep a short list of people I trust for things I don't do.
G.00book intake
describe the system. i'll read the room.
Reply within one business day. NDA before any technical disclosure. Free 45-minute intake call — no obligation, no slide deck, just a conversation.
✓free 45-minute intake — no obligation
✓fractional, project-based, or retainer engagements