Senior DevSecOps Engineer • Cloud Solutions Architect • Infrastructure & Automation
I help engineering teams build secure, stable cloud infrastructure, lead DevOps practices, and ship reliably with CI/CD, containerization, and infrastructure as code. I love helping teams achieve resilient systems that are scalable, secure, and easy to operate.
- agent-bound — Access control framework for MCP servers with Android-style permissions.
- dgossgen — Generate dgoss container test suites from Dockerfiles via static analysis.
- gemini-actions — A collection of GitHub Actions powered by Google Gemini that automate repository workflows.
- keystone — Open-source Electron app for AI-assisted software architecture (PRDs, TDDs, ADRs).
- moovit-client — TypeScript client library for Moovit public transit API (route planning, real-time arrivals, and location search).
- openclaw-aws — Infrastructure and deployment automation for OpenClaw on AWS.
- openclaw-mailguard — OpenClaw plugin for email prompt-injection mitigation with gated tool access.
- skills — Reusable agent skills for AI tools.
- 2026-01-08 — dgoss: Testing the Container, Not Just the Image
- 2025-08-04 — A Practical Guide to Terraform Dependency Management
- 2025-07-02 — Stop Scripting, Start Architecting: The OOP Approach to Terraform
- 2025-06-04 — Why GitFlow Fails at Infrastructure
- 2025-05-06 — Modernizing Scheduled Tasks: Reliability, Scale, and Zero Maintenance
- 2025-04-03 — How Serverless Shrinks PCI Scope
- 2025-03-04 — Terraform at Scale: Folders, Workspaces, or Services?
- 2025-02-10 — Kubernetes vs. Proprietary Container Services: A Technical and Pragmatic Comparison
- 2025-01-15 — Idempotent Dockerfiles: Desirable Ideal or Misplaced Objective?