Experience

Senior Cloud Operations Engineer · Redfin

2024 – present · Remote

Promoted into the senior role 11 months after joining as a Cloud Ops II — 13 months ahead of the standard track. The work that earned it was the org-wide migration to Spacelift as the primary IaC orchestrator, replacing a patchwork of Atlantis, CloudFormation, and click-ops. Roughly $900K/yr in consolidated tooling and operational cost.

The other half of the role is the edge — Lambda@Edge routing, WAF rule design, CloudFront ownership across all consumer-facing properties. Inherited sole technical ownership of the edge layer after the prior owner left and kept it healthy through the EKS/Istio cutover.

HIGHLIGHTS

• Designed and shipped the Lambda@Edge path-based routing layer that dispatches traffic from CloudFront to service-mesh ingress, the legacy monolith ALB, partner API gateways, and S3 origins — one routing module, editable via 5-line PR.
• Integrated AWS WAF logs into Datadog, redesigned the rule set around JA3/JA4 fingerprints and per-route block lists. Over 90% reduction in malicious-traffic interruptions. Authored the tiered WAF change process (normal / urgent / emergency) the team still uses.
• Drove the EC2 monolith → EKS + Istio service-mesh transformation on the edge side. ~10% latency reduction on north-south traffic.
• Built out the GitHub Actions CI/CD pattern that replaced the previous deploy mechanisms — over 88% reduction in deploy time on the migrated services.
• Authored 200+ docs, READMEs, and technical writeups — including the docs/ai/ framework that treats coding agents as a first-class documentation audience.
• Mentored multiple junior engineers on AWS networking, Terraform, and CI/CD patterns. Sat in on Tech Lead interview loops.

Cloud Operations Engineer II · Redfin

2023 – 2024 · Remote

Hired into the cloud governance team. First year was edge ownership, WAF redesign, and the early scoping for what became the Spacelift migration. See the Senior block above for what that work became.

Cloud Engineer II · CLEAResult

2021 – 2023 · Remote

Modularized Terraform for the company’s standard web-app footprint in Azure and wired it through Terraform Cloud + Azure DevOps pipelines. 40+ web apps shipped through the new pattern, two quarters ahead of the original plan.

HIGHLIGHTS

• Deployed the Entra ↔ AWS Identity Center integration. Designed the permission-set and IAM strategy for console access — first real SSO substrate the org had.
• Built the multi-cloud logging pipeline (AWS + Azure → Datadog). Cut incident-response time by ~15% by surfacing the right signals in one place.
• Migrated thousands of DNS zones and records into Terraform using Python and open-source tooling. Lifted DNS out of “whoever has the console open” into something with diff-and-review.

Cloud Operations Engineer · Crayon

2019 – 2021 · Dallas

Cloud consulting across Microsoft CSP and AWS customers — hundreds of accounts, ranging from M365 licensing puzzles to multi-account AWS governance. Generated over $2M in annual client savings through serverless migrations, RI strategy, and web-app modernization.

HIGHLIGHTS

• Orchestrated security governance across 100+ AWS accounts. Maintained the IAM and account-boundary patterns that kept customer environments separated.
• Onboarded hundreds of CSP clients across M365 + Azure + AWS. Fastest possible education in what infrastructure actually looks like across very different orgs.