- Served as technical lead for a six-person mixed team of data engineers, platform engineers, and data analysts, setting engineering direction, assigning work, running standups, reviewing PRs, and turning unclear customer requirements into executable delivery plans.
- Wrote technical job requirements, led technical interviews as the primary engineering evaluator, and provided candidate assessments that shaped team hiring decisions.
- Mentored junior engineers in Terraform, Docker, Kubernetes, CI/CD, data engineering, and project architecture, growing them from new hires into independent contributors capable of owning delivery areas within 6-8 months.
- Stood up the project's engineering foundation from nothing: reproducible Nix developer environments, templates, reference documentation, coding standards, architecture docs, pairing practices, and a Go-based devshell/documentation search tool.
- Reduced first-day onboarding friction so new engineers could start productive project work within 30 minutes, then reach meaningful project productivity around the three-month mark.
- Led platform and data engineering for federal healthcare system supporting IHS migration from VistA/RPMS to Oracle Health, transforming legacy data into FHIR R4 resources and Oracle Cerner CSV outputs.
- Architected medallion-pattern (Bronze/Silver/Gold) ETL pipelines processing 100M+ patient records across 1,000+ tables using Python, PySpark, and a Nix-based build system on Azure Synapse Analytics.
- Built config-driven data platform generating 880+ Nix packages from declarative table configurations, enabling standardized transformations across 1,000+ datasets with 98.4% coverage.
- Used Nix as the execution and packaging layer for PySpark/Python healthcare transformations, enabling deterministic builds, isolated package entrypoints, and repeatable validation for large clinical domains including labs, vitals, medications, encounters, procedures, and documents.
- Achieved 100% FHIR R4 validation across all clinical domains (demographics, vitals, labs, conditions, medications, immunizations, procedures, encounters, orders, documents) with dual tribal coding for IHS-specific requirements.
- Developed streaming-mode processing for large fact tables (9.7M+ rows per table), and dual-output architecture generating both CSV and FHIR Bundle outputs from single pipeline runs.
- Owned architecture for the Cerner Data Syndication pipeline, including Go bundle processing, Azure landing and extracted containers, Event Grid, Storage Queue, Container Apps Jobs, KEDA scaling, and Terraform-managed deployment modules.
- Created FHIR validation tooling processing ~40,000 JSON records in ~15 minutes; built Python fuzzy-matching field mappers, US Core profile skeleton generators, and Pydantic model extensions.
- Built reproducible developer platform reducing onboarding time to under 10 minutes and ensuring parity between local development and CI environments.
- Moved the effort from blocked requirements, missing environments, and undefined architecture into sustained delivery by creating the technical foundation and upskilling the team around it.
- Used Nix as the common platform interface for build, test, scan, package, deploy, and operations workflows, making local developer commands match CI behavior across healthcare data, cloud infrastructure, Kubernetes, and security tooling.
- Built a config-driven Nix package generation system that produced 880+ reproducible ETL package entrypoints from declarative table configs, standardizing local and Synapse execution across 1,000+ healthcare datasets.
- Created Nix/flakes operational shells wrapping OpenTofu, Azure CLI, GitHub CLI, ACR publishing, Container Apps Job operations, Log Analytics queries, and Storage Queue inspection into reproducible nix run entrypoints.
- Built Nix-packaged Go OCI artifacts for data-syndication bundle processing, including reproducible container images, Azure Container Apps Job deployment, and versioned Azure ACR publishing flows.
- Replaced Docker-daemon image publishing with Nix + Skopeo workflows, allowing CI and developer machines to build and push OCI artifacts through nix run commands without requiring local Docker state.
- Built a Nix-flake security scanning framework exposing reproducible apps for Trivy, Semgrep, Gitleaks, govulncheck, SBOM generation, SARIF output, and attestation reporting.
- Built NixOS audit modules for scheduled Vulnix and Lynis hardening reports using systemd timers, producing recurring host-level vulnerability and compliance evidence.
- Packaged Azure Pipelines agents as Nix-built OCI images using dockerTools, standardizing runner dependencies, startup behavior, and non-root execution.
- Packaged local Kubernetes platform deployment as Nix apps, generating Helm values and wrapping K3D, kubectl, Helm dependency builds, CRD application, and chart installation into repeatable developer workflows.
- Created reusable Nix devshells for AWS GovCloud Terraform, Platform One Big Bang, Kubernetes labs, and project onboarding workflows, bundling pinned CLIs and project-specific helper commands.
- Built comprehensive security scanning suite: Trivy, govulncheck, Semgrep, Gitleaks, sbomnix SBOM generation — with SARIF output for GitHub Security integration and automated compliance reporting.
- Designed and maintained GitLab CI/CD pipelines with reusable templates, automated STIG scanning, and standardized deployment patterns across multiple teams.
- Designed and operated internal platform engineering capabilities including CI/CD systems, reproducible development environments (Nix), and standardized deployment patterns across teams.
- Built AWS GovCloud infrastructure using Terraform (EC2, IAM, EBS, RDS, AMIs, ACM); created automated OpenVPN deployment with Ansible.
- Implemented HashiCorp Vault for secrets management including disaster recovery tooling (Python export/comparison scripts); deployed containerized applications in Kubernetes using Helm.
- Built Nix devshell for Platform One Big Bang (DoD Kubernetes distribution) wrapping bbctl, Helm, k3d, kubectl, and kustomize into a reproducible environment.
- Contributed to Cyclops platform (ATA's streaming analytics / MLOps / data fabric): Nix dev environment, k3d local Kubernetes, Traefik routing, Keycloak/Grafana ingress.
- Built missile launch data generators and AIS vessel data pipelines for MDA Spot-Lyt defense simulation platform using Kafka and Flink streaming analytics.
- Developed NIST 800-53 Rev 5 compliance analysis tool in Python — cross-references control catalogs with program-specific requirements for automated assessment.
- Mentored team members on DevOps best practices; created documentation, reference implementations, and Nix flake templates to support org-wide adoption.