I build systems that are meant to be broken—and then I make sure they can't be.

By day, I am a DevOps Engineer; by nature, I am a Penetration Tester. My journey began in Ethical Hacking, which fundamentally changed how I view infrastructure. I don't just architect for scalability; I architect to survive an adversary.

• 🛡️ Infrastructure as Code (Security): Hardening CI/CD pipelines and Kubernetes clusters before the first line of app code is even deployed.
• 🏗️ Engineering Automation: Writing high-performance internal tools and Kubernetes Operators in Go to replace manual toil with reliable code.
• 🌐 Community First: I believe the best way to secure the web is through Open Source. I'm an active contributor focused on infrastructure reliability and cloud-native security.

Real-world impact across the Kubernetes and Cloud-Native ecosystem.

1. Eliminating Alert Fatigue in Kubernetes HPAs

Project: kubernetes-monitoring/kubernetes-mixin | Link: #1194

• The Fix: Squashed "false positive" alerts by updating PromQL expressions to ignore fixed-scale HPAs. Now, engineers only get paged when resources are actually starving.

2. Securing RabbitMQ Operator Deployments

Project: bitnami/charts | Link: #19568

• The Fix: Hardened container security contexts to meet strict PodSecurity policies for K8s v1.26+, preventing deployment failures in secure environments.

3. Enabling Custom Plugin Webservers for Mattermost

Project: mattermost/mattermost-helm | Link: #396

• The Fix: Engineered dynamic extraPorts support in Helm, allowing complex plugins with standalone webservers to integrate seamlessly with Mattermost.

I'm always up for a deep dive into secure architecture, reliability engineering, or shifting security left.

LinkedIn • Support My Work