Skip to content
Open to board advisory and board seats — 2H 2026, then CY 2027–2028.
See details →
Cloud · DevOps · SRE

Cloud, DevOps & infrastructure

How I think about cloud architecture, platform teams, and DevOps in regulated, high-growth environments.

Pillars

Multi-cloud landing zones

Account/subscription structure, SCPs, paved roads, and the boring guardrails that pass audits cheaply.

CI/CD & GitOps

Pipelines as product, signed builds, progressive delivery, and rollback you can trust at 2am.

Platform engineering

Internal platforms run like real products — roadmap, NPS, paved roads, tiered support.

DevSecOps

Shift-left controls that don't slow shipping: SAST, SBOMs, secret scanning, policy-as-code.

Reliability & SRE

SLOs that match revenue, error budgets engineers actually respect, on-call you can sustain.

FinOps & cost

Tagging that holds up, unit economics per workload, rightsizing as a recurring practice.

Reference stack

Compute
  • AWS (primary)
  • Azure
  • EKS / Kubernetes
  • ECS Fargate
  • Lambda
Delivery
  • GitHub Actions
  • ArgoCD
  • Terraform
  • Helm
  • OpenTofu
Observability
  • Datadog
  • OpenTelemetry
  • Grafana
  • PagerDuty
  • Sentry
Security
  • Wiz
  • Snyk
  • OPA / Gatekeeper
  • Vault
  • AWS Security Hub

Related writing

All cloud & DevOps posts
May 5, 2026 · 6 min

AWS Cost Levers That Actually Moved the Needle

Cutting ~35% off a multi-region AWS footprint with no capability loss — the levers in the order they paid back, best first.

AWSCloudDevOps
Jan 27, 2026 · 4 min

Security and DevOps Under One Roof: Why I Stopped Apologizing for It

The case for the dual mandate, and why org-chart distance doesn't create security.

DevOps
Jun 15, 2026 · 7 min

Pick the Model Like You Size a Cluster, Not Like You Pick a Sports Team

Most teams pick a frontier model like a sports team and never revisit it — but model selection is a routing, capacity, and risk decision you already know how to make.

Infrastructure
Jun 22, 2026 · 8 min

Design Your AI Inference Like the Model Could Vanish Tomorrow, Because One Just Did

A frontier model went dark three days after launch; here's how I make AI inference survivable on AWS when the provider is a dependency you don't control.

AWS
May 3, 2026 · 6 min

The Eight-Domain Azure Security Review for Regulated Environments

An automated tool scores your Azure posture; an assessor walks your architecture. The eight domains I review, in the order an audit walks them, and the evidence each one has to produce.

Azure
Jul 14, 2025 · 6 min

Cloud FinOps for the Mid-Market: Where 25–40% of Spend Actually Hides

The press-release version of cloud savings cancels workloads and books compliance debt. The version that lasts is commitment management and SaaS rationalization.

AWSAzure

Building or rebuilding a cloud platform?

I advise fintech and regulated SaaS teams on cloud architecture, DevOps maturity, and platform engineering.

Book a callSee case studies