Platform Security • Cloud Architecture • DevSecOps • SRE

A.V. Rodriguez

Cloud Solutions Architect and Platform Security Engineer with 16+ years delivering secure, observable, and automated platforms for DoD, federal, and enterprise environments. Specialized in DoD IL5/IL6, Zero Trust architecture, and Continuous Authorization to Operate (cATO) programs. Active Secret Clearance.

View Experience Get in Touch

16+

Years Experience

Multi

Cloud: AWS, Azure, GCP, OCI

Secret

Active Clearance

DoD

IL5 / IL6 Certified

About

Security, Reliability & Velocity - Together

I've spent 16+ years proving that compliance and delivery speed are not in conflict. From DoD IL5/IL6 EKS clusters to global enterprise observability platforms, I design systems where security, reliability, and automation are platform primitives - not afterthoughts.

My work spans federal programs (NASA, DoD, USAF), defense contractors (General Dynamics, Lockheed Martin), and Fortune 500 enterprises (Disney, Sabre, PwC). I bring deep expertise in cATO, Zero Trust, Kubernetes platform security, MLOps pipelines, and Infrastructure as Code - always aligned to the mission at hand.

  • DoD IL5/IL6 platform architecture with NIST 800-53, FedRAMP High & DISA STIG enforcement
  • Continuous Authorization to Operate (cATO) telemetry and ConMon programs
  • Enterprise observability: Grafana LGTM stack, OpenTelemetry, SLI/SLO design
  • AI/MLOps pipelines: SageMaker, Bedrock, Glue with governance guardrails & drift detection
  • Infrastructure as Code: Terraform, Terragrunt, OpenTofu, Ansible, policy-as-code
  • MS Cybersecurity & Privacy (UCF, exp. 2026) • Graduate Certificate AI/ML (UCF, 2024)

Experience

Professional History

16+ years across federal defense, aerospace, healthcare, entertainment, and global enterprise - always at the intersection of platform engineering and security.

Senior Cloud Engineer

Thazen - Contracted to General Dynamics Mission Systems

Dec 2025 – Present
  • Architected and delivered a production hub-and-spoke LGTM observability platform across multiple air-gapped EKS clusters on AWS GovCloud (DoD IL5 & IL6), enforcing NIST 800-53 Rev 5, FedRAMP High, and DISA STIG controls end-to-end.
  • Enforced Software Supply Chain Risk Management (SCRM) mandates by sourcing 100% of Helm charts from DoD Iron Bank hardened Big Bang releases, eliminating public-internet supply chain vectors.
  • Advanced Zero Trust least-privilege by deploying Mimir, Loki, Tempo, Grafana, and Alloy with zero static credentials via Amazon EKS Pod Identity integration.
  • Engineered a Continuous Authorization to Operate (cATO) telemetry foundation: structured the observability stack to output continuous, audit-ready evidence streams aligned to NIST 800-53 ConMon requirements, reducing manual evidence-collection overhead and enabling real-time compliance posture visibility for the authorizing official.
  • Enforced federal IAM standards by deploying a SAML-federated access layer via Keycloak on EKS with CAC/PIV smart card authentication through the enterprise IdP inside the private VPC.

Senior Platform Engineer

Contracted to Disney Cruise Line

Feb – Oct 2025
  • Designed and drove adoption of a unified observability stack using Prometheus, OpenTelemetry, Grafana, Mimir, and Loki across AWS and Azure, establishing distributed tracing and correlated log aggregation that significantly reduced MTTR for critical API and booking traffic.
  • Defined the multi-cloud delivery standard across AWS and Azure, architecting hybrid CI/CD pipelines using Azure DevOps targeting both AKS and AWS, with Azure Container Registry as the shared image authority - substantially reducing deployment cycle time.
  • Designed self-healing policies and dynamic scaling automation in Terraform so routine capacity events required zero operator intervention, directly protecting guest experience during high-demand sailings.
  • Led chaos engineering experiments and DR drills as a proactive practice, identifying failure modes in controlled conditions before they affected guests and driving remediation to completion.

Senior DevSecOps Engineer

Contracted to Lockheed Martin Space

Sep 2024 – Feb 2025
  • Designed a modular Ansible framework automating Oracle Fusion Middleware deployments across classified RHEL 8 environments, reducing per-server installation time from 8+ hours to under 2 and eliminating configuration drift.
  • Implemented Ansible Vault encryption with automated Nexus repository authentication and checksum verification, removing hardcoded credentials and ensuring compliance deadlines were met without manual handoffs.
  • Integrated GitLab CI/CD pipelines with Jinja2 templating for dynamic response file generation, enabling fully unattended deployments with comprehensive audit logging across multiple production environments.

Principal Cloud Computing Engineer

SAIC - Contracted to NASA

Oct 2021 – Jun 2024
  • Drove a 30% infrastructure cost reduction by deploying tagging enforcement, rightsizing policies, and cost allocation frameworks as platform primitives, ensuring spend visibility and SLO alignment across tenant growth.
  • Owned the MLOps platform architecture using AWS SageMaker, Bedrock, Glue, Textract, and Transcribe orchestrated via Lambda and Terraform, automating document extraction and transcription and eliminating processing backlogs that had constrained archival workflows for years.
  • Designed GAIA - a Python and Jinja2-driven Terraform module system integrated with DynamoDB inventory and GitHub Actions - reducing environment provisioning time from days to hours across a multi-tenant government cloud environment.
  • Designed an automated Kion-based tenant onboarding workflow with configurable IAM role management and RBAC tiers, enabling new agency tenants to be provisioned consistently and compliantly without per-instance engineering involvement.

Senior Cloud Infrastructure Consultant

TZN Solutions - Select Engagements

2017 – 2023
  • NASA (Artemis): Release Manager achieving 95% on-time delivery, cutting release cycle time by 40% through GitLab CI and Terraform policy-as-code gates.
  • Care AI (Healthcare): HIPAA-compliant cloud infrastructure in GCP and AWS for ambient patient monitoring at 99.95% availability; built MLOps pipeline with automated model drift detection.
  • Walt Disney World: Architected the Travel Box reservation platform processing millions of daily transactions across 40+ microservices on AWS ECS with 99.9% availability SLA and sub-15-minute RPO/RTO via Oracle RAC and IBM MQ.
  • PricewaterhouseCoopers: Implemented policy-as-code enforcement using Terraform Enterprise and HashiCorp Sentinel against ISO27001 and SOC2 controls; deployed secure CI/CD to Azure Government Cloud with Key Vault secrets management.
  • BCG / Intermountain Healthcare: Designed HIPAA-compliant Bamboo CI/CD pipelines, cutting runtime by 30–45% and release failures by 25%.
  • Dell / Boeing: Migrated Jenkins to CloudBees CI enterprise with HA configuration, eliminating the SPOF threatening 24/7 aerospace manufacturing operations.

Air Force M&S Software Integrator - DevSecOps

US Air Force

May – Oct 2017
  • Modernized the CI/CD delivery pipeline for the Air Force Modeling and Simulation Training Toolkit (AFMSTT) war game simulator by establishing GitLab-based version control integrated with jFrog Artifactory, Jenkins, and Maven, replacing ad-hoc build processes with a repeatable, auditable CI/CD workflow.

DevOps Manager

Sabre Corporation

2011 – 2016
  • Led enterprise cloud migration of 80+ applications from Visual SourceSafe to TFS and Microsoft Azure supporting global airline transaction processing for 25+ carriers, reducing operating costs by 40% while maintaining 99.9% availability.
  • Implemented a comprehensive monitoring strategy using New Relic and AppDynamics with custom dashboards, decreasing MTTR by 55% through proactive issue detection.
  • Reduced airline implementation time from 3 weeks to 2 hours through automation and standardized deployment procedures, successfully integrating 25+ carriers with zero production outages.

Highlights

Key Deliverables

A selection of platforms, programs, and outcomes delivered across federal, defense, and enterprise engagements.

DoD IL5/IL6 Observability Platform

Air-gapped, hardened LGTM observability stacks across multiple EKS clusters on AWS GovCloud. Enforced NIST 800-53 Rev 5, FedRAMP High, and DISA STIG controls. Engineered a cATO telemetry foundation with continuous, audit-ready ConMon evidence streams for DoD authorization officials.

EKS / GovCloud Grafana / Loki / Mimir Iron Bank / Big Bang

GAIA Infrastructure Framework

Designed the GAIA Python/Jinja2-driven Terraform module system at NASA with DynamoDB inventory and GitHub Actions pipelines, reducing multi-tenant provisioning from days to hours. Established the IaC baseline adopted for VPC, Redis, S3, and Azure Storage workloads across the program.

Terraform Python / Jinja2 GitHub Actions

Disney Enterprise Observability

Delivered a unified multi-cloud observability stack across AWS and Azure for Disney Cruise Line. Established distributed tracing and correlated log aggregation that cut MTTR for critical booking and API traffic, while hybrid CI/CD pipelines eliminated environment drift blocking release velocity.

Prometheus / OTel AKS / AWS Azure DevOps

NASA MLOps & AI Pipeline

Owned the MLOps platform at NASA using SageMaker, Bedrock, Glue, Textract, and Transcribe orchestrated via Lambda and Terraform. Automated document extraction and transcription, eliminating processing backlogs that had constrained archival and analysis workflows for years.

SageMaker / Bedrock Glue / Textract Lambda / Terraform

Walt Disney World Travel Box Platform

Architected the high-volume reservation platform processing millions of daily transactions across 40+ microservices on AWS ECS. Achieved 99.9% availability SLA with hybrid AWS/on-premises integration via Oracle RAC and IBM MQ delivering sub-15-minute RPO/RTO.

AWS ECS Oracle RAC / IBM MQ Microservices

Lockheed Oracle Automation

Created a modular Ansible framework automating Oracle Fusion Middleware deployments in classified RHEL 8 environments. Reduced per-server installation from 8+ hours to under 2, implemented Vault encryption eliminating hardcoded credentials, and introduced GitLab CI/CD with Jinja2 templating for fully unattended deployments.

Ansible / Vault GitLab CI Oracle Fusion / RHEL 8

Skills

Core Competencies

Platforms, languages, and frameworks used to deliver secure, automated, and observable systems at scale across federal and enterprise environments.

Cloud & Kubernetes

AWS / GovCloud Azure GCP OCI EKS / AKS / OpenShift Kubernetes RBAC Helm / Istio EKS Pod Identity

DevSecOps & IaC

Terraform / Terragrunt OpenTofu Ansible GitHub Actions GitLab CI/CD Azure DevOps Jenkins / CloudBees

Observability & SRE

Grafana / Mimir / Loki / Tempo OpenTelemetry Prometheus New Relic / AppDynamics eBPF / Alloy SLI/SLO Design

Security & Compliance

NIST 800-53 Rev 5 FedRAMP High DISA STIG CMMC OPA / Sentinel Zero Trust ISO27001 / SOC2 / HIPAA IAM / IRSA / KMS

AI/MLOps & Data

SageMaker / Bedrock Glue / Textract / Transcribe Azure AI Foundry MLflow LLM Guardrails Model Drift Detection

Programming & Scripting

Python Bash / PowerShell Go HCL / YAML / Jinja2 Docker AWS CDK / CloudFormation

Contact

Let's Build Something Secure

Whether you're working on a DoD compliance program, a cloud platform modernization, or an enterprise observability stack - I'd like to hear about it. Reach out directly using the channels below.

What I Bring

  1. 1

    Federal & Defense Expertise

    Active Secret clearance, DoD IL5/IL6, cATO programs, NIST RMF, FedRAMP High, DISA STIG.

  2. 2

    Platform Engineering at Scale

    Kubernetes, multi-cloud IaC, observability stacks, and Zero Trust - built for reliability and compliance.

  3. 3

    Outcome-Driven Delivery

    I measure success by cost reduction, MTTR, deployment frequency, and audit outcomes - not deliverables alone.

Direct Contact

Prefer to reach out directly? Use the channels below. I typically respond within one business day.

Email

[email protected]

LinkedIn

linkedin.com/in/tziano

Education & Certifications

  • MS Cybersecurity & Privacy

    University of Central Florida - Expected 2026

  • Graduate Certificate in AI & Machine Learning

    University of Central Florida - 2024

  • Bachelor of Architecture (BArch)

    Polytechnic University of Puerto Rico - 2005

  • AWS Solutions Architect Associate

    Amazon Web Services

  • Agile Product Owner / Scrum Master • IATA Airline Business Foundations

    Additional certifications