About
About
Software engineer in Ann Arbor, Michigan. The work page has the resume. This page is the rest of it.
I came up through Eloquence Communications, a small healthcare startup where I got to do a little of everything: electronics, embedded, mobile, server, desktop. It was fun, and I'm still friends with most of the team. We go climbing or biking when somebody remembers to start the group chat. The VidaTalk Android app I led was recently spotted on an episode of The Pitt (S2E8), which was a surprise. I hadn't kept up with the company much since I offloaded my shares.
For the last seven years I've been at SoarTech (now an Accelint company), working on AI-powered training systems for the Department of Defense. I got dragged into DevSecOps and ATO work because somebody had to, and it turned out I was reasonably good at it. Day to day is reviewing merge requests, reading Trivy scan reports, updating RMF documents, and keeping cloud spend under control. The part nobody talks about is the amount of time spent wrangling developers, government contacts, and scientists into being on the same page.
Off the keyboard, I am usually in the garage building something out of wood, on a bike somewhere in Washtenaw County, or deep in a home improvement project (currently landscaping). The Voron Trident has been sitting paused since I fried the first control board. The Ender 3 still runs as the workhorse, though calibration is rough and the heat block needs work.
I've been self-hosting for a few years. It started with Pi-hole and Nextcloud and grew into a three-node Proxmox cluster that runs most of the software my household depends on. I like owning my data, and I like not paying subscriptions for things a Linux box can do. The blog posts here cover the parts of that journey other people might find useful.
Happy to help if you reach out. The email on the work page is the best route.
Currently
- Pushing an ATO through the kind of bureaucracy that hands out 2-month CACs
- Running way too much Kubernetes for the size of system it serves
- Building a 350mm Voron Trident and thinking about a tool-changer I definitely don't need
- Keeping a small Proxmox cluster running on old Beelink mini-PCs
- Studying for CySA+ on planes and at meeting tables
What I Focus On
Backend & Architecture
Java/Spring Boot services, Spring Cloud Gateway, Istio, Keycloak and OPA for auth and policy. PostgreSQL tuning. Enough C++ to be useful on the simulator plugin work, and enough TypeScript to keep up on the cloud frontends.
DevSecOps
GitLab CI templates with security baked in: SonarQube, Fortify SAST, SBOM generation, Trivy and CoSign for containers, automated STIG checklist generation. The pipeline catches things before the compliance reviewer does.
Cloud & IaC
Azure and Azure GovCloud primarily. Oracle OCI when forced. Terraform and OpenTofu across the board. Hybrid layouts where the GPUs live in a CoLo because the cloud could not source H200s on the timeline we needed.
Compliance
NIST 800-53 Rev 5, RMF, ATO packages, eMASS, DISA STIGs, CCI mappings. Led the STATS ATO across a Navy/Army system boundary, including the part where they changed the control selection halfway through. Built a browser-based STIG correlation tool now used by other programs in the company.
Home Lab
Three-node Proxmox cluster on Beelink mini-PCs with a Ceph pool I keep threatening to replace with ZFS replication. Caddy reverse proxy, Tailscale mesh, Home Assistant with Zigbee and Z-Wave, Immich for photos, Jellyfin for media. Self-hosted unless there is a real reason not to be.
Outdoors
Gravel biking the back roads of Washtenaw County, hiking Pinckney-Waterloo, birding since 2024. Hand-tool woodworking until I get lazy and reach for the power saw.