Platform Security • Cloud Architecture • DevSecOps • SRE

A.V. Rodriguez

Cloud Solutions Architect and Platform Security Engineer with 16+ years delivering secure, observable, and automated platforms for DoD/DoW, federal, and enterprise environments. Specialized in DoD/DoW IL5/IL6, Zero Trust architecture, and Continuous Authorization to Operate (cATO) programs. Active Secret clearance.

16+

Years Experience

Multi

Cloud: AWS, Azure, GCP, OCI

Secret

Active Clearance

DoD/DoW

IL5 / IL6 Authorized

About

Security, Reliability & Velocity - Together

I've spent 16+ years proving that compliance and delivery speed are not in conflict. From regulated mission platforms to global enterprise observability programs, I design systems where security, reliability, and automation are platform primitives - not afterthoughts.

As founder of GateScale, I build secure GovCloud platforms, data protection, and compliance automation for IL5/IL6 missions. My work spans federal, defense, healthcare, entertainment, and enterprise programs. I bring deep expertise in cATO, Zero Trust, platform security, MLOps governance, and Infrastructure as Code - always aligned to the mission at hand.

  • DoD/DoW IL5/IL6 platform architecture with NIST SP 800-53, FedRAMP High & DISA STIG enforcement
  • Continuous Authorization to Operate (cATO) telemetry and ConMon programs
  • Enterprise observability: telemetry pipelines, distributed tracing, SLI/SLO design
  • AI/MLOps pipelines: governance, drift detection, secure data workflows
  • Infrastructure as Code: reusable modules, automation, policy-as-code
  • MS Cybersecurity & Privacy (UCF, exp. 2027) • Graduate Certificate AI/ML (UCF, 2024)

Experience

Professional History

16+ years across federal defense, aerospace, healthcare, entertainment, and global enterprise - always at the intersection of platform engineering and security.

Founder & Senior Cloud Solutions Architect / Platform Engineer

GateScale

Jun 2026 – Present
  • Lead the architecture of a secure mission operations platform that keeps latency-sensitive simulation workloads running at the edge while securely delivering signed, audit-ready compliance evidence to a centralized control plane across connected and disconnected GovCloud environments.
  • Building a field-level data protection capability for PII and CUI with modern encryption and managed key lifecycle, on a roadmap toward FIPS 140-3 validated controls and post-quantum readiness.
  • Build audit-ready observability and ConMon evidence capabilities for regulated IL5/IL6 environments, giving engineering and security teams consistent operational visibility without exposing implementation-specific platform details.
  • Deliver secure compliance automation that turns distributed operational data into audit-ready evidence across connected and disconnected environments, with readiness assessment and remediation aligned to NIST SP 800-53 Rev 5 and CMMC 2.0 Level 2.
  • Architect secure software delivery capabilities aligned with NIST SP 800-218 and DoD/DoW software factory expectations, improving policy enforcement, artifact integrity, vulnerability management, and developer productivity.
  • Define governed AI-assisted engineering and compliance patterns with human review, traceable execution, and audit-aware delivery controls for regulated programs.

Senior Cloud Engineer

Contracted to General Dynamics Mission Systems

Dec 2025 – May 2026
  • Architected and delivered a regulated observability platform for IL5/IL6 GovCloud workloads, aligning NIST SP 800-53 Rev 5, FedRAMP High, DISA STIG, and cATO evidence needs across mission environments.
  • Strengthened Software Supply Chain Risk Management (SCRM) controls by standardizing hardened, approved component sourcing and reducing exposure to untrusted supply-chain paths.
  • Advanced Zero Trust least-privilege by reducing credential exposure across platform operations and aligning access patterns to workload identity principles.
  • Engineered a Continuous Authorization to Operate (cATO) telemetry foundation: structured the observability stack to output continuous, audit-ready evidence streams aligned to NIST SP 800-53 ConMon requirements, reducing manual evidence-collection overhead and enabling real-time compliance posture visibility for the authorizing official.
  • Enforced federal IAM standards by designing federated access patterns that supported enterprise identity requirements and least-privilege operations.
  • Standardized deployment runbooks, troubleshooting procedures, configuration guidance, and completion documentation to improve operational readiness and knowledge transfer.

Senior Platform Engineer

Contracted to Disney Cruise Line

Feb – Oct 2025
  • Designed and drove adoption of a unified observability program across cloud environments, establishing distributed tracing and correlated log aggregation that significantly reduced MTTR for critical API and booking traffic.
  • Defined the multi-cloud delivery standard across major cloud platforms, architecting hybrid CI/CD patterns and shared image governance that substantially reduced deployment cycle time.
  • Designed self-healing policies and dynamic scaling automation in Infrastructure Automation so routine capacity events required zero operator intervention, directly protecting guest experience during high-demand sailings.
  • Led chaos engineering experiments and DR drills as a proactive practice, identifying failure modes in controlled conditions before they affected guests and driving remediation to completion.
  • Led on-call rotations and incident command practices, translating root-cause findings into standardized runbooks and tracked corrective actions.

Senior DevSecOps Engineer

Contracted to Lockheed Martin Space

Sep 2024 – Feb 2025
  • Designed a modular automation framework for regulated application deployments, reducing per-server installation time from 8+ hours to under 2 and eliminating configuration drift.
  • Implemented encrypted credential handling, repository authentication, and checksum verification, removing hardcoded credentials and ensuring compliance deadlines were met without manual handoffs.
  • Integrated CI/CD pipelines with dynamic configuration generation, enabling fully unattended deployments with comprehensive audit logging across multiple production environments.
  • Engineered a containerization and deployment strategy that improved scalability and consistency across 50+ defense applications, including capacity planning and resource rightsizing for regulated workloads.
  • Owned quarterly database patch cycles end-to-end, automating validation, staging, execution, and post-patch checks across regulated environments to meet compliance deadlines without manual handoffs.
  • Expanded automated delivery adoption by replacing manual installation inputs with environment-specific configuration patterns and unattended deployment workflows.

Principal Cloud Computing Engineer

Federal Civilian Agency Contract

Oct 2021 – Jun 2024
  • Orchestrated 200+ containerized applications in a regulated GovCloud environment to sustain a 99.9% uptime SLA, enforcing security policy for NIST and FedRAMP compliance.
  • Drove a 30% infrastructure cost reduction by deploying tagging enforcement, rightsizing policies, and cost allocation frameworks as platform primitives, ensuring spend visibility and SLO alignment across tenant growth.
  • Owned secure MLOps architecture for regulated document and media workflows, automating extraction, transcription, and analysis while improving governance, auditability, and backlog reduction.
  • Designed a reusable infrastructure automation framework that reduced environment provisioning time from days to hours across a multi-tenant government cloud environment.
  • Designed automated tenant onboarding workflows with configurable access tiers, enabling new tenants to be provisioned consistently and compliantly without per-instance engineering involvement.
  • Designed secure event-driven integration patterns for regulated document processing, asynchronous jobs, and service workflows while preserving auditability and tenant isolation.

Senior Cloud Infrastructure Consultant

TZN Solutions - Select Engagements

2017 – 2021
  • federal civilian agency (Jacobs): Release Manager for two major launch-simulation projects, assessing change requests and mitigating risks to achieve 95% on-time delivery while shortening release cycle times.
  • Care AI (Healthcare): HIPAA-compliant cloud infrastructure in GCP and AWS for ambient patient monitoring at 99.95% availability; built MLOps pipeline with automated model drift detection.
  • Walt Disney World: Architected proprietary applications with Infrastructure as Code across major cloud platforms, modernizing legacy systems while lowering infrastructure costs.
  • PricewaterhouseCoopers: Implemented policy-as-code and cloud security governance for SOC and PCI compliance, cutting configuration drift by 40% and achieving a 95% external audit pass rate.
  • Intermountain Healthcare: Designed HIPAA-compliant CI/CD pipelines with gated promotions, cutting release time from two days to one and reducing manual errors by 30% across 15 healthcare applications.
  • Dell / Boeing: Modernized enterprise CI/CD availability for 24/7 aerospace manufacturing operations, eliminating a single point of failure in the delivery platform.
  • U.S. Army: Automated the migration and containerization of 23 application services, improving deployment consistency and lifecycle governance across regulated delivery environments.
  • Wencor Aerospace Group: Designed enterprise security, networking, and systems-management solutions across cloud compute, data, networking, automation, and monitoring services.
  • Hilton Grand Vacations: Increased deployment frequency from biweekly to daily and reduced deployment errors by 25%, migrating TeamCity and Octopus Deploy to Azure DevOps and cutting average deployment time from 2 hours to 32 minutes.
  • Ernst & Young: Designed CI/CD pipelines for on-premises and cloud environments, supported by automation scripts and deployment documentation.
  • Consulting portfolio: Delivered secure cloud modernization, release automation, and operational governance across healthcare, aerospace, financial services, hospitality, and federal programs.

Air Force M&S Software Integrator - DevSecOps

US Air Force

May – Oct 2017
  • Modernized the CI/CD delivery pipeline for a defense modeling and simulation platform, replacing ad-hoc build processes with a repeatable, auditable delivery workflow.
  • Established artifact promotion, version-control discipline, and deployment documentation that improved traceability for simulation software delivery.

DevOps Build & Release Engineer

NBC Universal - Golf Channel

Jun 2016 – May 2017
  • Designed application builds, releases, and configurations in an Agile DevOps environment for .NET, C#, and Java applications, automating CI/CD across enterprise delivery platforms.
  • Migrated and stood up web, application, and Microsoft SQL servers across AWS, Microsoft Azure, and Rackspace, delivering PaaS and IaaS solutions for internal and international clients.
  • Standardized build, release, and environment configuration practices across enterprise application teams to improve deployment consistency and supportability.

DevOps Manager

Sabre Corporation

2011 – 2016
  • Led enterprise cloud migration of 80+ applications from Visual SourceSafe/TFS to Microsoft Azure supporting global airline transaction processing for 25+ carriers, reducing operating costs by 40% while maintaining 99.9% availability.
  • Implemented a comprehensive monitoring strategy using New Relic and AppDynamics with custom dashboards, decreasing MTTR by 55% through proactive issue detection.
  • Reduced airline implementation time from 3 weeks to 2 hours through automation and standardized deployment procedures, successfully integrating 25+ carriers with zero production outages.
  • Led an Agile-Lean DevOps and SRE transformation across a 100+ person engineering organization, establishing on-call practices, operational metrics, mentoring, and blameless postmortems.

Highlights

Key Deliverables

A selection of platforms, programs, and outcomes delivered across federal, defense, and enterprise engagements.

DoD/DoW IL5/IL6 Observability Platform

Regulated observability capability for IL5/IL6 GovCloud workloads. Enforced NIST SP 800-53 Rev 5, FedRAMP High, and DISA STIG controls. Engineered a cATO telemetry foundation with continuous, audit-ready ConMon evidence streams for authorization stakeholders.

IL5 / IL6 GovCloud Observability / SRE SCRM Controls

Infrastructure Automation Framework

Designed a reusable infrastructure automation framework for a multi-tenant government cloud environment, reducing provisioning from days to hours. Established a repeatable IaC baseline adopted across network, data, and storage workloads.

Infrastructure Automation Automation Design Delivery Automation

Enterprise Observability (Large Entertainment Co.)

Delivered a unified multi-cloud observability stack across AWS and Azure for a large entertainment company. Established distributed tracing and correlated log aggregation that cut MTTR for critical booking and API traffic, while hybrid CI/CD pipelines eliminated environment drift blocking release velocity.

Prometheus / OTel AKS / AWS Azure DevOps

federal civilian agency MLOps & AI Pipeline

Owned secure MLOps architecture for regulated document and media workflows. Automated extraction, transcription, and analysis, eliminating processing backlogs that had constrained archival workflows for years.

Secure MLOps Data Workflow Governance Workflow Automation

Healthcare AI MLOps

Owned HIPAA-compliant cloud infrastructure for an ambient patient-monitoring platform, with operational dashboards surfacing real-time sensor data for clinical staff. Built a secure MLOps pipeline with automated model drift detection, achieving 99.95% availability and continuous retraining.

GCP / AWS (HIPAA) MLOps Automation Model Drift Detection

Defense Oracle Automation

Created a modular automation framework for regulated application deployments. Reduced per-server installation from 8+ hours to under 2, eliminated hardcoded credentials, and introduced fully unattended deployments with audit logging.

Secure Automation CI/CD Governance Oracle Fusion / RHEL 8

Skills

Core Competencies

Platforms, languages, and frameworks used to deliver secure, automated, and observable systems at scale across federal and enterprise environments.

Cloud Platforms

AWS / GovCloud Azure GCP OCI Regulated Cloud Platforms Container Platform Security Platform Traffic Governance Workload Identity

DevSecOps & IaC

Infrastructure Automation OpenTofu / Terratest Configuration Automation Delivery Automation CI/CD Governance/CD Azure DevOps Enterprise CI/CD

Observability & SRE

Observability Platforms OpenTelemetry Prometheus New Relic / AppDynamics Telemetry Engineering SLI/SLO Design

Security & Compliance

NIST SP 800-53 Rev 5 FedRAMP High DISA STIG CMMC 2.0 NIST SP 800-218 Policy-as-Code Zero Trust FIPS 140-3 / Post-Quantum (PQC) ISO27001 / SOC2 / HIPAA / PCI DSS Identity and Key Management

AI/MLOps & Data

Secure MLOps Data Workflow Governance Workflow Automation Cloud AI Governance Model Lifecycle Governance pandas / NumPy / scikit-learn TensorFlow / Keras RAG / Vector Search Computer Vision / YOLO LLM Guardrails Model Drift Detection

Programming & Scripting

Python Bash / PowerShell Go HCL / YAML Container Delivery Cloud Automation

Credentials

Certifications & Education

Formal credentials backing my security, cloud, and delivery work, anchored by an active Secret clearance.

Certifications & Clearance

  • Active Secret Security Clearance
  • AWS Certified Solutions Architect, Associate
  • SAFe Product Owner / Product Manager (POPM)
  • SAFe Scrum Master / Team Coach
  • IATA Airline Business Foundations

Education

  • MS Cybersecurity & Privacy, University of Central Florida, Expected 2027
  • Graduate Certificate, AI & Machine Learning, University of Central Florida, 2024
  • Bachelor of Architecture (BArch), Polytechnic University of Puerto Rico, 2005

Contact

Let's Build Something Secure

Whether you're working on a DoD/DoW compliance program, a cloud platform modernization, or an enterprise observability stack - I'd like to hear about it. Reach out directly using the channels below.

What I Bring

  1. 1

    Federal & Defense Expertise

    Active Secret clearance, DoD/DoW IL5/IL6, cATO programs, NIST RMF, FedRAMP High, DISA STIG.

  2. 2

    Platform Engineering at Scale

    Regulated cloud platforms, Infrastructure as Code, observability, and Zero Trust - built for reliability and compliance.

  3. 3

    Outcome-Driven Delivery

    I measure success by cost reduction, MTTR, deployment frequency, and audit outcomes - not deliverables alone.

Direct Contact

Prefer to reach out directly? Use the channels below. I typically respond within one business day.