• Own and evolve observability strategy, including monitoring, alerting, dashboards, logging, and distributed tracing. • Define and manage SLIs, SLOs, and reliability metrics. • Lead incident response, postmortems, and continuous improvement initiatives. • Improve MTTD and MTTR through automation and operational excellence. • Integrate observability into CI/CD pipelines and software delivery workflows. • Build and maintain reliable cloud infrastructure on AWS and Kubernetes. • Mentor engineers and promote SRE best practices across the organization

• own the deployment infrastructure and security controls for a large-scale federal cloud platform on AWS • Design, build, and maintain the program's CICD pipeline using AWS CloudFormation templates and GitHub • automate deployments to staging and production environments ensuring all deployments execute with a single command • Configure and maintain IAM roles, network controls, and application-layer security controls across development, staging, and production environments • Integrate automated security scanning into the CICD pipeline • Ensure security scans are completed at least once per sprint • Conduct periodic load and performance testing • Support disaster recovery exercises and actual events to ensure production data loads continue as expected • Ensure compliance with FISMA, NIST 800-53, OWASP ASVS Level 2 • Maintain alignment with agency cloud well-architected principles • Participate in 2-week sprint ceremonies, quarterly PI planning, and agile delivery using JIRA and GitHub • Manage the Change Control Board (CCB) submission process.

• Delivering professional technology solutions services in an enterprise level consultative role focused on Vulnerability Management, Cloud Security, Application Security, and AI • Proactively works to mature the practice, including improving/finalizing existing offerings focused on vulnerability management, creating new offerings, and mentoring team members • Author comprehensive business and technical collateral to support the practice that is proficiently tailored to both technical and managerial audiences • Support sales efforts through conference speaking, blog/white paper authoring, and podcast speaking/producing • Establish working relationships with the sales team to help sales drive services opportunities • Work with the Security Architecture team to provide presales support and leadership to develop opportunities for the practice • Manage scaling a team of technical resources including training plans for professional and personal growth, proper resources for staffing engagements, tracking and communication of team and Key Performance Indicators (KPIs) • Build and manage relationships with key vendors and evaluate new tech related to the practice and its underlying pillars • Work with Key OEM partners to help position GPS value as a core partner for vulnerability management opportunities • Work with Security Consulting/Information Assurance Team to create joint offerings across Application Security, Cloud Security, IAM, GPVUE, GRC, TAS, DFIR, etc. • Work with Regional TS (AppSecaaS, VMaaS, etc) teams to coordinate go-to-market efforts to ensure consistency of messaging, delivery methodology, and outcomes for customers across GuidePoint. • Assist with developing overall Microsoft security services strategy and adoption services for Defender, O365, ATP, AIP, etc.

• Liderar a instrumentação ponta a ponta de métricas, logs estruturados e tracing distribuído, garantindo visibilidade holística do ecossistema. • Implementar, evoluir e gerenciar ferramentas de Application Performance Monitoring para identificar gargalos de código e otimizar proativamente a experiência do usuário. • Definir, implementar e monitorar SLIs, SLOs e Error Budgets, atuando como embaixador da disponibilidade e auxiliando os times a equilibrar a velocidade de inovação com a estabilidade produtiva. • Planejar, arquitetar e executar experimentos práticos de Engenharia do Caos (Chaos Engineering) para validar hipóteses de falha e blindar a arquitetura contra incidentes reais. • Desenhar e gerenciar políticas de alertas preditivos e inteligentes, focando na eliminação da fadiga de alertas e garantindo respostas ultra-rápidas a incidentes críticos. • Atuar de forma transversal apoiando tanto a sustentação de pipelines complexos de Engenharia de Dados quanto as arquiteturas de microsserviços de Backend (APIs REST) hospedadas na AWS.