A decade of enterprise infrastructure delivery — from field engineering to regional cloud and security leadership — built on a foundation of precision, governance, and outcomes that last.
Technical Excellence#
The disciplines below represent areas where I have delivered real outcomes in production environments — not certifications on paper, but capabilities applied under operational pressure across multi-site, multi-country enterprise infrastructure.
AWS
Terraform
GitHub Actions
Cybersecurity
Networking
Linux
Kubernetes
GitOps
| Capability | Depth | How I Apply It |
|---|---|---|
| Amazon AWS | Advanced | Architecting multi-account environments with resilient networking, least-privilege IAM, and cost-managed operations at scale. |
| Containerization | Advanced | Defining production container standards, securing image delivery pipelines, and optimizing runtime performance for reliable workloads. |
| Linux | Advanced | Operating hardened Linux systems for high-availability workloads, performance tuning under load, and structured incident recovery. |
| Observability & Monitoring | Advanced | Building metrics, log, and trace pipelines with proactive alerting, SLO alignment, and root-cause analysis capability. |
| Capability | Depth | How I Apply It |
|---|---|---|
| Terraform | Advanced | Delivering modular, policy-controlled Infrastructure as Code with remote state strategy and safe, auditable change promotion. |
| GitHub Actions | Advanced | Designing enterprise CI/CD pipelines with reusable workflows, approval gates, and release governance built in from the start. |
| Ansible | Advanced | Automating baseline configuration, patch orchestration, and compliance drift remediation across large fleet environments. |
| Bash Scripting | Expert | Building robust automation for provisioning, operational diagnostics, and repeatable runbooks that reduce human error. |
| Capability | Depth | How I Apply It |
|---|---|---|
| Networking | Expert | Designing segmented, redundant network architectures with structured routing, firewall policy enforcement, and secure remote access. |
| Cybersecurity | Advanced | Operating defense-in-depth controls with SIEM telemetry, detection engineering, and documented incident response processes. |
| Cloudflare | Advanced | Securing edge delivery with Zero Trust access policies, WAF rule management, DNS governance, and performance optimization. |
| Threat Modeling & Hardening | Advanced | Leading threat modeling sessions and platform hardening programs to reduce attack surface and enforce measurable secure baselines. |
| Capability | Depth | How I Apply It |
|---|---|---|
| Kubernetes | Advanced | Running production-grade workloads with namespaced isolation, RBAC least-privilege, resource governance, Helm-managed releases, and operational discipline applied consistently across every service. |
| Talos Linux | Advanced | Provisioning Kubernetes nodes on an immutable, API-driven OS with no shell access and no manual state — the OS layer is as declarative and reproducible as the cluster above it. |
| GitOps / Flux CD | Advanced | Enforcing Git as the single source of truth with continuous reconciliation via Flux — no manual kubectl apply, no configuration drift, every change traceable to a commit. |
| Platform Security | Advanced | Layering security across the full stack: encrypted secrets committed to Git via Sealed Secrets, continuous vulnerability and misconfiguration scanning with Trivy Operator, and metrics surfaced to Prometheus for security-posture dashboards in Grafana. |
Professional Journey#
Each role below built on the last — from hands-on field engineering to enterprise-scale infrastructure leadership across cloud, networking, and security.
Senior IT Officer
2021 – Present
Scholastic Asia
Leading regional IT infrastructure across five Asia-Pacific markets, with accountability for cloud architecture, security posture, and operational continuity at enterprise scale.
- Architect and maintain AWS environments with security, resilience, and cost governance as core design principles.
- Direct cross-country network modernization, firewall migration, and SOC enablement programs.
- Drive CIS Controls v8 enforcement and deliver audit-ready compliance evidence for US InfoSEC validation.
- Lead major migrations and infrastructure transitions under active production load with zero service impact.
IT Manager / System Integrator
2019 – 2021
PilotTV Philippines
Shaped long-term IT strategy and unified a fragmented technology environment into a coherent, interoperable platform aligned to business operations.
- Assessed infrastructure maturity and planned future-state capabilities across the organization.
- Integrated disparate systems and applications to eliminate operational silos and improve reliability.
- Managed end-to-end integration projects from requirements through delivery, on scope and on schedule.
IT Specialist
2016 – 2019
FocusMedia Audiovisual Inc.
Owned day-to-day IT operations, maintaining endpoint performance, security compliance, and user account governance across the organization.
- Delivered technical support across hardware and software installation, configuration, and fault resolution.
- Administered user account lifecycle controls aligned with security policy and access governance standards.
- Managed software rollouts and system updates to sustain endpoint consistency and operational uptime.
IT Field Engineer
2014 – 2016
eMechanics Computer & Peripherals Inc.
Delivered on-site technical execution for mission-critical deployments across financial services infrastructure, where precision and uptime were non-negotiable.
- Installed, configured, and network-integrated ATM and POS platforms at client sites nationwide.
- Executed preventive maintenance and system updates to maximize reliability and minimize service disruption.
- Coordinated with technical teams to triage and resolve field incidents within SLA windows.
Remote Desktop Specialist
2013
Accenture
Provided enterprise-grade remote technical support, building early foundations in structured problem-solving, security response, and end-user communication under pressure.
- Resolved complex software issues remotely, reducing end-user downtime and escalation rates.
- Detected, removed, and remediated malware and cybersecurity threats across managed endpoints.
- Optimized system performance and stability through targeted diagnostics and tuning protocols.