Cloud Infrastructure
& DevOps Engineer

Building and operating production AI systems on AWS, Kubernetes, and Terraform.

I design, deploy, and operate production cloud infrastructure with a security-first, least-privilege approach at every layer. I balance reliability, performance, and cost, and measure success by business outcomes, not completed tasks.

I bring something most engineers do not have: 15 years operating real businesses before building the infrastructure behind them. I know what it feels like on both sides when systems fail.

View my work About me
What makes me different
โšก
Production AI infrastructure, live today
Not a tutorial project. A Meta-approved SaaS platform handling real client traffic since April 2026.
Live in production
๐ŸŽฏ
Operator mindset, not just builder
15 years running multi-location businesses before engineering. I understand what downtime actually costs.
๐Ÿ”ง
End-to-end ownership
Infrastructure, networking, application layer, DevOps pipeline, and security scanning. From the first line of Terraform to production traffic.
โ–ถ
Hear it from me directly
A two-minute introduction covering who I am, what I have built, and what I am looking for next. More useful than a resume.
Watch the intro 2 min

Impact in production

<60s
Average DM response time. Down from 6 hours on the same workload.
27%
DM-to-booking conversion rate on live production traffic.
5 min
CI/CD build time. Reduced from 20 minutes with caching and pipeline optimization.
106
Terraform-managed AWS resources deployed during a live migration with zero downtime.

Highlights

01
Built and operate a Meta-approved production AI SaaS platform on AWS, live client traffic, real business outcomes, zero production outages since launch.
02
Reduced average DM response time from 6 hours to under 60 seconds via event-driven architecture: API Gateway, SQS decoupling, ECS Fargate consumer.
03
Cut CI/CD pipeline build time from 20 minutes to 5 minutes using Docker layer caching, path-based triggers, and split app and infra pipelines.
04
Implemented GitOps with ArgoCD and Argo Rollouts, canary deployments, automated rollback on health check failure, Git as the single source of truth.
05
Hardened CI/CD security pipeline with Gitleaks secrets scanning, Bandit SAST, Trivy image scanning, and pip-audit required before every merge.
06
Designed and deployed an agentic AI booking integration using Playwright on managed ECS compute, triggered by booking intent detection in live conversation flow.
07
Systematic production debugging approach: establish blast radius first, isolate to network, application, or infrastructure layer, trace through logs and exit codes, remediate, then document root cause and update runbooks to prevent recurrence.
08
Designed and deployed a full observability stack using Prometheus sidecar injection and Grafana dashboards with custom pod and instance level metrics, moving beyond default cluster metrics to measure what actually matters for the application workload.

Projects

Featured Production Project

SilverLink AI
Live in production

ecs fargate ยท api gateway ยท sqs ยท dynamodb ยท terraform ยท github actions ยท claude api ยท playwright

Meta-approved multi-tenant AI SaaS platform automating Instagram DM responses for beauty and wellness businesses. Built the complete stack from scratch including infrastructure, networking, application layer, and DevOps pipeline. The AI receptionist responds to real DMs in under 60 seconds, handles booking intent, and hands off to an agentic Playwright booking agent on a separate managed compute cluster for live availability lookups. First client: Secretive Nail Bar, three Southern California locations.

ECS FargateAPI GatewaySQSDynamoDBTerraformGitHub ActionsClaude APIPlaywright
Live product GitHub
AWS architecture
Instagram
Meta Graph API
โ†’
API Gateway
HMAC verified
โ†’
SQS
Queue + DLQ
โ†’
ECS Fargate
Flask consumer
โ†’
Claude API
Per-tenant voice
โ†’
DynamoDB
Conversation memory
โ†’
Response
Under 60 seconds
Key decisions: Provider abstraction layer bridges Claude API and AWS Bedrock for runtime switching without code changes. Agentic Playwright agent runs on a separate ECS task triggered by booking intent. Split CI/CD pipelines with path-based triggers so app changes never touch infrastructure pipelines.
Why SQS over direct processing?
Decouples webhook ingestion from AI processing
Prevents Meta webhook timeouts on slow AI responses
Enables retry logic and dead letter queue strategy
Why ECS over EKS?
Smaller operational footprint for a single-product platform
Faster delivery without cluster management overhead
Lower infrastructure cost at current traffic volume
Why DynamoDB over Postgres?
Conversation access pattern fits key-value model exactly
Zero operational burden, no connection pooling
Native AWS integration with Terraform and IAM

Platform Engineering Project

Trendlink
Active build

kubernetes ยท argocd ยท argo rollouts ยท helm ยท vault ยท aws ยท azure ยท prometheus ยท grafana

Kubernetes-based prospect enrichment and intelligence platform spanning AWS and Azure. A Playwright agent aggregates and enriches real business data via Google Places API, scored and surfaced through a dashboard. Built on a hub-and-spoke multi-cloud topology with GitOps managed via ArgoCD, canary deployments via Argo Rollouts, and Vault sidecar secret injection.

KubernetesArgoCDArgo RolloutsHelmVaultPlaywrightAWSAzure
GitHub
CI/CD pipeline
Git Push
main branch
โ†’
GitHub Actions
build + scan
โ†’
Helm Chart
packaged manifest
โ†’
ArgoCD
detects drift
โ†’
Argo Rollouts
canary split
โ†’
Health Check
readiness probe
โ†’
Promote
or auto-rollback
Pipeline logic: Every git push triggers GitHub Actions for build and security scanning. Helm packages the manifests. ArgoCD detects the new image tag and syncs. Argo Rollouts splits traffic at 20% canary. Health checks gate promotion. Failed probes trigger automatic rollback with no manual intervention.
Infrastructure topology
AWS/Azure
primary cloud
โ†’
K8s Cluster
workload plane
โ†’
Vault
sidecar injection
โ†’
Playwright Agent
scrape + enrich
โ†’
Google Places API
business data
โ†’
Dashboard
scored results
Observability
Prometheus + Grafana
Pod and instance level metrics. Custom dashboards per workload.
Multi-cloud
AWS + Azure hub-and-spoke
Platform agnostic by design. Azure ACA planned for next phase.
Secrets
Vault sidecar injection
Secrets never in manifests or Git. Rotated independently of deployments.
Design principle: Infrastructure and application layers are fully decoupled. Terraform manages the platform. ArgoCD manages the workloads. Vault manages secrets. Each layer is independently replaceable without touching the others.

Technical stack

Cloud
AWS
Cloud
Azure
Compute
ECS Fargate
Orchestration
Kubernetes
IaC
Terraform
GitOps
ArgoCD
CI/CD
GitHub Actions
Packaging
Helm
Secrets
Vault
Secrets
Secrets Manager
Messaging
SQS
Database
DynamoDB
Gateway
API Gateway
Observability
Prometheus
Dashboards
Grafana
AI
Claude API
Language
Python
Security
Trivy
Security
Bandit
Security
Gitleaks
Containers
Docker
Rollouts
Argo Rollouts
Automation
Playwright
Registry
ECR

About

I am a Cloud Infrastructure and DevOps Engineer focused on AWS, Kubernetes, Terraform, and production AI systems. I design and operate infrastructure end-to-end with a security-first approach at every layer.

Before engineering, I spent 15 years running multi-location businesses. That background changed how I think about infrastructure. I know what it feels like from the stakeholder side when systems fail to meet objectives. I am not task-oriented. I am outcome-oriented at my core.

I am comfortable under pressure, meticulous about security, and genuinely enjoy debugging complex flows when things break. I combine operational discipline with clear, direct communication across technical and non-technical teams.

"

I have always been drawn to solving complex problems. Cloud and DevOps gave me the perfect outlet to realize that characteristic.

AWS Solutions Architect Associate
Amazon Web Services
HashiCorp Terraform Associate
HashiCorp
B.S. Cloud Computing
WGU โ€” in progress
CKA โ€” Certified Kubernetes Administrator
CNCF โ€” in progress
Currently open to
Cloud Engineer DevOps Engineer Platform Engineer SRE Remote Hybrid On-site Contract or FT

Contact

Open to Cloud Engineer, DevOps Engineer, Platform Engineer, and SRE roles. Remote, hybrid, or on-site. Costa Mesa, CA. Contract, contract-to-hire, or full time.

Email ianaltemustech@gmail.com Best way to reach me LinkedIn ian-altemus-cloud linkedin.com/in/ian-altemus-cloud GitHub ian-altemus-cloud github.com/ian-altemus-cloud