Source code
Current Platform & Approach

Enterprise Azure platforms with full-stack delivery and governed data

I build secure, scalable cloud platforms and the software products that sit on top of them. With 16+ years in government IT and 4+ years delivering Azure cloud applications (after on-prem roots), I prioritize architecture patterns over tool ideology: security, scalability, and maintainability come first.

.NET 8 Blazor + React Azure PaaS API Management Data Factory Functions

Development principles

  • Security by design: Entra ID, private endpoints, and least privilege by default.
  • Contract-first delivery: OpenAPI + typed clients reduce integration risk.
  • Operational readiness: Telemetry, alerts, and runbooks before launch.
  • Pragmatic stack: Right tool for the mission, consistent patterns for the team.

Development lifecycle

A repeatable method for taking ideas to enterprise production quickly and safely.

Discover & design
Translate stakeholder intent into architecture diagrams, ADRs, and delivery epics.
Define SLAs, data contracts, and governance requirements before sprint zero.
Build & integrate
ASP.NET Core APIs, Azure Functions, and low-code ETL via Data Factory.
Shared libraries, typed clients, and deterministic CI/CD pipelines.
Operate & evolve
SLOs, alerting, and audit-ready runbooks for production ownership.
Post-release reviews driven by telemetry and continuous hardening.

Platform blueprint

Clear boundaries across the experience, service, data, and integration layers.

Experience
Blazor and React front ends with shared UI contracts and accessibility baked in.
App Service hosting, managed identity auth, and composable component libraries.
Service
ASP.NET Core APIs behind Azure API Management for throttling, policy, and discovery.
OpenAPI as the source of truth for SDK generation and governance.
Data
Synapse dedicated pools and Azure SQL for analytics and operational workloads.
ADLS Gen2 as the system of record with lineage and retention enforcement.
Integration
ADF for orchestration, Functions for high-code transforms, Event Grid for triggers.
Service Bus for durable messaging and workflow decoupling.

Technology strategy

Microsoft-centric for compliance, but flexible enough to fit the mission.

App

Application development

Approach: Choose the front end that fits the mission and team. Internal apps move fastest with Blazor; large-scale portals benefit from React.

  • Blazor: High velocity + shared logic across tiers.
  • React: Ecosystem depth for complex UI workflows.
  • MVC/Razor: Lightweight content and admin portals.
  • Flexibility: Comfortable in Node or Python when required.
Cloud

Cloud infrastructure

Approach: Prefer PaaS to reduce patching risk and accelerate delivery. Secure ingress/egress with private endpoints and API gateways.

  • Zero trust: Entra ID + managed identities for service auth.
  • Network controls: Private links, WAF, and routing policies.
  • Governance: Azure Policy and IaC for enforceability.

Build notes: this portfolio

A transparent view into how I design and ship software products.

Product architecture
Blazor Interactive Server with API-backed data endpoints, reusable components, and responsive layout.
Accessibility-first navigation, theme toggle, and SEO-friendly metadata.
Data + visualization
Interactive D3 dashboards with seeded telemetry, filtering controls, and deterministic redraws.
Client-side interop with progressive loading and error handling.
Full source and implementation details: GitHub repository

Data lifecycle & governance

From ingestion to decision support with explicit contracts and auditability.

Ingest
ADF pipelines and Functions manage batch loads, CDC, and API pulls.
Data contracts include domain, schemaVersion, piiClass, slaHours.
Transform
Validation gates, reconciliation, and automated exception handling.
Schema drift detection and lineage tagging for auditability.
Serve
Semantic models in Power BI backed by certified datasets and RLS.
Custom Blazor apps for workflows that require more than reporting.
Operate
SLOs, alerting, and runbooks mapped to production ownership.
IaC with Bicep/Terraform to eliminate environment drift.

Security & governance

Controls are embedded into the platform, not bolted on after delivery.

Identity & access
Entra ID, managed identities, and scoped RBAC across data and APIs.
Conditional access aligned to mission roles and data sensitivity.
Network isolation
Private endpoints for SQL, Storage, and Key Vault; no public ingress.
Traffic inspection with WAF, Front Door, and API gateways.
Data governance
Row-level security, classification tagging, and immutable audit logs.
Dataset certification workflows for high-impact business domains.

Operational playbooks by domain

Repeatable runbooks that translate requirements into automation.

HR & Workforce

  • Daily payroll deltas, workforce snapshots, and hierarchy validation.
  • RLS applied by org, cost center, and role-based entitlements.
  • Blazor admin tools for audit requests and access review.

Budget & Procurement

  • Appropriation rollups with reconciliation checkpoints per period.
  • Spend analytics tied to vendor lifecycle and contract compliance.
  • API-first pipelines for downstream finance systems.

Cyber & Compliance

  • Vulnerability feeds normalized and enriched with asset context.
  • Automated quarantine workflows driven by alert severity.
  • Immutable audit trails and evidence packets for inspections.

Need a platform leader who can execute?

I bring enterprise-scale delivery with a focus on secure APIs, governed data, and cloud-ready applications.

Contact Me
An unhandled error has occurred. Reload Close