Technology practitioner with over a decade of experience at the intersection of cloud computing, security, platform engineering, and data engineering. I specialize in transforming cutting-edge research into practical business solutions, with a focus on implementing AI/ML systems and platform engineering solutions that provide genuine value while maintaining security and reliability at scale.

My journey spans from traditional operations to modern engineering-focused approaches, where I've successfully led cross-functional teams in implementing secure DevSecOps practices, building internal developer platforms, and architecting resilient multi-cloud solutions that balance technical innovation with business agility.

Passionate about open source, I actively contribute to security and infrastructure testing communities through projects like ansible-inspec (combining Ansible automation with Chef InSpec compliance testing), simple-port-checker, and security testing tools including simple-exploit and simple-waf-scanner.

• "Shift-left" security methodologies with 60%+ reduction in mean-time-to-remediation
• Automated security testing integration in CI/CD pipelines (SBOM, SCA, SAST, DAST)
• Vulnerability management strategies and security team collaboration frameworks
• Security frameworks and compliance (OWASP, CIS, NIST, IM8)
• Cloud Security implementations (CSPM, CWPP, CNAPP, ZTNA, SASE)

• Strategic multi-cloud environments preventing vendor lock-in
• Infrastructure as Code (Terraform, CloudFormation, Ansible)
• Container orchestration and service mesh architectures (Docker, Kubernetes)
• Cross-provider cost optimization and technical resilience strategies
• Enterprise cloud migration and modernization initiatives

• Production AI/ML systems from research to deployment
• Large Language Models (LLMs) implementation and fine-tuning
• Retrieval-Augmented Generation (RAG) architecture design
• Azure OpenAI Service integration and custom solutions
• MLOps pipelines and AI model security/governance frameworks
• Computer vision and natural language processing applications

• Petabyte-scale data pipeline architecture and ETL processes
• Data quality frameworks and governance implementations
• SRE practices with SLOs, error budgets, and automated reliability testing
• Observable systems design and performance optimization
• Engineering-focused approach to operational challenges

• Modern identity governance and zero-trust architecture
• Authentication innovations and passwordless implementations
• Enterprise IAM solutions balancing security with user experience
• Access management for complex distributed systems

• Internal Developer Platform (IDP) design and implementation
• Self-service infrastructure provisioning and golden paths
• Developer experience optimization and productivity metrics
• Platform-as-a-Product mindset with strong API-first approaches
• Standardized toolchains and paved roads for application deployment
• Service catalogs and templating for consistent development workflows

• DevSecOps Transformation: Implemented "security as code" methodologies that reduced mean-time-to-remediation by over 60% through automated security testing and team collaboration frameworks
• Multi-Cloud Architecture: Designed and deployed enterprise multi-cloud environments with strategic flexibility, preventing vendor lock-in while optimizing costs across AWS and Azure
• AI/ML Production Systems: Successfully transformed AI research into practical business applications, implementing production-ready machine learning systems with proper governance and security
• Data Pipeline Engineering: Architected and implemented petabyte-scale data processing systems with robust ETL processes and data quality frameworks
• SRE Implementation: Established Site Reliability Engineering practices with SLOs, error budgets, and automated reliability testing, transforming system performance measurement and improvement
• Identity Modernization: Led enterprise IAM implementations with zero-trust architecture and passwordless authentication, balancing security with seamless user experience
• Platform Engineering Leadership: Built and scaled Internal Developer Platforms (IDPs) enabling self-service infrastructure provisioning, reducing deployment time by 70% while maintaining security and compliance standards

I am passionate about staying at the forefront of modern technology landscapes, particularly where AI, cloud computing, and security intersect. Through my blog "Tech With Htunn", I share practical, experience-based guidance that goes beyond theoretical concepts—real approaches that have succeeded (and sometimes failed) in production environments.

My knowledge-sharing focuses on:

• Artificial Intelligence: Moving beyond the hype to implement AI solutions that deliver genuine business value
• DevSecOps: Practical implementations of security as code, not afterthought
• Platform Engineering: Building internal developer platforms that enhance productivity and developer experience
• Data Engineering: Architecting for insight with robust data pipeline strategies
• Multi-Cloud Strategy: Achieving strategic flexibility while minimizing complexity
• Modern IAM: Identity as the new security perimeter in distributed systems
• Site Reliability: Stability through engineering principles and automation

I am deeply committed to advancing the security and infrastructure automation communities through active open-source contributions. My projects bridge practical security testing with modern automation frameworks:

• ansible-inspec: Pioneering the integration of Ansible's automation capabilities with Chef InSpec's compliance framework, enabling organizations to combine configuration management with continuous security testing
• simple-port-checker: Comprehensive network security validation tool for detecting firewall configurations and Layer 7 protection services (WAF, CDN)
• simple-exploit: AI-powered penetration testing framework demonstrating the intersection of modern AI/ML with ethical security testing
• simple-waf-scanner: Advanced WAF detection and authorized security testing toolkit built in Rust for performance and reliability

Through these projects and active participation in technology communities, I share battle-tested approaches, collaborate with security professionals worldwide, and contribute to raising the bar for infrastructure security and automation practices.

Project	Description	Tech Stack
simple-port-checker	A comprehensive Python tool for checking firewall ports and detecting L7 protection services (WAF, CDN, etc.)
ansible-inspec	A compliance and infrastructure testing tool that combines the power of Ansible's automation capabilities with InSpec's compliance and security testing framework
simple-exploit	AI-powered penetration testing framework with hot-reloadable plugins, intelligent WAF bypass, and GitHub Copilot SDK integration
simple-waf-scanner	A powerful Web Application Firewall (WAF) detection and bypass testing tool written in Rust for authorized security testing

I'm always eager to connect with fellow technology practitioners, share experiences, and explore collaborative opportunities. Whether you're looking to discuss industry trends, seek guidance on specific technical challenges, or explore potential partnerships, feel free to reach out.