Brian Ji

Los Angeles, CA brianjimail@gmail.com

Brian is a data-driven, results-focused Site Reliability Engineer with 6+ years of experience implementing secure, scalable software architectures on AWS. Brian has led engineering projects in the highly-regulated healthcare industry (SOC 2, HIPAA) using modern DevOps best practices, with a focus on data security. He excels in cross-functional collaboration with product and business leaders to deliver iterative, high-impact results.

Brian also holds 6 AWS certifications including the AWS Security Specialty as well as both Professional-level certs (Solutions Architect, DevOps Professional).

Experience

Staff Site Reliability Engineer (SRE)

Reclaim - Los Angeles, CA (Remote)

• Led backend architecture and secure implmentation of B2B SAML SSO with partners using Cognito and one-time-passcode authentication using Cognito Custom Auth Lambda Triggers.

• Led proactive load-testing of our APIs to identify bottlenecks at scale, and refactored problematic code and fine-tuned scaling configurations to ensure our APIs remain highly performant while serving millions of user and partner requests per day.

Senior DevOps Engineer [July 2023 - January 2025]

• Implemented expanded Cloudwatch metrics, alarms, and dashboards alongside automated integration tests. Implemented PagerDuty and on-call rotation to enable real-time alerting on service degradation.

• Implemented CI/CD pipeline optimizations resulting in 50% reduction in build/deploy times, and deployed additional pipelines eliminating the need for any manual deployment procedures.

• Analyzed AWS resources to identify high cost areas. Refactored inefficient architectures, cleaned up orphaned resources, and optimized sizing and scaling using expected peak load metrics resulting in more than $50k/yr recurring savings with no user impact.

July 2023 - Present

Senior DevOps Engineer

Caraway - Los Angeles, CA (Remote)

• Responsible for leading most infrastructure, security, and CI/CD initiatives for a ~25 employee healthtech startup. Owned AWS architecture that leveraged Kubernetes (EKS), CloudFront, S3.

• Led mobile-app automated deployment pipeline implementation using Fastlane and Github Actions eliminating manual builds/deployments and 50% reduced build/deploy speed to Apple/Android app stores.

• Led a successful SOC 2 audit and advised leadership on information security (IT and cloud/platform). Also led implementation of company-wide SSO, MFA, MDM, and EDR to protect customer PII and PHI.

• Managed one direct report and assisted in technology leadership, strategy, and roadmap initiatives.

June 2022 - July 2023

DevOps Consultant/Engineer

Triumph Tech - Seattle, WA (Remote)

• Led the discovery, design, migration, and implementation of a telehealth startup's React/Node web application across greenfield AWS accounts (migrated from Digital Ocean) using entirely AWS-native services. Maintained DevOps best-practices and SOC 2 security requirements, with the entire engagement including production cutover/validation completed in 6 weeks.

• AWS Architecture components include:

Frontend: S3, CloudFront, ACM, Web Application Firewall
Backend: Elastic Load Balancer, EC2, RDS (Postgres), Elasticache (Redis), Web Application Firewall, VPC Peering, SSM Parameter Store
DevOps and CI/CD: CloudFormation, CodeBuild, CodeDeploy, CodePipeline, GitHub
Security and Observability: Control Tower, GuardDuty, Inspector, WAF, SNS, SSO, CloudWatch Logs, EventBridge, and more

• Led implementation of Thinkbox Deadline 2D/3D render farms on AWS deployed using CDK leveraging EC2 spot instances.

February 2022 - Present

DevOps Consultant/Engineer

Stelligent - Seattle, WA (Remote)

• Implemented features for an enterprise healthcare software client enabling developer self-service IAM in AWS using permissions boundaries, and automated AWS multi-account networking using cross-account Lambda functions with boto3 SDK API calls.

• Languages/technologies utilized: CloudFormation, CodePipeline, Python (boto3, Troposphere), and Service Catalog

June 2021 - February 2022

Consultant, Software Solutions

Slalom - Seattle, WA

• Advised a public biotechnology and life sciences client on best-practices IAM security including deploying Azure AD MFA with Conditional Access and Identity Protection Policies for 2000+ employees, while ensuring healthcare security standards (GxP) are met.

• Eliminated $200k/yr of recurring licensing spend using PowerShell and Azure Automation to automatically identify and remediate insecure, dormant, and occasionally privileged IAM accounts.

September 2019 - April 2021

Consultant, Cloud and Infrastructure

West Monroe - Seattle, WA

• Led multiple cloud modernization initiatives for a financial investment firm leveraging Azure Automation (PaaS) and implemented cloud-native enterprise security and compliance products using Office 365 and Azure AD.

• Contributed to an enterprise data architecture assessment for a client preparing for IPO. Collaborated with a team of consultants to perform discovery meetings with client Directors and Executives and drafted an assessment/recommendation.

August 2018 - September 2019

Information Technology Specialist

Champion Power Equipment - Santa Fe Springs, CA

• Managed IT systems infrastructure supporting 90 employees across five locations in the US. Led multiple internal projects including PowerShell IAM automation, Exchange Online migration, and implementing SIEM dashboards.

July 2017 - May 2018

Projects

[2020-2025] This website - Serverless (S3/CloudFront/ACM), CI/CD via AWS CodePipeline/Lambda/SNS, and IaC using Terraform.

[2019 - 2020] Serverless Tesla Telemetry Dashboard using AWS

• Automated, Cost-optimized, secure, and serverless frontend and backend AWS architecture using: CodePipeline, Lambda, S3, DynamoDB, Route53, Cognito, EventBridge, SNS

• Web application displays vehicle telemetry data (charge and odometer) using Chart.js

• Links: AWS Architecture Diagram, Location Heatmap (AWS Glue, Athena, QuickSight)

Skills

Technologies & Platforms

Amazon Web Services (AWS) - Security, DevOps, Architecture: IAM, CloudFormation, CDK, CodeBuild/Deploy/Pipeline, EC2, ECS, ELB, Lambda, S3, CloudFront, ACM, DynamoDB, RDS, Elasticache, Route53, CloudWatch, EventBridge, SNS, Inspector, GuardDuty, Config, Control Tower
Microsoft Azure: Azure AD, Azure IaaS, Azure Blob Storage, Azure Log Analytics, Azure Automation (PaaS)

Skills

Cloud Security: Multi-account AWS Security, IAM Security, VPC/Network Security, Data Security, Application Security, Mobile Device Management (Microsoft Intune), Office 365 Security and Compliance
Scripting and Automation: Terraform, CloudFormation, CDK, Python, Bash
Identity and Access Management (IAM): AWS IAM, Azure AD, MFA Implementation (Conditional Access), RBAC/ABAC Automation, IAM Analytics and Reporting
Cloud Strategy: Cloud Migrations, Cost Optimization, Observability
Agile Development & Scrum: Jira, Confluence, Notion

Certifications

AWS Certified Solutions Architect - Professional (Oct 2020 - Oct 2023)
AWS Certified DevOps Engineer - Professional (Jan 2021 - Jan 2024)
AWS Certified Security - Specialty (Sept 2021 - Sept 2024)
AWS Certified Solutions Architect - Associate (Jul 2019 - Jul 2022)
AWS Certified Developer - Associate (Oct 2019 - Oct 2022)
AWS Certified SysOps Administrator - Associate (Aug 2020 - Aug 2023)
Microsoft Certified Azure Administrator - Associate (Mar 2019 - Mar 2021)

Education

University of Southern California (USC)

Bachelor of Science

Major: Electrical Engineering

Interests

I enjoy most of my time outdoors - you can find me playing beach volleyball at Manhattan Beach on most summer days, or taking trips to new outdoors destinations and National Parks.

When indoors, I enjoy espresso, reading, cooking, and working on/reading about cars.

I enjoy conversations about technology, cars, travel, investing, books, psychology, and philosophy.