Md Samad
Cloud Security & AI Infrastructure Engineer - 4 years building enterprise auth at Vanguard scale, now shipping agentic systems
Professional Journey
- Supported graduate students through complex cloud architecture assignments covering AWS, Kubernetes, and distributed systems - answering technical questions during office hours and online
- Graded assignments and provided detailed feedback on cloud infrastructure design, IaC, and system architecture decisions; bridged theory and industry practice drawing on hands-on Vanguard experience
- Launched the new AWS auth platform to 500,000 daily logons across 50M+ Vanguard investors at 99.999% availability; onboarded 10 platform teams and mentored 20 engineers on the microservices architecture, Auth0 integration, and deployment workflows
- Reduced p99 authentication latency by 10ms by instrumenting distributed monitoring across 10 microservices using Grafana and Splunk, cutting incident detection time by 45%
- Optimized Envoy service mesh and Kong API Gateway integration across microservices architecture, increasing request throughput by 50%
- Reduced AWS security incidents by 40% by rolling out Auth0 MFA + RBAC and OPA policy-as-code (Rego) for dynamic policy evaluation across distributed microservices
- Designed fine-grained IAM roles, policies, and permission boundaries across multi-account AWS environments, enforcing least-privilege access at scale
- Served in a 7-day on-call rotation every 6 weeks for the production auth platform; diagnosed and resolved live incidents across platform teams on critical auth paths
- Prototyped a real-time AI video assistant POC by integrating a HuggingFace Llama model into LLM pipelines, collaborating with a cross-functional team of 10+ engineers on conversational financial education modules
- Led POC-to-production migration of on-premises monolithic login to AWS microservices; integrated Auth0 SDK for identity, Kong as API gateway, Nginx for routing, and OPA + Envoy sidecar for policy enforcement - laying the foundation for org-wide platform adoption
- Implemented OIDC-based authentication flows and distributed session management across microservices, solving cross-service session consistency challenges from decomposing the monolith
- Built Bamboo CI/CD pipelines with canary and blue/green deployment strategies - automated repo builds into Docker images and deployments to AWS
- Built a local Docker-based testing platform with an automated PyTest and Selenium framework, replacing a 45-minute pipeline build cycle with a 5-minute local test loop and raising test coverage by 60%
- Configured and optimized Envoy proxy, achieving a 30% improvement in request processing times across internal service mesh
- Spearheaded enterprise SSO integration using Okta, Auth0, SAML 2.0 and OAuth 2.0 across internal applications; designed and shipped user-facing JavaScript interfaces
- Optimized CI/CD pipelines using Jenkins shared libraries - achieved 90% reduction in redundancy through shared pipeline configuration across teams
- Implemented Docker containerization and Kubernetes orchestration, enhancing scalability and fault tolerance across services
- Automated operational tasks with PowerShell and Bash, cutting task completion time by 30%
- Reduced CI/CD security risk by implementing RBAC and secure secrets protocols informed by pipeline vulnerability assessments
- Delivered Python scoring model API (Flask, NumPy) with 80% SonarQube coverage through PyTest-driven development
- Optimized thread management and asynchronous processing, raising concurrent-request capacity by 75%
- Implemented automated testing within Jenkins CI/CD pipelines, reducing non-production bugs
Featured Projects
Tells you in plain English what's wrong with your AWS account and exactly how to fix it - no security expertise needed. Powered by Claude with agentic ReAct reasoning: looks up the real CVE, pulls the relevant AWS doc, and maps each finding to the compliance standard it violates (CIS, PCI DSS, SOC 2, NIST 800-53, ISO 27001). Every answer is backed by actual references, not guesses.
DAG-aware orchestrator pre-warms KV caches between agent calls, reducing pipeline TTFT from 104s to 36s - a 2.6x speedup saving ~68 GPU-seconds per pipeline. Integrated Snowflake for live telemetry and Cortex AI for auto-generated run summaries.
Fully event-driven bioinformatics pipeline on AWS - Flask frontend with signed S3 uploads, SQS/SNS workers, Lambda for Glacier hydration, Step Functions for archival, Stripe billing, Globus Auth. Entire stack provisioned via a single CloudFormation template.
Personal data command center: multi-user Google OAuth discovers every account tied to your Gmail, cross-references breach data against LeakCheck/HIBP, flags forgotten "zombie" accounts, and uses AI agents to draft CCPA/GDPR/DPDP deletion letters - gated behind explicit Active Consent.
Recon tool aggregating subdomain enumeration from HackerTarget, crt.sh, and RapidDNS. Probes for hidden API docs, mines HTML for sensitive comments. Critical/High/Medium/Low risk scoring with screenshot evidence gallery and trend analysis.
Serverless FaaS platform built from scratch - FastAPI REST server, Redis-backed task queue, and a dispatcher with three worker modes (local multiprocessing, ZMQ REQ/REP pull, ZMQ DEALER/ROUTER push). Push mode peaks at 248 tasks/sec; local mode achieves near-ideal parallel throughput at 8 workers. 72 tests with mocked Redis and ZMQ.
Skills
Key Achievements
University of Chicago
Amazon Web Services
BS Computer Science
50M+ investors in production
Education
Supporting students through AWS, Kubernetes, and distributed systems coursework. Grading assignments and providing structured feedback on cloud infrastructure design.
Certifications & Awards
Invited based on academic aptitude and leadership potential. Engaged in building school connections, leadership development, and service opportunities.
Volunteered at campus events hosting 100+ undergraduate students. Coordinated with 20+ team members during weekly meetups to organize executive events each semester.
Let's Connect
Open to Cloud Engineering, DevOps, and Software Engineering roles. MS Computer Science from UChicago with 4+ years of industry experience building production-scale cloud infrastructure.