← Back to Portfolio

How I Work

A proven process refined over 25 years of delivering mission-critical systems — and hard-earned opinions about what actually goes wrong.

Discover

I don't start with code. I start with questions most contractors skip. What's the actual cost of this problem — not the estimated cost, the real cost? Where are the hidden dependencies nobody documented? What does your team dread touching and why?

I audit your infrastructure, review your CI/CD posture, stress-test your deployment assumptions, and sit with the pain points until I understand their root cause. This means reading your codebase, not just your ticket backlog. It means asking the questions that make people uncomfortable, because the real problem is rarely the stated problem.

I won't write a single line of code until I can tell you exactly what I'm building, why it solves the right thing, and what it will cost you if it's built wrong.

Reduced NOAA disaster recovery time by 65% — the fault was found in discovery, not deployment.

Architect

Every decision I make is filtered through one question: will your team be able to own this after I'm gone? That rules out unnecessary complexity, over-engineered abstractions, and rewrites proposed for the sake of it.

I design using DDD, CQRS, and Event Sourcing where they earn their weight — not as résumé features. I document architectural decisions as ADRs so future engineers understand not just what was built, but why. Clean interfaces, bounded contexts, clear separation of concerns. No magic. No black boxes.

If the existing architecture can be evolved rather than replaced, I'll tell you. My job is to give you a system your team can run confidently — not a dependency on me.

Delivered the Signa Sports United microservices translation hub — 40% reduction in manual localization effort.

Develop

Clean, typed, tested PHP. SOLID principles applied with judgment, not religion. I write code as if the developer maintaining it in two years is someone I respect — because they probably are.

TDD where the feedback loop justifies it. PHPUnit coverage that reflects real risk, not vanity metrics. Every integration point documented. Every edge case considered. I've shipped payment gateway integrations, PCI-compliant systems, and multi-region infrastructure. I know where the landmines are before I step on them.

I communicate blockers early and in plain language. If the scope shifts, I say so immediately. No surprises at the end of a sprint.

Patched 50+ vulnerabilities and restored compromised data for OIDA after a state-sponsored cyberattack.

Deploy

Zero-downtime deployments aren't a goal — they're a baseline. I build CI/CD pipelines with automated rollback, health checks baked into the release process, and monitoring in place before go-live, not after the first incident.

Handoff is part of the build, not an afterthought. I deliver runbooks, not just README files. Deployment procedures your on-call engineer can follow at 2am. Dashboards that surface the right signals. Alert thresholds calibrated to actual system behavior.

If your team hasn't touched the deployment pipeline by go-live, I haven't done my job.

Achieved 99.9% uptime across 12 NOAA Drupal subsites — zero unplanned downtime in the first 18 months post-launch.

Support

The system I build for you in month one should be easier to operate in month twelve, not harder. That means proactive monitoring, routine security patching, and performance tuning that prevents incidents rather than reacting to them.

I treat production systems with the same rigor after launch as during build. If a metric trends in the wrong direction, I flag it before it becomes a 3am alert. If a dependency falls out of maintenance, I surface the risk and a migration path — not a surprise upgrade invoice.

The measure of good long-term support is that you need less of it over time, not more.

Extended OIDA system lifespan by 3+ years through proactive hardening and dependency lifecycle management.