I design, ship, and secure production LLM systems — agentic AI, retrieval, and the guardrails that make it safe — backed by 11+ years running IT infrastructure at scale.
I build production AI — and I secure it. Most people shipping LLM apps stop at "it works." I take an agentic system from concept to org-wide deployment and harden it against real attacks, because software that reasons and takes actions is an attack surface, not a demo.
Most recently I designed, built, and shipped Al3x — an agentic AI platform serving 2,000+ users across 65+ sites, solo, from first commit to production in about four months. It runs a retrieval layer I built from primitives, orchestrates 17 least-privilege tools, and is hardened to the OWASP Top 10 for LLM Applications with an internal red-team behind it.
Underneath the AI sits eleven years of the unglamorous stuff that makes it real: multi-cloud infrastructure, network architecture across 150+ sites, HIPAA-regulated environments, and IT operations for organizations with thousands of employees. I've learned what actually works versus what just sounds good in a slide deck — and I want to build AI at that intersection next.
An agentic AI support platform — designed, built, secured, and operated solo, concept to org-wide rollout in ~4 months.
Al3x is a Gemini-powered agent that resolves IT issues, retrieves answers from a knowledge base, and takes real actions — creating tickets, provisioning access, running employee onboarding — all through natural conversation, in English and Spanish. I owned the whole stack: the agent, the retrieval layer, the security model, the reliability engineering, the cloud infrastructure, and the deployment governance.
Because Al3x takes real actions, I treated it as an attack surface from day one. I mapped it to the OWASP Top 10 for LLM Applications (10/10 addressed) and ran an internal red-team, remediating 16 findings — prompt injection, impersonation, cross-user data access. I closed the whole IDOR/spoofing class with a server-side identity-binding primitive the model cannot override, then layered on runtime abuse detection and OIDC request verification.
Eleven years from IT operations to production AI. Common thread: take messy, reactive systems and turn them into documented, proactive, and — lately — intelligent ones.
From the AI and security stack I build with today to the infrastructure foundation underneath it.
If you're hiring an AI engineer or solutions architect who ships production LLM systems and secures them — and who's spent eleven years learning how real infrastructure behaves — let's talk.
daniel_lewis11@outlook.com