Principal Architect & Advisor with 10+ years of leadership at the intersection of high-velocity cloud platforms, automated security, and data ecosystems. I translate complex technical innovation — GenAI, AIOps, agentic systems, and LLMOps — into resilient corporate infrastructure that drives business growth while maintaining strict enterprise governance.
My career is defined by spearheading organization-wide transformations, establishing global engineering standards, and acting as a technical force multiplier — bridging executive leadership and engineering teams to balance innovation with regulatory compliance.
As an active open-source author, I build tools that automate compliance, streamline platform delivery, and securely integrate AI with enterprise infrastructure.
|
|
|
|
Production-grade tools at the intersection of AI, security, and platform engineering — designed to be deployed inside real enterprises.
| Project | Description | Stack |
|---|---|---|
| simple-ai-agent | Production-ready multi-channel AI agent — AIOps, Kubernetes management, security scanning, human-in-the-loop remediation. Built on FastAPI, GitHub Models, and MCP. | Python · FastAPI · MCP |
| simple-cicd-translator | Agentic service translating CI/CD pipelines between Jenkins, GitLab CI, and GitHub Actions via pluggable LLMs (Gemini, OpenAI, Azure OpenAI, GitHub Models, Anthropic, Ollama). | Python · Multi-LLM |
| simple-exploit | AI-powered pentest framework with hot-reloadable plugins, intelligent WAF bypass, and dual AI engines — GitHub Models (GPT-4o/5) and Ollama (Gemma/Llama 3, offline). | Go · Ollama |
| ansible-inspec | Combines Ansible automation with Chef InSpec for continuous compliance and security validation. | Python |
| simple-waf-scanner | High-performance WAF detection and authorized security testing toolkit, written in Rust. | Rust |
| simple-service-bus | Decentralized ESB with multi-protocol support (HTTP, gRPC, AMQP, MQTT, Kafka, WebSocket, GraphQL) — useful infrastructure for agent-to-agent messaging. | Go · TypeScript |
| simple-faceid | Face recognition and identification system with advanced computer vision capabilities for secure authentication. | Python · OpenCV |
| simple-port-checker | Python tool for firewall port checking and L7 protection detection (WAF, CDN). | Python |
| ml-training | Machine learning from the ground up — mathematics first, code second. NumPy · scikit-learn · Apple Silicon (ARM64 native). | Jupyter · NumPy |
- DevSecOps at scale — Authored automated supply-chain security (SBOM, SAST/DAST) across enterprise SDLCs, delivering 60%+ reduction in MTTR.
- Multi-cloud strategy — Defined vendor-agnostic AWS + Azure architectures preventing lock-in while optimizing large-scale cloud spend.
- Platform engineering — Built and scaled Internal Developer Platforms enabling self-service infrastructure, reducing deployment time by ~70% while maintaining security & compliance.
- GenAI productionization — Translated AI research into governed enterprise systems with LLMOps, observability, and model risk management.
- OSS authorship — Published production-grade tooling in Python, Go, and Rust spanning AI agents, compliance, and security testing.
|
AI · GenAI · Agentic
ML · Data
Languages & Frameworks
|
Cloud & Platform
DevSecOps & Observability
Security & Compliance
|
I publish hands-on, production-tested writing at blog.htunnthuthu.com — Tech With Htunn:
- GenAI & agentic systems — beyond demos to enterprise-ready architectures
- LLMOps & AI security — prompt injection, data leakage, OWASP LLM Top 10
- Platform engineering & SRE — IDPs, golden paths, paved roads
- DevSecOps & multi-cloud — security as code, not afterthought
Open to conversations on enterprise GenAI strategy, agentic platform architecture, LLMOps & AI security, IDPs, and multi-cloud transformation — and to OSS collaborations at the AI × platform × security boundary.
Translating frontier AI into governed, enterprise-grade platforms — secure, observable, and built to scale.