Alex Gomez

Alex Gomez

Cloud & Security Engineer

AWS · IAM & Endpoint Telemetry · Applied AI/ML

Resume View Projects Contact

About Me

I'm a cloud-leaning engineer with 3+ years building production IAM, endpoint telemetry, and secure automation across multi-site infrastructure. Currently IT Engineer II at Propelus, where I drive SOC 2 evidence collection, operate SentinelOne detection across a 305-endpoint fleet, and run an Okta + RBAC framework spanning ~300 users.

On the side I build full-stack apps in Python/Flask and TypeScript/Next.js on top of Postgres, and I'm finishing an MS in Applied AI & IoT at FIU — focused on the seam between security data, cloud services, and applied ML.

Technical Skills

Cloud & Security

AWS (EC2, S3, IAM, VPC, ECS) Azure Okta & RBAC SentinelOne Appgate SDP (ZTNA) Splunk Mosyle MDM Brivo

Languages

Python TypeScript JavaScript / Node.js Bash SQL C++ HTML/CSS

Data & Backend

PostgreSQL Supabase (RLS) SQLAlchemy Flask Next.js REST APIs Pandas MongoDB

AI / ML

scikit-learn TF-IDF + Cosine Similarity NLP Text Classification CNN BiLSTM Gemini API

DevOps

Docker GitHub Actions (CI/CD) Vercel Linux/Unix Git Jira / Agile

Security Practice

SOC 2 Evidence Threat Hunting Endpoint Posture SAML / SCIM Least Privilege Access Reviews

Featured Projects

Sancti | Next.js + Supabase App

Next.js Supabase TypeScript

A Next.js + TypeScript web app deployed on Vercel, with a sibling React Native / Expo mobile client sharing lib, prompt, and type layers on top of a Supabase Postgres data tier with versioned SQL migrations. Identity-aware data access is enforced through Row Level Security (auth.uid() = user_id) with split service-role vs. authenticated grants. Server-only secrets are kept out of mobile and browser bundles via strict EXPO_PUBLIC_* separation. A per-IP token-bucket rate limiter (8/min) shields Gemini-backed API routes, with Sentry + PostHog observability and a model-fallback path for 429s. Tests run on a mocked Gemini SDK.

Row Level Security Rate Limiting Sentry PostHog Expo Gemini API
Live Site View Code

IT Support-Ticket Triage Classifier

NLP Deep Learning Research

Built and benchmarked three NLP classifiers — TF-IDF + logistic regression, a 1D CNN, and a BiLSTM — for IT support-ticket routing over ~11,920 English tickets. Owned the full pipeline from data cleaning through model evaluation and documented results in an IEEE-format paper. Same supervised text-classification pattern that powers automated alert and event triage in production security tooling.

FIU CNT6150 PyTorch scikit-learn IEEE Paper
View Code

MangaMatcher | Full-Stack Web App

React Flask ML

Recommendation system that helps users discover manga through an interactive quiz and swipe-based interface. Built a TF-IDF + cosine similarity model from scratch in scikit-learn for personalized recommendations, and integrated the Google Gemini API so users can chat with AI personas of their favorite characters. Full stack: React frontend, Flask REST API, and SQLite for user preferences and inventory. Submitted to ShellHacks 2025.

TF-IDF Cosine Similarity Gemini API SQLite REST API
View Code Devpost

VoltGrid | EV Data Warehouse

Data Eng Docker

Designed a normalized PostgreSQL database and ETL pipeline in Pandas to ingest 30,000+ real-world charging sessions from Caltech. Tuned geospatial queries with PostGIS and B-tree indexes, cutting execution time ~60% for complex aggregations.

Python ETL PostGIS SQL Optimization
View Code

Experience

IT Engineer II

Propelus | Aug 2022 — Present

  • SOC 2 evidence collection: Drive evidence collection across IT Security — access reviews, logical access, change management, and encryption posture — ahead of audits and on continuous-monitoring cycles.
  • Detection & threat hunting: Operate SentinelOne as the day-to-day detection layer for a 305-endpoint fleet — triage alerts, run threat-hunting queries, isolate compromised hosts, and execute response workflows on real infrastructure.
  • Endpoint posture & compliance: Run posture and compliance in Mosyle MDM across ~500 managed devices; authored compliance profiles and automation scripts, enforced full-disk encryption, and produced audit-aligned device-posture reports.
  • IAM, ZTNA & access boundaries: Designed an Okta + RBAC framework across ~300 users and 100 groups, with SAML / SCIM integrations to downstream SaaS and least-privilege group-based isolation; configured Appgate SDP entitlements for ZTNA access.
  • Secure automation: Built Python and Bash automation for unattended provisioning, configuration enforcement, and bulk identity workflows — cutting manual operational work ~40% across multi-site infrastructure.
  • Access governance: Administer Brivo physical access control as a tenant admin — credential lifecycle (PIN, mobile pass, badge), access-group policy, and audit-trail review.

Education

M.S. in Applied AI & IoT

Florida International University

Expected Dec 2026

Coursework: Advanced Deep Learning (NLP text classification), Data Analytics, Power BI / data modeling.

B.S. in Internet of Things

Florida International University

Dec 2024

Certifications

GIAC Cloud Security Essentials (GCLD)

SANS Institute

AWS Certified Cloud Practitioner

Amazon Web Services

Azure Fundamentals (AZ-900)

Microsoft

Azure AI Fundamentals (AI-900)

Microsoft

Azure Data Fundamentals (DP-900)

Microsoft