About Brian Rogers
Engineer and DevSecOps leader who builds production agentic AI on AWS. Seattle, WA.
I design and ship agents on Amazon Bedrock AgentCore — including an internal LLM platform with a RAG memory store — that automate real operational work and run under SOC 2 and ISO 27001. Twenty-five years of building, securing, and scaling cloud infrastructure gives me the systems judgment to take agentic systems from prototype to reliable production.
I'm a polyglot engineer (Python, TypeScript, Go, C#/.NET), comfortable across the full stack — from model orchestration down to the infrastructure it runs on. Most of what I learn ends up on this blog, where I write about building agents, fine-tuning models, and automating my homelab.
I'm currently exploring new roles in agentic AI development. If you're building with LLMs and agents on AWS and want someone who can take them to production, get in touch.
What I'm working on
- Agents on Bedrock AgentCore — a suite of agents that automate cost review, flag anomalous spend, and track per-customer AWS costs and per-employee inference usage, backed by an internal LLM platform with a RAG memory store.
- AI-assisted DevSecOps — folding agentic automation into security and infrastructure workflows to cut manual toil and speed up response to findings.
- Homelab R&D — fine-tuning open-weight models, model orchestration, and self-healing automation, all documented in the archive.
Résumé
Director of DevSecOps · Rustici Software · Oct 2008 – Present
Technical skills
- AI / Agentic Systems: Amazon Bedrock, Bedrock AgentCore agent development, Retrieval-Augmented Generation (RAG), internal LLM platforms, LLM-assisted automation, tool/function calling, model orchestration; homelab fine-tuning of open-weight models.
- Cloud & Infrastructure: AWS (EC2, ECS, EKS, RDS, S3, VPC, IAM, Lambda, Step Functions, CloudWatch, Bedrock, AgentCore); Terraform, Docker, Ansible; container orchestration; infrastructure as code.
- Languages & Frameworks: Python, JavaScript / TypeScript, Vue 3, Go, C# / .NET, Bash; full-stack web development; REST and event-driven services.
- CI/CD & Automation: GitHub Actions, automated build/test/deploy pipelines, release management, progressive delivery, deployment observability.
- Security & Compliance: SOC 2, ISO 27001, secure SDLC, threat modeling, vulnerability management, secrets management, identity & access, incident response.
- AWS Cost & FinOps: budget ownership, cost attribution, waste reduction, usage analytics, per-customer and per-workload cost tracking.
- eLearning Standards: SCORM (1.2 / 2004), AICC, xAPI (Tin Can), cmi5 — design, implementation, and content authoring.
Experience
Director of DevSecOps · Rustici Software · Jun 2024 – Present
- Designed and shipped a suite of agents on Amazon Bedrock AgentCore that automate cost review, flag anomalous spend, and track per-customer AWS costs and per-employee Bedrock inference usage — backed by an internal LLM platform with a RAG memory store.
- Drive integration of AI-assisted and agentic automation into security and infrastructure workflows, reducing manual toil and accelerating response to security findings.
- Architected and built an internal hosting-management platform (Vue 3 + Python) that provisions, deploys, and lifecycles customer sites end to end — orchestrated by AWS Step Functions running containerized deployment workflows, with Salesforce integration keeping license data in sync.
- Lead a DevSecOps team managing AWS infrastructure, Terraform automation, and Docker containerization for SaaS platforms serving customers globally.
- Own the company's AWS budget and cost-savings program, and maintain SOC 2 and ISO 27001 compliance through continuous control testing and audit coordination.
DevSecOps Team Lead · Rustici Software · Jan 2023 – Jul 2024
- Promoted to lead a newly formed DevSecOps function; built the team charter, hiring plan, and roadmap to unify siloed security, infrastructure, and developer-enablement work.
- Hardened production AWS environments: expanded Terraform coverage, tightened IAM and network boundaries, centralized logging and alerting, and rolled out automated secret management. Introduced threat modeling, dependency scanning, and CI-based security checks as first-class parts of the pipeline.
- Coordinated SOC 2 and ISO 27001 audit cycles, translating auditor requirements into engineering-friendly controls and evidence workflows.
Senior Software Developer, DevSecOps · Rustici Software · prior to 2023
- Drove containerization and Terraform adoption that replaced hand-built servers with repeatable, version-controlled infrastructure.
- Built and owned CI/CD pipelines across multiple SaaS products, and led migrations of legacy services into AWS-native, containerized architectures.
Developer, Support, Integrations & Mobile · Rustici Software · Oct 2008 – earlier tenure
- Built and supported customer-facing SCORM and xAPI tools used by Fortune 500 enterprises, government agencies, and universities worldwide.
- Deep troubleshooting of the full eLearning runtime — spec compliance, content packaging, tracking, reporting — across hundreds of customer environments.
Earlier
- President · Nextwave Knowledge (May 2007 – Dec 2009) — founded and ran a software company focused on eLearning and knowledge-management systems.
- Founder & CTO · Evolve Learning (2004 – 2007) — designed and built a Learning Management System adopted by multiple customers.
- Senior e-Learning Consultant · HCA Healthcare (2000 – 2004) — delivered enterprise eLearning initiatives at one of the largest US healthcare systems.
Education
Middle Tennessee State University (MTSU) · 1992 – 1993