What I Do
I help engineering teams build infrastructure that scales without burning money or burning out. I'm currently open to full-time Staff and Principal infrastructure roles — here's the kind of work I've done and the problems I solve.
AWS Platform Architecture
Design and implement multi-account AWS organizations from scratch. Control Tower, Account Factory for Terraform, SCPs, guardrails — the full landing zone.
- Self-service account vending via merge requests
- Blast-radius isolation between teams and environments
- Compliance guardrails that prevent misconfigurations before they happen
AI-Integrated Infrastructure
Put AI to work inside your platform — automated diagnostics, agent-driven ops, and LLM features that run safely in production behind scoped, read-only access.
- AI tooling with read-only AWS access — 75% faster root-cause during production incidents
- Autonomous agent systems for routine ops and platform tasks
- Guardrailed access so AI can read and recommend without ever touching prod
Terraform Module Strategy
Transform monolithic Terraform into a composable module ecosystem your whole team can contribute to.
- 60% reduction in plan times through module decomposition
- Standardized patterns that scale from 1 to 25+ engineers
- CI/CD guardrails (Checkov, tflint, automated validation)
CI/CD Pipeline Design
Build deployment pipelines that get code from commit to production safely and fast. GitHub Actions, GitLab CI, or whatever your team uses.
- Deployment cycles compressed from days to minutes
- OIDC-based keyless authentication (no stored secrets)
- Automated testing, scanning, and approval gates
Cloud Cost Optimization
Find the money you're wasting on AWS and put it back in your budget. Environment consolidation, right-sizing, managed service migration.
- $750K+ in cumulative savings delivered across multiple organizations
- Automated decommissioning of unused resources
- Ongoing cost governance and budget alerting
Zero-Downtime Migrations
Move databases, services, and whole platforms without taking the product down or losing data. Planned, reversible, and rehearsed before the real cutover.
- Fleet-wide database migration across 6 production environments in under 2 weeks, zero disruption
- Sub-10-minute multi-region failover engineered and tested
- Reversible cutover plans with rollback at every step
Infrastructure Audit
Comprehensive review of your AWS infrastructure, Terraform code, security posture, and operational practices. Delivered as a prioritized action plan.
- Security gaps identified and remediation plan delivered
- CIS hardening, Inspector scanning, and security-baseline review
- Architecture recommendations with cost-benefit analysis
Observability & Incident Response
Set up monitoring, alerting, and on-call practices so your team catches issues before customers do.
- Grafana/CloudWatch dashboards with actionable alerts
- PagerDuty integration with automated triage
- Runbooks and incident response playbooks
On-Prem & Air-Gapped Delivery
Ship the same platform where the cloud can't reach — on-premise and fully air-gapped environments, packaged as a turnkey appliance.
- Air-gapped on-premise appliance delivered as a turnkey product to enterprise clients
- Full production replica runnable on a single laptop — eliminated $1MM/year in cloud dev costs
- Reproducible, offline-capable builds for regulated and disconnected networks
Working Together
Full-Time Roles
My main focus. Staff or Principal Infrastructure / Platform Engineering roles where I can own the platform and the team that runs it.
Project & Productized Work
Need a specific build, a cloud audit, or an AI-built app taken to production? That runs through my studio.
aronov.ventures →Let's talk
Hiring for a Staff or Principal infrastructure role? I'd love to hear about it.
hello@mosesaronov.comLooking for project or productized work instead? aronov.ventures →