Skip to content
View richardmussell's full-sized avatar
0 followers · 17 following

Block or report richardmussell

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
richardmussell/README.md

IT Systems Administrator | Platform Operations

LinkedIn Portfolio Email

IT Systems Professional and BS in ITAM graduate. Specializing in the reliable administration of hybrid-cloud environments—from managing core Active Directory/Entra ID fabrics to engineering secure, automated system lifecycles via Terraform and Kubernetes.

🪅 The Mastery Stack

Category Technologies
Cloud & Orchestration Terraform (IaC), Kubernetes (k8s), Pulumi, Docker, GitHub Actions, GCP/AWS
Systems & Admin Linux (RHEL/Ubuntu), Windows Server 2022, Active Directory (GPO), Hardening
Networking CCNA Foundation, TCP/IP, VLANs, Cisco IOS CLI, WireGuard VPN, DNS/DHCP
Automation & Identity Bash Scripting, PowerShell, Identity Lifecycle (IAM), RBAC, NIST Framework

🫎 Key Projects (Infrastructure & Platform Focus)

Hardened Cloud Landing Zone (IaC)

Deterministic GCP provisioning via Terraform modules. Implements GCS state-locking and NIST 800-53 compliant private-first networking to eliminate configuration drift.

Systems Lifecycle Automation Framework

An idempotent, POSIX-compliant Bash framework for automated user provisioning and CIS-standard system hardening. Designed to ensure a repeatable, secure system state across a fleet.

Multi-Tier Strategic Observability

Unified telemetry pipeline via Prometheus and the ELK Stack. Maps technical heuristics to operational SLO/SLI targets, focusing on actionable signals and noise reduction.

Zero-Trust Administrative Fabric

Identity-governed ZTNA architecture via WireGuard and AWS. Features Active Directory integrated access revocation and MSS clamping for cross-cloud packet stability.

⚔️ Engineering Methodology & Discipline

Centered on operational excellence, focusing on the core pillars of modern infrastructure:

  • Configuration Drift Prevention: Enforcing deterministic system state via declarative IaC and robust Group Policy (GPO) management.
  • Identity-First Security: Centering all infrastructure access around centralized Active Directory fabrics and least-privilege RBAC.
  • Operational Visibility: Prioritizing actionable telemetry and log enrichment over data noise to reduce MTTR and ensure uptime.

🔱 Roadmap to Mastery

Status Milestone Target
🏁 B.S. Information Technology Systems & Cybersecurity Focus (CWU 2024)
RHCSA (Red Hat) Linux Systems Administration Mastery
🕸 CKA (Kubernetes) Cloud-Native Infrastructure Orchestration

Pinned Loading

  1. fortress-configuration-engine fortress-configuration-engine Public

    Deterministic Infrastructure-as-Code (IaC) framework utilizing PowerShell and Vagrant/Libvirt to enforce hardened baselines, eliminate configuration drift, and automate NIST 800-53 compliance (CM-2…

    PowerShell

  2. adiig-identity-governance-og adiig-identity-governance-og Public

    deterministic Identity-as-Code (IaC) governance engine for hybrid-cloud environments. Enforces Tiered Administrative Models and NIST 800-53/63 compliance via PowerShell Core, Go-Task, and Pester.

    PowerShell

  3. SENTRY-ANALYTICS-ENGINE SENTRY-ANALYTICS-ENGINE Public

    Deterministic Capacity Forecasting & Performance Analytics Engine | NIST 800-53 PL-2 & AU-12 Compliance.

    PowerShell

  4. THE-FABRIC-CONTROLLER THE-FABRIC-CONTROLLER Public

    deterministic state-enforcement engine for global network fabric. Implements Network-as-Code (NaC) to automate Site-to-Site VPN and SD-WAN topologies across Azure, VMware, and FortiGate. Engineered…

    Python

  5. richclock-engine richclock-engine Public

    Deterministic orchestration engine for automated, risk-based vulnerability remediation (VRS) across Microsoft Intune-managed fleets. Implements Gated Canary-to-Production logic for High/Critical CVEs.

    Python