Michael
Mendy
Building secure, scalable CI/CD and cloud infrastructure to enable great teams to ship fast with confidence. Kubernetes, Terraform, gated promos, canaries, and instant rollbacks.
Michael Mendy
Software Engineer, CI/CD & Infrastructure, NIST DoD RMF
Enterprise Impact
Trusted by leading
organizations
From Ivy League research institutions to Fortune 500 defense contractors, my infrastructure and DevOps work has supported mission-critical systems across industries.
View experience ->I've worked with
I've contributed to
About
I build systems that scale, solve complex problems, and make an impact.
With over a decade of experience in software engineering, I specialize in building scalable systems that power some of the pillars of the internet. My work spans from low-level systems programming to high-level architecture design, encompassing distributed systems, developer tools, and infrastructure.
I've spoken at conferences worldwide about performance optimization, distributed systems, and developer experience. When I'm not coding, you'll find me contributing to open source, writing technical articles, or mentoring the next generation of engineers.
ORCID: 0009-0001-9990-4788Testimonials
What people say
“Michael is super talented and a great asset to any team. His knowledge of business and the tech behind the business is unique and invaluable.”
Kyle Wheeler
GM @ Lens
“Silicon Valley Boy Genius and Bad Boy!”
Patrick Steadman
Platform Engineer @ Sotheby's
“Michael is truly gifted at anything you give him.”
Garrett Loh
Founder of CRS
“Michael is a true subject matter expert. He is my first call for all things tech development. This is the cream of the crop of software engineers.”
David Asser
Private Consultant
“A reliable, knowledgeable problem-solver with calm confidence — Michael has the answer to every coding conundrum. His patience and ability to communicate galvanise any team. A visionary who uses his skills to support businesses, communities, and the disadvantaged with equal pleasure.”
Karl Dickinson
Project Manager
“Michael is a DevOps talent with broad knowledge across technologies and stacks. His ability to turn theory into working config is "master at work" level. At Travis, when he came to PMs with an idea, a proof-of-concept always followed. A gem for any tech company — I see a future CTO in him.”
Luka Oniani
Cybersecurity, Healthcare
code commits and merges to Lockheed Martin since 2023
Breaking the impossible
Systems you can trust
Over a decade building production CI/CD pipelines, managing Perforce at enterprise scale for clients like MIT, Harvard, Google, and Lockheed Martin, with infrastructure designed for 99.9% uptime.
VIEW WORK EXPERIENCEImpact you can prove
7 published research papers, 6+ conference keynotes at events like IBM Z Day, Droidcon, and Arm DevSummit, plus a US Patent for Access Point Hopping technology. Real, measurable contributions to the field.
READ RESEARCH PAPERSDefense Sector
Enterprise-grade
pipeline velocity
Building CI/CD infrastructure for defense and enterprise clients requires zero-downtime deployments, strict compliance frameworks, and systems that scale under extreme conditions. Track record of reducing incidents while accelerating delivery.
VIEW DEFENSE WORK ->How I Work
End-to-end pipeline architecture
I Read the Code
AI accelerates me when I understand what I'm building — it doesn't replace that understanding. Before I prompt, I read the code. I trace bugs, reason about architecture, and interpret diffs. That's what lets me use AI effectively instead of just hoping the output is right. My literacy is my leverage.
VIEW CI/CD EXPERIENCEAI flagged validate_nist_controls — engineer confirmed intent before accepting suggestion.
I Prompt with Precision
Vague prompts produce vague code. Because I've read the codebase, I write prompts that include types, constraints, edge cases, and intent — the same mental model I'd need to write it myself. I use AI as a force multiplier because I already know what correct looks like before I accept a single line.
READ RESEARCH PAPERSI Own the Output
AI-generated code ships under my name. I review every diff, catch the subtle off-by-one, and flag the security anti-pattern before it reaches production. I'm the one who understands the system, so I'm the one who catches what the model misses. Ownership isn't optional — it's how I work.
VIEW PROJECTSAlign with NIST & DoD Controls
Map infrastructure, repositories, and deployment pipelines to NIST 800-53 and DoD compliance frameworks. Establish measurable control coverage and risk baselines.
Automate Compliance in CI/CD
Embed policy checks, security scans, SBOM generation, and artifact signing directly into pipelines. Enforce controls before deployment — not after.
Augment with AI Oversight
Use AI to monitor configuration drift, detect anomalous behavior, and auto-generate compliance evidence. Maintain continuous ATO readiness.
Strategy
Scaling AI Defense
Measurable outcomes from applying modern ML infrastructure, DevOps discipline, and systems engineering to defense-grade AI programs.
Mission Architecture
NIST 800-53 Control Mapping
DevSecOps CI/CD Enforcement Layer
AI-Powered Continuous Monitoring
Philosophy
The AI productivity paradox
I use AI every day. I also know exactly where it breaks.
Core Capabilities
Zero fail operations
Pipelines that ship 10,000+ builds daily
From Perforce branching strategies to Kubernetes orchestration, I design CI/CD systems built to scale. Deep expertise across Jenkins, GitHub Actions, Argo CD, and custom tooling engineered for defense and enterprise environments.
View CI/CD ExperienceZero-failure infrastructure for classified networks
Architecting systems for Lockheed Martin, MIT, and Government Programs where downtime is not an option. NIST 800-53, STIG compliance, and FedRAMP authority-to-operate built from the ground up.
View Defense Projects7 published papers bridging AI and production systems
Holding a US patent and authoring research on AI integration in enterprise DevOps. Machine learning applied to infrastructure optimization, anomaly detection, and automated compliance — with guardrails that prevent hallucinations from reaching production.
Read Research PapersThe AI Delivery Gap
Where AI-assisted delivery breaks down
Speed is only an advantage when the systems behind it are built to hold.
Where things break
How I navigate AI friction
Velocity without validation compounds risk
When AI produces code faster than it can be verified, your pipeline becomes the chokepoint. The wider the gap between generation and confidence, the more unreviewed debt quietly accumulates behind every merge.
View Pipeline ArchitectureDrift and hallucinations reach production undetected
AI assistants lose context across large codebases, introducing subtle errors that syntax checks never catch. I build review gates that validate logic, intent, and compliance so every commit that ships is one you can stand behind.
See How I Prevent FailuresRunaway automation inflates cost and erodes teams
Unpredictable AI outputs drive up compute overhead and create failure surfaces no one planned for. The engineers who scale AI successfully are the ones who draw a clear line between what to automate and what needs a human in the loop.
Read the ResearchExperience
Work Experience
Travis CI
2019 - Current
Software Engineer
San Francisco, CA
Leading the development of CI/CD infrastructure that powers thousands of builds daily. Architecting features that enable developers to customize build pipelines with unprecedented flexibility. Managing global server deployments across multiple regions, ensuring 99.9% uptime for enterprise clients.
LASOR
2018 - 2018
Software Engineer
Los Angeles, CA
Python and Django developer at LASOR, an agile research organization. Contributed to studies on the progression of Non-Alcoholic Fatty Liver Disease (NAFLD), leveraging analytics to advance the mission.
Cheekd
2016 - 2018
Lead Software Engineer
New York, NY
Led a team of 3 engineers building innovative mobile networking technology. Architected 'Access Point Hopping,' a groundbreaking feature that earned a US Patent. Built scalable backend systems with React Native and Django.
FC Flamingo
2015 - 2016
Software Engineer
Santa Monica, CA
Built full-stack web applications for major brand clients using Ruby on Rails. Focused on DevOps practices, implementing automated deployment pipelines and infrastructure as code.
Path
2012 - 2015
Software Engineer
San Francisco, CA
Designed and implemented server-side APIs for Path's mobile and web applications, serving millions of users. Built scalable backend services with Python.
Keynotes & Conferences
I've had the privilege of sharing knowledge with thousands of developers worldwide. My talks focus on practical insights from building and scaling CI/CD systems, managing enterprise infrastructure, and implementing DevOps best practices.
View All TalksFeatured Conferences
Talks
Talks I've Done
[8 records]Speaking engagements and technical presentations on CI/CD, DevOps, and software engineering.
Running Travis CI on Arm
The Value of Replicated
IBM Z Day
Research
Authored Papers
9 research papers spanning data engineering, security, networking, CI/CD, and machine learning.
Browser Extensions
Google Search to X: Designing, Debugging, and Hardening a Browser Extension for Automated Social Media Cross-Posting via Undocumented APIs
2026
Data Engineering
HaloArchives: Preserving Halo Series Statistics at Scale
2026
Machine Learning
AI Assisted Route Prediction (From Local Police to the FBI)
2025
Security
Countering IMSI-catchers and Forensic Probes whilst helping agencies like FBI with Rigmaiden
2025
Networking
Spotify Streaming, Packets, What Moves on the Wire
2025
Networking
TCP's Evolution: From Secure Networks to Gaming Exploits in Halo 2
2024
Compression
Run-Length Encoding: Implementation and Analysis
2024
DevOps
Advanced CI/CD Pipeline Architecture
2024
AI / DevOps
LLM Hallucinations and Docker: Containerization Challenges
2024
Expertise
Perforce Expertise
Deep expertise in enterprise version control, managing large-scale codebases and binary assets at the frontier of development workflows.
Terracotta
I've created custom software called Terracotta that makes Git repositories Perforce compatible, bridging the gap between modern distributed version control and enterprise-scale centralized systems.
Version Control Architecture
Designing and implementing scalable Perforce depot structures for large-scale enterprise projects.
Branching Strategies
Stream-based workflows, mainline development, and complex merge operations at scale.
Performance Optimization
Optimizing Perforce server performance, replication, and handling massive binary assets.
Security & Access Control
Robust security policies, protections tables, and fine-grained permission systems.
RBAC Implementation
Role-Based Access Control design and deployment across group hierarchies at scale.
CI/CD Integration
Seamless integration of Perforce with modern CI/CD pipelines and deployment workflows.
Team Collaboration
Efficient team workflows, code reviews, and collaboration across distributed teams.
Defense & Classified Systems
Deployed Perforce for mission-critical defense programs at Lockheed Martin and Northrop Grumman, supporting classified codebases with strict compliance, air-gapped environments, and audit-ready access controls.
Technical Expertise
“Building CI/CD pipelines that deploy 10,000+ builds daily across enterprise infrastructure at organizations like MIT, Harvard, and Lockheed Martin.”
Projects
Featured Projects
Transformative projects that have impacted millions of users and shaped the way teams build software.
Cheekd
2016-2018
Access Point Hopping
Pioneered an innovative networking technology that revolutionized how mobile devices connect in crowded environments. This patent-pending system intelligently manages wireless access points to maintain optimal connectivity. Granted a US Patent.
Travis CI
2019-Current
Travis CI On-Prem
Architected and built critical features for one of the world's leading continuous integration platforms, serving thousands of organizations globally. Implemented advanced caching strategies, parallel execution systems, and intelligent resource allocation.
Multiple Clients
2012-Current
Version Control Systems
Implemented and managed Perforce version control systems for institutions including Stanford, MIT, Harvard, Google, Lockheed Martin, and Nike. Designed scalable architectures handling massive codebases with thousands of developers.
Northrop Grumman
2024
Jellyfish
Contributed to Jellyfish, Northrop Grumman's open-source Architecture-as-Code suite. Jellyfish brings the Infrastructure-as-Code paradigm to system architecture, letting engineers describe complex system designs in a domain-specific language and generate software projects, dependency graphs, and architectural quality reports from those models.
Lockheed Martin
2023-2024
Chaordic Ledger
Collaborated with Dr. Michael Marchini, PhD from Lockheed Martin on the Chaordic Ledger — a distributed system exploring the intersection of chaos theory and ordered data integrity for mission-critical defense applications.
Personal Project
2021-Current
HaloArchives
When Bungie permanently took their legacy Halo stats (for Halo 2, Halo 3, ODST, and Reach) offline on February 9, 2021, I was determined to get them back. So I built HaloArchives. Search and explore archived Halo statistics from Halo 2, Halo 3, Halo Reach, and Halo Infinite. Access over 70 million games, 5.3 million players and growing almost daily.
Personal Project
2025
SearchPsychic
A plugin I built to post anything I searched on Google to my personal X account.
Security Research
2025-Current
Rigmaiden
A secure system management tool for handling USB devices, network interfaces, and system resources. Can detect IMSI-catching activity and respond accordingly. Built for educational and law enforcement purposes.
Writing
Recent Blog Posts
How I'm Trying To Rebuild The Entire Halo Series Stat Archive, By Myself
How I'm Rebuilding Halo 2's Forgotten Statistics By Stitching Together Webs
How To Set Up MCP-Travis: Control Travis CI with Claude
Terracotta: Git to Perforce Seamlessly Bidirectionally
Contact
GitHub
I basically don't respond to outreach, I'm in a full-time role. The best thing to do is check out my GitHub. If you still choose to reach out, include a concise brief message with context.
github.com/montana ->